CN111988324A - Data communication method, system, equipment and storage medium - Google Patents
Data communication method, system, equipment and storage medium Download PDFInfo
- Publication number
- CN111988324A CN111988324A CN202010861045.3A CN202010861045A CN111988324A CN 111988324 A CN111988324 A CN 111988324A CN 202010861045 A CN202010861045 A CN 202010861045A CN 111988324 A CN111988324 A CN 111988324A
- Authority
- CN
- China
- Prior art keywords
- password
- cloud platform
- account
- terminal
- connection request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 238000004891 communication Methods 0.000 title claims abstract description 41
- 238000004590 computer program Methods 0.000 claims abstract description 16
- 238000012795 verification Methods 0.000 claims description 33
- 230000006870 function Effects 0.000 description 12
- 230000008901 benefit Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000008014 freezing Effects 0.000 description 3
- 238000007710 freezing Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 208000033748 Device issues Diseases 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/2871—Implementation details of single intermediate entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a data communication method, a system, a device and a storage medium, wherein the method comprises the following steps: receiving connection request information transmitted by a device terminal, wherein the connection request information comprises an account and a password corresponding to the device terminal, and the account and the password corresponding to the device terminal can be obtained from a cloud platform; sending the authentication request, the account and the password to a cloud platform, so that the cloud platform checks the received account and the password after receiving the authentication request to obtain a check result, wherein the check result is used for representing whether a message middleware accepts the connection request of the equipment terminal; the system comprises a device terminal and steps for executing a computer program to implement the method. By using the invention, the safety risk of equipment connection can be reduced, and the safety of a communication system is improved. The method, system, device and storage medium of the invention can be applied in the communication field.
Description
Technical Field
The present invention relates to communication technologies, and in particular, to a data communication method, system, device, and storage medium.
Background
For the traditional scheme of connecting a cloud platform to realize device communication based on the message middleware of the ActiveMQ, the ActiveMQ is connected by adopting a fixed user name and a password, then the device issues a message to the ActiveMQ, and the cloud platform acquires the message of the device in a subscription mode. However, the inventors have found in the course of their research that the above conventional communication scheme has at least one disadvantage: once the user name and the password are exposed, the equipment reporting information can be forged, which brings great risk to the information security of the cloud platform. Therefore, how to effectively solve the risk caused by the exposure of the fixed user name and the password is one of the problems that the technicians in the field are in urgent need to solve.
Disclosure of Invention
In view of the above, an object of the present invention is to provide a data communication method, system, device and storage medium, which can improve the communication security.
In a first aspect, an embodiment of the present application provides a data communication method, including the following steps:
receiving connection request information transmitted by a device terminal, wherein the connection request information comprises an account and a password corresponding to the device terminal, and the account and the password corresponding to the device terminal can be obtained from a cloud platform;
and sending the authentication request, the account and the password to a cloud platform, so that the cloud platform checks the received account and the password after receiving the authentication request to obtain a check result, wherein the check result is used for representing whether a message middleware accepts the connection request of the equipment terminal.
In one possible implementation manner, the step of sending the authentication request, the account and the password to the cloud platform includes:
and responding to the connection request information, triggering an authentication plug-in, and sending the authentication request, the account and the password to a cloud platform.
In one possible implementation manner, the step of verifying the received account and the password includes:
matching and judging the received account and the password with a pre-stored account and a password corresponding to the equipment terminal;
if the judgment result is matching, the verification result is successful;
and if the judgment result is not matched, indicating that the verification result is verification failure.
In one possible implementation manner, the method further includes the following steps:
and the terminal information of the connected equipment terminal is deleted by being called by the cloud platform.
In one possible implementation manner, the connection request information is connection request information obtained by encapsulating based on mqts protocol.
In a second aspect, an embodiment of the present application provides a data communication device, including:
a memory for a computer program;
a processor for executing the computer program to perform the steps of the method as described in the embodiments of the first aspect above.
In a third aspect, the present application provides a computer-readable storage medium, which stores a computer program, and the computer program, when executed by a processor, implements the steps of the method as described in the embodiments of the first aspect.
In a fourth aspect, an embodiment of the present application provides a data communication system, including:
the device terminal is used for sending the connection request information to the message middleware;
message middleware for executing a computer program for implementing the steps of the method as described in the embodiments of the first aspect above.
