CN112187831B - Equipment network access method and device, storage medium and electronic equipment - Google Patents

Equipment network access method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN112187831B
CN112187831B CN202011194110.8A CN202011194110A CN112187831B CN 112187831 B CN112187831 B CN 112187831B CN 202011194110 A CN202011194110 A CN 202011194110A CN 112187831 B CN112187831 B CN 112187831B
Authority
CN
China
Prior art keywords
network
equipment
background
ciphertext
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011194110.8A
Other languages
Chinese (zh)
Other versions
CN112187831A (en
Inventor
林志铤
刘永健
彭宁
徐言
陈慧中
宋伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN202011194110.8A priority Critical patent/CN112187831B/en
Publication of CN112187831A publication Critical patent/CN112187831A/en
Application granted granted Critical
Publication of CN112187831B publication Critical patent/CN112187831B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a device networking method and device, a storage medium and electronic equipment. Wherein the method comprises the following steps: the method comprises the steps of obtaining a device identifier of a first device to be connected to a network, a network identifier of a target wireless network and a network access password, sending the device identifier and a network distribution plaintext to background equipment, obtaining a network distribution ciphertext sent by the background equipment, and sending the network identifier and the network distribution ciphertext to the first device, so that the first device can access the target wireless network by using the network identifier and the network access password in the network distribution plaintext, and connecting the background equipment after the first device is accessed to the target wireless network. The invention solves the technical problem of poor safety protection of the equipment access network in the related technology.

Description

Equipment network access method and device, storage medium and electronic equipment
Technical Field
The present invention relates to the field of computers, and in particular, to a method and apparatus for device networking, a storage medium, and an electronic device.
Background
With the popularization of the internet of things and WiFi technology, more and more devices access the internet of things through a WiFi network, wherein most of embedded devices have no human-computer interface and cannot be directly connected with the internet, so that the internet needs to be configured by means of an intelligent terminal such as a mobile phone.
In the related art at present, the mode of realizing the network access of the device is mainly a process of transmitting the SSID and the Password of the target WiFi to the device through the application of the intelligent terminal by using a WiFi link. In the process, the communication transmission of the WiFi sensitive information such as the Password is mainly based on the asymmetric encryption mode to transmit the sensitive information, and the secret key is dynamically negotiated through the public and private key certificate.
Therefore, when the internet of things equipment is added to perform network configuration in the intelligent terminal application related to the internet of things system, for example, the internet of things equipment is bound under a legal user account, so that a user can monitor the equipment through the terminal application, that is, the encryption processing of WIFI network configuration information is mainly finished through the intelligent terminal application in the current related technology, and the network configuration information is sent to the internet of things equipment, so that the internet of things equipment can be connected to the internet of things, and the related technology is easy to receive attack in the network connection process, so that privacy security is difficult to be effectively protected.
Therefore, the related art has the technical problem of poor security of the device accessing the network.
In view of the above problems, no effective solution has been proposed at present.
Disclosure of Invention
The embodiment of the invention provides a device networking method and device, a storage medium and electronic equipment, which are used for at least solving the technical problem of poor safety protection of the device access network in the related technology.
According to an aspect of the embodiment of the present invention, there is provided a device networking method, including: acquiring a device identifier of a first device to be accessed to a network, a network identifier of a target wireless network and an access password; transmitting the equipment identifier and the distribution network plaintext to background equipment, wherein the distribution network plaintext comprises the network access password; acquiring a distribution network ciphertext transmitted by the background equipment, wherein the distribution network ciphertext is a ciphertext obtained by encrypting the distribution network plaintext by using a target encryption key, and the target encryption key has a corresponding relation with the equipment identifier; and sending the network identifier and the distribution network ciphertext to the first device, wherein the first device is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key to obtain the distribution network plaintext, accessing the network access password in the distribution network plaintext to the target wireless network by using the network identifier and the network access password in the distribution network ciphertext, connecting the background device after accessing the target wireless network, and sending the distribution network ciphertext to the background device.