In one possible implementation manner, the device terminal is specifically configured to send the connection request information to the corresponding message middleware according to the IP address and the port number of the message middleware; and the IP address and the port number of the message middleware can be obtained from the cloud platform.
In one possible implementation manner, the system further comprises a cloud platform, and the cloud platform is in communication connection with the message middleware.
The solution of the above embodiment includes at least one of the following advantages: by using the method, the system, the device and the storage medium, in the process that the device terminal requests to connect the message middleware, after the message middleware receives the connection request information transmitted by the device terminal, the authentication request and the account and the password (the account and the password corresponding to the device terminal can be obtained from the cloud platform) contained in the connection request information are transmitted to the cloud platform, so that the cloud platform checks the received account and the password after receiving the authentication request to obtain a check result, and the check result is used for representing whether the message middleware accepts the connection request of the device terminal. Therefore, compared with the traditional mode that the equipment is connected with the message middleware, the message middleware can send the received account and the password corresponding to the equipment terminal to the cloud platform for verification, after the verification is passed, the message middleware only receives the connection request of the equipment terminal, otherwise, the message middleware does not receive the connection request of the equipment terminal, so that the safety risk of forging equipment reporting equipment information due to exposure of the fixed account and the password can be greatly reduced, and the communication safety is greatly improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments will be briefly described below. It should be noted that the drawings in the following description are only schematic illustrations of some embodiments of the present application, and that other drawings may be derived from these drawings by a person skilled in the art without inventive pulling.
Fig. 1 is a flowchart illustrating steps of a data communication method according to an embodiment of the present disclosure;
fig. 2 is a block diagram of a data communication device according to an embodiment of the present disclosure;
fig. 3 is a block diagram of a data communication system according to an embodiment of the present application;
fig. 4 is a first data communication interaction diagram of a data communication system according to an embodiment of the present application;
fig. 5 is a second data communication interaction diagram of a data communication system according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the present embodiments of the present application, preferred embodiments of which are illustrated in the accompanying drawings, wherein the purpose of the drawings is to supplement the description of the text portion of the specification with figures, so that the person can intuitively and visually understand each technical feature and the whole technical solution of the present invention, but it should not be construed as limiting the scope of the present invention.
In the description of the present invention, the meaning of a plurality of means is one or more, the meaning of a plurality of means is two or more, and larger, smaller, larger, etc. are understood as excluding the number, and larger, smaller, inner, etc. are understood as including the number. If the first and second are described for the purpose of distinguishing technical features, they are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.
In the description of the present invention, unless otherwise explicitly limited, terms such as arrangement, installation, connection and the like should be understood in a broad sense, and those skilled in the art can reasonably determine the specific meanings of the above terms in the present invention in combination with the specific contents of the technical solutions.
In the traditional scheme of connecting a cloud platform based on the message middleware of the ActiveMQ to realize device communication, a device terminal can successfully connect with the ActiveMQ by using a fixed user name (namely an account) and a password, then the device terminal can issue a message to the ActiveMQ, and the cloud platform can obtain the message of the device terminal in a subscription mode. Therefore, the device terminal can be successfully connected with the ActiveMQ by using the fixed account and the password, and finally the issued message is sent to the cloud platform, so that once the fixed account and the password are revealed, other illegal/non-compliant users can forge the device and report the device information through the revealed account and password, and great risk is brought to the information security of the cloud platform. Therefore, in order to solve the technical problem, the present application provides a data communication scheme to improve the security of the device connection communication.
Referring to fig. 1, the present embodiment provides a data communication method, which is mainly applied to message middleware and includes the following steps.
S101, receiving connection request information transmitted by the equipment terminal, wherein the connection request information comprises an account and a password corresponding to the equipment terminal, and the account and the password corresponding to the equipment terminal can be obtained from the cloud platform.
Specifically, in this embodiment, a legally compliant device terminal may first obtain a configured account and a configured password corresponding to the device terminal from a cloud platform, and then when the device terminal needs to be connected to a message middleware, the obtained account and password may be sent to the message middleware. For obtaining the configured account and password corresponding to the device terminal from the cloud platform, the obtaining mode may include 2 modes: 1. the device terminal can directly send an acquisition request to the cloud platform so that the cloud platform returns an account number and a password corresponding to the cloud platform to the device terminal; 2. after the working personnel set and store the equipment terminal and the account and the password corresponding to the equipment terminal on the cloud platform, the working personnel can acquire the account password through other additional modes, such as storing the account and the password on a mobile hard disk and manually guiding the account and the password into the equipment terminal, or directly informing a user of the equipment terminal of the account and the password so as to input the account and the password to the equipment terminal when connection is realized. The method for obtaining the account number and the password stored in the cloud platform and corresponding to the cloud platform by the device terminal is not limited herein.
S102, sending the authentication request, the account and the password to a cloud platform, so that the cloud platform checks the received account and the password after receiving the authentication request to obtain a check result, wherein the check result is used for representing whether a message middleware accepts the connection request of the equipment terminal.
Specifically, because the account and the password set by the conventional message middleware are fixed and do not have an authentication function, in order to improve the security of device connection, the message middleware in this embodiment is designed with the authentication function, and the authentication function is mainly used for sending the received account and password to the cloud platform for authentication after the message middleware receives the account and the password transmitted by the device terminal to request connection, that is, the identity of the device terminal is verified, when the verification result is that the verification is successful, it indicates that the message middleware can accept the connection of the device terminal, and the device terminal can successfully connect the message middleware, otherwise, when the verification result is that the verification is failed, it indicates that the message middleware cannot accept the connection of the device terminal, and the device terminal fails to connect the message middleware.
In addition, for the verification of the received account and password, the identity verification may be performed according to a preset rule, and a specific verification method is not limited herein.
It should be noted that the message middleware is a communication software, which can run and apply on different devices/systems/platforms as long as the devices/systems/platforms have an environment supporting running the message middleware. In the embodiment, the message middleware can be ActiveMQ; the ActiveMQ is a pure Java program, so that the ActiveMQ can be executed only by supporting a Java virtual machine by an operating system. That is, if the operating system of the device terminal or the cloud platform supports the Java virtual machine, the ActiveMQ may run on the device terminal or the cloud platform, or an additional message intermediate platform (i.e., a data processing device having an operating system supporting the Java virtual machine and capable of running the ActiveMQ) may be additionally provided according to actual requirements and may be provided between the communication links of the device terminal and the cloud platform. For ActiveMQ, the actual running carrier is not limited here.
The device terminal is a device at least used for data input (receiving), output (sending), processing and communication functions. Such as smart phones, IPADs, computers, vehicle terminals, vending machines, etc.
The cloud platform provides a platform with computing, network and storage capabilities for services based on hardware resources and software resources; the physical carrier of the system is formed by at least one server.
Therefore, by using the method of the embodiment, when the equipment terminal is connected with the message middleware, the message middleware can send the account and the password transmitted by the equipment terminal to the cloud platform for identity verification, so that the safety risk caused by uploading the equipment message to counterfeit equipment after the fixed account and the password are revealed in the traditional scheme can be greatly reduced, namely the safety of the communication connection of the equipment can be greatly improved by the scheme of the embodiment.
In addition, in order to make the message middleware have the above authentication function, the applicant finds that the program with the above authentication function can be designed by using the originally-provided extension interface of the message middleware, so that the message middleware can have the above authentication function, and the implementation operation mode is simple and convenient, and the resource can be fully utilized without additionally designing a program interface. Therefore, in some embodiments, the step S102 of sending the authentication request, the account and the password to the cloud platform may specifically include:
and responding to the connection request information, triggering an authentication plug-in, and sending the authentication request, the account and the password to a cloud platform.
Or, the function of the authentication plug-in may further include detection of connection request information, that is, the step S102 of sending the authentication request, the account and the password to the cloud platform may specifically include:
the authentication plug-in detects the connection request information;
and after the authentication plug-in receives the connection request information in the detection message middleware, the authentication plug-in sends the authentication request and the received account and password to the cloud platform.
As can be seen, in this embodiment, for the step S102 of sending the authentication request, the account and the password to the cloud platform, the actual steps are as follows: and utilizing the authentication plug-in to send the authentication request and the received account number and password to the cloud platform. Therefore, the operation mode is simple and convenient, no additional program interface is required to be designed, and resources can be fully utilized.
In some embodiments, the step of verifying the received account and the password in step S102 includes:
s1021, matching and judging the received account number and the password with a pre-stored account number and a pre-stored password corresponding to the equipment terminal;
s1022, if the judgment result is matching, the verification result is successful;
and S1023, if the judgment result is not matched, indicating that the verification result is verification failure.