According to another aspect of the embodiment of the present invention, there is also provided a device networking method, including: acquiring a network identifier of a target wireless network and a distribution network ciphertext transmitted by a second device on a first device to be connected, wherein the distribution network ciphertext is a ciphertext obtained by encrypting a distribution network plaintext by using a target encryption key by a background device, the distribution network plaintext comprises a network access password of the target wireless network, and the target encryption key has a corresponding relation with the device identifier of the first device; decrypting the distribution network ciphertext on the first device by using a target decryption key corresponding to the target encryption key to obtain the distribution network plaintext; accessing, on the first device, the target wireless network using the network identification and the access password in the distribution network context; and after the target wireless network is accessed, connecting the background equipment on the first equipment, and sending the distribution network ciphertext to the background equipment.
Optionally, the obtaining, on the first device to be network-accessed, the network identifier and the network allocation ciphertext of the target wireless network sent by the second device includes: creating a wireless hotspot on the first device; under the condition that the second equipment establishes connection with the wireless hotspot created by the first equipment, acquiring the network identifier and the distribution network ciphertext sent by the second equipment on the first equipment through the established connection; or acquiring a target message sent by the second device in a broadcast or multicast mode on the first device, wherein the target message is a message to be transmitted obtained by encoding the network identifier and the distribution network ciphertext by the second device; and decoding the network identifier and the distribution network ciphertext from the target message on the first equipment.
According to still another aspect of the embodiment of the present invention, there is also provided a device networking method, including: acquiring a device identifier of a first device and a network distribution plaintext sent by a second device on a background device, wherein the first device is a device to be network-connected, and the network distribution plaintext comprises a network-connected password of a target wireless network; encrypting the distribution network plaintext by using a target encryption key on the background equipment to obtain a distribution network ciphertext, wherein the target encryption key has a corresponding relation with the equipment identifier; the distribution network ciphertext is sent to the second device on the background device; and under the condition that the first equipment uses the network identifier of the target wireless network and the network access password in the distribution network text to access the target wireless network, connection is established between the first equipment and the background equipment, and the distribution network ciphertext sent by the first equipment is obtained.
Optionally, when the background device acquires the network configuration ciphertext sent by the first device, the background device actively sends the target network access information to the second device, including: and under the condition that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment, the background equipment actively sends the target network access information to the second equipment, wherein the target network access information is used for indicating that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment.
Optionally, the method further comprises: recording the connection setup time on the background device in case the connection is established with the first device on the background device; and under the condition that the establishment time is recorded on the background equipment, determining that the background equipment establishes the connection with the first equipment.
According to still another aspect of the embodiment of the present invention, there is also provided a device networking apparatus, including: the first acquisition module is used for acquiring the equipment identifier of the first equipment to be accessed to the network, the network identifier of the target wireless network and the access password; the first sending module is used for sending the equipment identifier and the distribution network plaintext to background equipment, wherein the distribution network plaintext comprises the network access password; the second acquisition module is used for acquiring a distribution network ciphertext sent by the background equipment, wherein the distribution network ciphertext is a ciphertext obtained by encrypting the distribution network plaintext by using a target encryption key, and the target encryption key has a corresponding relation with the equipment identifier; the second sending module is configured to send the network identifier and the distribution network ciphertext to the first device, where the first device is configured to decrypt the distribution network ciphertext using a target decryption key corresponding to the target encryption key to obtain the distribution network plaintext, access the target wireless network using the network identifier and the network access password in the distribution network plaintext, and connect the background device after accessing the target wireless network, and send the distribution network ciphertext to the background device.
According to still another aspect of the embodiment of the present invention, there is also provided a device networking apparatus, including: a third obtaining module, configured to obtain, on a first device to be network-connected, a network identifier of a target wireless network and a network distribution ciphertext that are sent by a second device, where the network distribution ciphertext is a ciphertext obtained by encrypting a network distribution plaintext by using a target encryption key by a background device, where the network distribution plaintext includes a network-connected password of the target wireless network, and the target encryption key has a corresponding relationship with the device identifier of the first device; the decryption module is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key on the first device to obtain the distribution network plaintext; an access module, configured to access, on the first device, the target wireless network using the network identifier and the access password in the distribution network context; and the connection module is used for connecting the background equipment to the first equipment after the target wireless network is accessed, and sending the distribution network ciphertext to the background equipment.