Because data are difficult to avoid being interfered when the data are uploaded, if the uploaded account number and password are matched with the pre-stored account number and password corresponding to the equipment terminal, namely the similarity between the pre-stored account number and the pre-stored password meets the preset condition, the uploaded account number and password can be judged to be matched with the pre-stored account number and password, and the verification is successful at the moment.
Of course, it is preferable that, in order to further ensure that the device terminal which issues the connection request is not a counterfeit device, then for the step S1021, it may specifically be:
and judging whether the received account and password are the same as the account and password which are stored in the cloud platform in advance and correspond to the equipment terminal.
If the judgment results are the same, the verification result is successful, the message middleware receives the connection request of the equipment terminal, and the equipment terminal can be successfully connected with the message middleware; otherwise, if the judgment results are different, the verification result is verification failure, at this time, the message middleware does not accept the connection request of the equipment terminal, and the equipment terminal fails to connect the message middleware. It can be seen that by using steps S1021 to S1023 of this embodiment, the verification accuracy can be improved, and the security of the device connection message middleware can be further improved.
In some of these embodiments, the method of this embodiment further comprises the steps of:
s103, the terminal information of the connected equipment terminal is deleted by being called by the cloud platform.
In this embodiment, when the device terminal has successfully connected to the message middleware, the cloud platform may invoke the device management function of the cloud platform to delete the device terminal or modify the state of the device terminal to implement deletion and/or freezing of the device terminal, and may invoke the interface of the message middleware itself through jmx to delete the connection of the device terminal, that is, the message middleware is invoked by the cloud platform through the interface of the message middleware itself, so as to delete the device terminal that has successfully connected. Jmx, which is a Java Management extension, is a framework for embedding Management functions into applications, devices, systems, and the like.
Therefore, in the embodiment, the cloud platform can be called by using the self-contained interface of the message middleware, and the connected equipment terminal is deleted in the message middleware, so that the existing resources are fully utilized, and the workload of the cloud platform can be reduced.
In some embodiments, the connection request information is encapsulated based on MQTT protocol (MQTT + SSL, MQT protocol is a client-server based message publish/subscribe transport protocol), SSL protocol is a secure transport protocol, and SSL is an abbreviation of secure sockets layer, i.e., secure socket layer protocol). That is, in this embodiment, after encapsulating the connection request information by using the mqts protocol, the device terminal sends the connection request information to the message middleware to initiate a connection request to the message middleware. The MQTTS protocol is utilized to initiate the connection request to the message middleware, so that the information security of the device can be further enhanced.
In summary, by using the message middleware of this embodiment, the potential safety hazard to the platform information caused by the fact that the counterfeit device reports the device information can be reduced, and the security of the device connection is improved.
Referring to fig. 2, the present embodiment further provides a data communication device, which is mainly used for running a message middleware, and includes:
a memory 201 for a computer program;
the processor 202 is configured to execute the computer program to implement the steps of the data communication method according to the above embodiments.
Since the apparatus provided by the present embodiment mainly runs the message middleware and implements the steps of the method of the above method embodiment, the apparatus of the present embodiment has the same advantages as those of the above method embodiment, and will not be redundantly described here.
In addition, the present embodiment also provides a computer-readable storage medium, which stores a computer program, and the computer program, when executed by a processor, implements the steps of the data communication method according to the above method embodiments. The computer readable storage medium includes, but is not limited to, a high speed random access memory, and may also include a non-volatile memory, such as at least one disk storage device, flash memory device, or other non-volatile solid state storage device. Likewise, since the computer program stored in the storage medium of the present embodiment implements the steps of the above method embodiments when executed by the processor, the apparatus of the present embodiment has the same advantages as the above method embodiments, and is not redundantly described here.
Referring to fig. 3, the present embodiment further provides a data communication system, including:
the device terminal 301 is configured to send connection request information to the message middleware;
In some embodiments, the system of this embodiment further includes a cloud platform 303, and the cloud platform is communicatively connected to the message middleware.
Referring to fig. 4, the data communication method based on the data communication system is as follows. In this embodiment, the message middleware is an ActiveMQ.
Step S401, before the device terminal 301 initiates a connection request to the ActiveMQ, the device terminal 301 obtains an account and a password corresponding to itself from the cloud platform 303.
Specifically, the device terminal 301 obtains connection information corresponding to itself from the cloud platform 303 through the HTTPS protocol (i.e., steps 1 and 2 in the figure), where the connection information includes, in addition to an account and a password corresponding to the device terminal, an IP address and a corresponding port number corresponding to an ActiveMQ to which the device terminal needs to connect, and thus, the terminal device can initiate a connection request to the corresponding ActiveMQ according to the IP address and the corresponding port number of the ActiveMQ.
It should be noted that HTTPS is an HTTP channel with security as a target, and the security of the transmission process is ensured by transmission encryption and identity authentication based on HTTP. That is to say, the device terminal obtains the connection information from the cloud platform 303 through the HTTPS protocol, which can further improve the security of the device information. And the device terminal, the account number and the password corresponding to the device terminal have a unique corresponding relationship, and are allocated to each device terminal by the device management system of the cloud platform 303.
In addition, for the cloud platform 303, the account and the password stored in the cloud platform 303 corresponding to the device terminal may be changed and modified periodically, or the account and the password corresponding to the device terminal may be changed and modified as long as the device terminal is connected to a server once, and the terminal device obtains the account and the password corresponding to the device terminal from the cloud platform before the device terminal is connected to the message middleware every time.
Step S402, the device terminal 301 initiates a connection request to the ActiveMQ by using the MQTTS protocol according to the acquired IP address and port number of the ActiveMQ, and transmits the connection request information acquired by packaging based on the MQTTS protocol to the corresponding ActiveMQ.
Specifically, an IP Address (Internet Protocol Address) refers to an Internet Protocol Address, and is translated into an Internet Protocol Address; the port number is mainly used to distinguish several ports of the server. It can be seen that, since the device terminal 301 initiates the connection request to the corresponding ActiveMQ according to the IP address and the port number of the ActiveMQ obtained from the cloud platform 303, for the user or the work, the message middleware required to initiate the connection request can be changed, selected, and the like very conveniently, and different message middleware can be conveniently allocated to different device terminals, so that the operation convenience is high.
Step S403, after the ActiveMQ receives the connection request information transmitted by the device terminal 303, the authentication request, the received account and the password are transmitted to the cloud platform through https + resume by using the authentication plug-in of the user-defined ActiveMQ, so that the authentication request is sent to the cloud platform.
Specifically, after the ActiveMQ triggers the authentication plug-in response to the received account and the password of the device terminal, the authentication request, the account and the password are sent to the cloud platform through https + resful, so that the authentication request is sent to the cloud platform.
Step S404, after receiving the authentication request, the cloud platform 303 verifies the received account and the password to perform identity verification on the device terminal 301, so as to obtain a verification result, where the verification result is used to represent whether the ActiveMQ accepts the connection request of the device terminal.
Specifically, the received account and the password are verified to implement the identity verification of the device terminal, and the verification method in this embodiment specifically includes: and judging whether the received account number and the password are the same as the account number and the password which are stored in advance and correspond to the equipment terminal, if so, indicating that the verification result is successful, at the moment, the ActiveMQ accepts the connection request of the equipment terminal, and the equipment terminal can be successfully connected with the ActiveMQ, otherwise, if not, indicating that the verification result is failed, at the moment, the ActiveMQ does not accept the connection request of the equipment terminal, and the equipment terminal fails to connect the message middleware, namely, the ActiveMQ rejects the connection request of the equipment terminal.
Step S405, after the device terminal 301 is successfully connected with the ActiveMQ, the device terminal 301 initiates a request for publishing messages and/or subscribing messages to the ActiveMQ.
When the device terminal sends a request for publishing a message to the ActiveMQ, the device terminal 301 publishes the message to the ActiveMQ, and then the cloud platform 303 can obtain the message published by the device terminal from the ActiveMQ in a subscription mode; when the device terminal sends a request for subscribing to a message to the ActiveMQ, the device terminal 301 may obtain a corresponding message from the ActiveMQ in a subscription manner.
The data communication method of the embodiment may further include the following step of freezing and/or deleting the device terminal to implement the operation of the account access right, thereby further improving the security.
S406, when the device terminal 301 is not connected to an ActiveMQ, and when the cloud platform deletes/freezes the device terminal, the device management function of the cloud platform is used to delete the corresponding device terminal or modify the state of the device terminal, so that when the device terminal initiates a connection request, the authentication plug-in requests the cloud platform to perform identity verification, and a result that the identity verification fails is obtained, so that the device terminal cannot be connected to the ActiveMQ.