According to still another aspect of the embodiment of the present invention, there is also provided a device networking apparatus, including: a fourth obtaining module, configured to obtain, on a background device, a device identifier of a first device and a network configuration plaintext, where the first device is a device to be network-connected, and the network configuration plaintext includes a network-connected password of a target wireless network; the encryption module is used for encrypting the distribution network plaintext by using a target encryption key on the background equipment to obtain a distribution network ciphertext, wherein the target encryption key has a corresponding relation with the equipment identifier; the third sending module is used for sending the distribution network ciphertext to the second device on the background device; and the processing module is used for establishing connection with the first equipment on the background equipment and acquiring the distribution network ciphertext sent by the first equipment under the condition that the first equipment uses the network identifier of the target wireless network and the network access password in the distribution network plaintext to access the target wireless network.
According to yet another aspect of the embodiments of the present invention, there is also provided a computer-readable storage medium having a computer program stored therein, wherein the computer program is configured to execute the above-described device networking method when run.
According to still another aspect of the embodiments of the present invention, there is also provided an electronic device including a memory, in which a computer program is stored, and a processor configured to execute the device networking method described above by the computer program.
In the embodiment of the invention, the equipment identifier of the first equipment to be accessed, the network identifier of the target wireless network and the access password are acquired, the equipment identifier and the access plaintext are transmitted to the background equipment, the access ciphertext transmitted by the background equipment is acquired, and the network identifier and the access ciphertext are transmitted to the first equipment, so that the first equipment can access the target wireless network by using the network identifier and the access password in the access plaintext, and after the access to the target wireless network, the background equipment is connected, by transmitting the access information corresponding to the target wireless network to the background equipment, and encrypting the access information according to the equipment identifier by the background equipment, the aim of encrypting the access information by an intelligent terminal in the related technology is fulfilled, thereby realizing the purposes of improving the security of the access network of the equipment, optimizing the access efficiency of the equipment, realizing closed loop of the access flow of the equipment, using the schemes such as a token and the like for encryption verification, realizing lower cost and higher success rate of the access, and further solving the technical problems of poorer safety protection of the access network of the equipment in the related technology.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiments of the invention and together with the description serve to explain the invention and do not constitute a limitation on the invention. In the drawings:
FIG. 1 is a schematic illustration of an application environment of an alternative device networking method in accordance with an embodiment of the present invention;
FIG. 2 is a flow chart of an alternative method of device networking in accordance with an embodiment of the present invention;
FIG. 3 is a schematic diagram of an alternative method of device networking in accordance with an embodiment of the present invention;
FIG. 4 is a schematic diagram of another alternative method of device networking in accordance with an embodiment of the present invention;
FIG. 5 is a schematic diagram of yet another alternative method of device networking in accordance with an embodiment of the invention;
FIG. 6 is a schematic diagram of yet another alternative method of device networking in accordance with an embodiment of the present invention;
FIG. 7 is a schematic diagram of yet another alternative method of device networking in accordance with an embodiment of the invention;
FIG. 8 is a flow chart of an alternative method of device networking in accordance with an embodiment of the present invention;
FIG. 9 is a schematic diagram of an alternative device networking apparatus in accordance with an embodiment of the present invention;
Fig. 10 is a schematic structural view of an alternative electronic device according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
First, partial terms or terminology appearing in describing embodiments of the present application are applicable to the following explanation:
SSID: the service set identifier (Service Set Identifier) is an identification of one or a group of WiFi wireless networks.
Cloud computing (closed computing) refers to the delivery and usage mode of an IT infrastructure, meaning that required resources are obtained in an on-demand, easily scalable manner through a network; generalized cloud computing refers to the delivery and usage patterns of services, meaning that the required services are obtained in an on-demand, easily scalable manner over a network. Such services may be IT, software, internet related, or other services. Cloud Computing is a product of fusion of traditional computer and network technology developments such as Grid Computing (Grid Computing), distributed Computing (distributed Computing), parallel Computing (Parallel Computing), utility Computing (Utility Computing), network storage (Network Storage Technologies), virtualization (Virtualization), load balancing (Load balancing), and the like.