Still alternatively, the step of freezing and/or deleting the device terminal comprises:
s407, successfully connect an ActiveMQ to the device terminal 301, referring to fig. 5, when the cloud platform deletes/freezes the device terminal, the device management function of the cloud platform may be used to delete the corresponding device or modify the state of the device, or the ActiveMQ self-contained interface may be called jmx to delete the client connection, that is, at this time, the ActiveMQ self-contained interface is called by the cloud platform through jmx to delete the connected terminal device, so that the device terminal may disconnect.
It can be seen that the method and system of the above embodiments include at least one of the following benefits:
(1) the account password acquired by the equipment is the one-equipment one-account password which is independent and unique and corresponds to the one-equipment one-account password, and meanwhile, the authentication plug-in of the message middleware is used for verifying the identity of the equipment terminal to the cloud platform, so that the safety of equipment connection can be greatly improved;
(2) the equipment terminal initiates a connection request to the ActiveMQ by adopting an MQTTS protocol, so that the communication security of the equipment can be enhanced;
(3) and the account access authority can be operated, so that the risk caused by password exposure is further reduced.
The embodiments of the present invention have been described in detail with reference to the accompanying drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.
Claims (10)
1. A method of data communication, the method comprising the steps of:
receiving connection request information transmitted by a device terminal, wherein the connection request information comprises an account and a password corresponding to the device terminal, and the account and the password corresponding to the device terminal can be obtained from a cloud platform;
and sending the authentication request, the account and the password to a cloud platform, so that the cloud platform checks the received account and the password after receiving the authentication request to obtain a check result, wherein the check result is used for representing whether a message middleware accepts the connection request of the equipment terminal.
2. The method of claim 1, wherein the step of sending the authentication request, and the account number and the password to the cloud platform comprises:
and responding to the connection request information, triggering an authentication plug-in, and sending the authentication request, the account and the password to a cloud platform.
3. The method of claim 1, wherein the step of verifying the received account number and password comprises:
matching and judging the received account and the password with a pre-stored account and a password corresponding to the equipment terminal;
if the judgment result is matching, the verification result is successful;
and if the judgment result is not matched, indicating that the verification result is verification failure.
4. The method of claim 1, further comprising the steps of:
and the terminal information of the connected equipment terminal is deleted by being called by the cloud platform.
5. The method according to any of claims 1-4, wherein the connection request information is connection request information encapsulated based on the MQTTS protocol.
6. A data communication device, comprising:
a memory for a computer program;
a processor for executing the computer program to carry out the steps of the method according to any one of claims 1 to 5.
7. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 5.
8. A data communication system, comprising:
the device terminal is used for sending the connection request information to the message middleware;
message middleware for executing a computer program for implementing the steps of the method according to any of claims 1-5.
9. The system of claim 8, wherein the device terminal is specifically configured to send the connection request information to the corresponding message middleware according to the IP address and port number of the message middleware; and the IP address and the port number of the message middleware can be obtained from the cloud platform.
10. The system of claim 8, further comprising a cloud platform communicatively coupled to the message middleware.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010861045.3A CN111988324A (en) | 2020-08-25 | 2020-08-25 | Data communication method, system, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010861045.3A CN111988324A (en) | 2020-08-25 | 2020-08-25 | Data communication method, system, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111988324A true CN111988324A (en) | 2020-11-24 |
Family
ID=73442696
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010861045.3A Pending CN111988324A (en) | 2020-08-25 | 2020-08-25 | Data communication method, system, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111988324A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113098685A (en) * | 2021-03-29 | 2021-07-09 | 荣霞 | Security verification method and device based on cloud computing and electronic equipment |
| CN113676532A (en) * | 2021-08-16 | 2021-11-19 | 广州鲁邦通智能科技有限公司 | Method for connecting equipment with message middleware and Internet of things system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050125502A1 (en) * | 2002-02-28 | 2005-06-09 | Azalto Sa | Network communication method with a smartcard using asynchronous messages |
| US20060200800A1 (en) * | 2003-05-27 | 2006-09-07 | Geir Melby | Aggregation of non blocking state machines on enterprise java bean platform |
| CN104980441A (en) * | 2015-06-26 | 2015-10-14 | 浪潮软件股份有限公司 | Tenant authentication mechanism realizing method |
| CN106534338A (en) * | 2016-12-05 | 2017-03-22 | 东北大学 | Cloud robot system and implementation method |
| CN107846447A (en) * | 2017-09-21 | 2018-03-27 | 烽火通信科技股份有限公司 | A kind of method of the home terminal access message-oriented middleware based on MQTT agreements |
| CN110781509A (en) * | 2019-10-28 | 2020-02-11 | 腾讯科技(深圳)有限公司 | Data verification method and device, storage medium and computer equipment |
-
2020
- 2020-08-25 CN CN202010861045.3A patent/CN111988324A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050125502A1 (en) * | 2002-02-28 | 2005-06-09 | Azalto Sa | Network communication method with a smartcard using asynchronous messages |
| US20060200800A1 (en) * | 2003-05-27 | 2006-09-07 | Geir Melby | Aggregation of non blocking state machines on enterprise java bean platform |
| CN104980441A (en) * | 2015-06-26 | 2015-10-14 | 浪潮软件股份有限公司 | Tenant authentication mechanism realizing method |
| CN106534338A (en) * | 2016-12-05 | 2017-03-22 | 东北大学 | Cloud robot system and implementation method |
| CN107846447A (en) * | 2017-09-21 | 2018-03-27 | 烽火通信科技股份有限公司 | A kind of method of the home terminal access message-oriented middleware based on MQTT agreements |
| CN110781509A (en) * | 2019-10-28 | 2020-02-11 | 腾讯科技(深圳)有限公司 | Data verification method and device, storage medium and computer equipment |
Non-Patent Citations (1)
| Title |
|---|
| 魏新宇; 王洪涛; 陈耿, 机械工业出版社 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113098685A (en) * | 2021-03-29 | 2021-07-09 | 荣霞 | Security verification method and device based on cloud computing and electronic equipment |
| CN113098685B (en) * | 2021-03-29 | 2022-03-22 | 深圳市凌壹科技有限公司 | Security verification method and device based on cloud computing and electronic equipment |
| CN113676532A (en) * | 2021-08-16 | 2021-11-19 | 广州鲁邦通智能科技有限公司 | Method for connecting equipment with message middleware and Internet of things system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110764807B (en) | Upgrading method, system, server and terminal equipment | |
| CN112398916B (en) | File transmission method and device based on HTTP (hyper text transport protocol) | |
| US10862976B2 (en) | System and method for improving efficiency of SSL/TLS connections | |
| CN108900324B (en) | Method and device for checking communication performance of virtual machine | |
| CN112491776B (en) | Security authentication method and related equipment | |
| CN111224952B (en) | Network resource acquisition method and device for directional flow and storage medium | |
| CN110839004A (en) | Method and device for access authentication | |
| CN111988324A (en) | Data communication method, system, equipment and storage medium | |
| CN113190778A (en) | Business data pushing method, system, computer equipment and computer storage medium | |
| CN113438256B (en) | Data transmission method, system and proxy server based on double-layer SSL | |
| CN112822146A (en) | Network connection monitoring method, device, system and computer readable storage medium | |
| WO2015027931A1 (en) | Method and system for realizing cross-domain remote command | |
| CN112039882B (en) | Message transmission processing method, system, device and storage medium | |
| CN113938474A (en) | Virtual machine access method and device, electronic equipment and storage medium | |
| CN111431957A (en) | File processing method, device, equipment and system | |
| CN102685115A (en) | Resource access method, resource management device and system | |
| CN114830572A (en) | Data transmission method, device, equipment, system and storage medium | |
| CN108809927B (en) | Identity authentication method and device | |
| US20160261719A1 (en) | Information processing system, control program, and control method | |
| CN112565447B (en) | Encryption and decryption method and system matched with uploading and downloading in cloud environment and WEB file manager | |
| CN113098685B (en) | Security verification method and device based on cloud computing and electronic equipment | |
| CN110022310B (en) | Authorization method and device based on cloud computing open network operating system | |
| CN110995756B (en) | Method and device for calling service | |
| CN110324426B (en) | Data acquisition method, device and system | |
| CN113656169A (en) | Task request processing method and device, management server and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 511356 Room 501, building 2, No. 63, Yong'an Avenue, Huangpu District, Guangzhou, Guangdong Applicant after: Guangzhou lubangtong Internet of things Technology Co.,Ltd. Address before: 510653 room F315, 95 daguanzhong Road, Tianhe District, Guangzhou City, Guangdong Province Applicant before: GUANGZHOU ROBUSTEL TECHNOLOGIES Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201124 |