With the development of the internet, real-time data flow and diversification of connected devices, and the promotion of demands of search services, social networks, mobile commerce, open collaboration and the like, cloud computing is rapidly developed. Unlike the previous parallel distributed computing, the generation of cloud computing will promote the revolutionary transformation of the whole internet mode and enterprise management mode in concept.
The internet of things (The Internet of Things, IOT for short) refers to collecting any object or process needing to be monitored, connected and interacted in real time through various devices and technologies such as various information sensors, radio frequency identification technologies, global positioning systems, infrared sensors and laser scanners, collecting various needed information such as sound, light, heat, electricity, mechanics, chemistry, biology and positions, and realizing ubiquitous connection of the object and people through various possible network access, and realizing intelligent sensing, identification and management of the object and the process. The internet of things is an information carrier based on the internet, a traditional telecommunication network and the like, and enables all common physical objects which can be independently addressed to form an interconnection network.
The Cloud IOT aims to connect information perceived by sensing equipment in the traditional IOT and accepted instructions into the Internet, networking is truly realized, mass data storage and operation are realized through a Cloud computing technology, the current running states of all 'objects' are perceived in real time due to the fact that the things are connected with each other, a large amount of data information can be generated in the process, how to collect the information, how to screen useful information in the mass information and make decision support for subsequent development, and the Cloud is a key problem affecting the development of the IOT, and the Internet of things Cloud based on Cloud computing and Cloud storage technology is also a powerful support for the technology and application of the IOT.
Cloud Security (Cloud Security) refers to a generic term for Security software, hardware, users, institutions, secure Cloud platforms based on Cloud computing business model applications. Cloud security fuses emerging technologies and concepts such as parallel processing, grid computing, unknown virus behavior judgment and the like, acquires the latest information of Trojan horse and malicious programs in the Internet through abnormal monitoring of a large number of network clients on software behaviors, sends the latest information to a server for automatic analysis and processing, and distributes solutions of viruses and Trojan horse to each client.
The main research directions of cloud security include: 1. cloud computing security, namely, how to guarantee security of cloud and various applications on the cloud, including cloud computer system security, security storage and isolation of user data, user access authentication, information transmission security, network attack protection, compliance audit and the like; 2. clouding of a safety infrastructure, mainly researching how to build and integrate safety infrastructure resources by adopting cloud computing, and optimizing a safety protection mechanism, wherein the cloud computing technology is used for constructing a super-large-scale safety event and an information acquisition and processing platform, realizing acquisition and association analysis of mass information, and improving the control capability and risk control capability of the whole-network safety event; 3. cloud security services, mainly research on various security services provided for users based on cloud computing platforms, such as anti-virus services and the like.
The invention is illustrated below with reference to examples:
according to an aspect of the embodiment of the present invention, there is provided a device networking method, optionally, in this embodiment, the device networking method may be applied to a hardware environment formed by the server 101 and the user terminal 103 as shown in fig. 1. As shown in fig. 1, a server 101 is connected to a terminal 103 through a network, and may be used to provide services to a user terminal or a client installed on the user terminal, which may be a video client, an instant messaging client, a browser client, an educational client, a game client, etc. The database 105 may be provided on or separate from the server for providing data storage services for the server 101, such as a device information storage server, which may include, but is not limited to: a wired network, a wireless network, wherein the wired network comprises: local area networks, metropolitan area networks, and wide area networks, the wireless network comprising: bluetooth, WIFI and other networks for wireless communication, the user terminal 103 may be a terminal configured with an application, an applet, a web page, etc. for executing the above-mentioned device networking method, and may include, but is not limited to, at least one of the following: the application 107 using the above device networking method is displayed by the user terminal 103, and may be configured through an entry of the application 107 for device networking, obtain a device identifier of a device to be networked, a network identifier of a wireless network, and a networking password in the application 107, encrypt the device identifier by using an encryption key as a server 101 through a background device, and then generate a network configuration ciphertext, and send the configuration ciphertext to a device corresponding to the device identifier, where the application 107 and the device 109 are connected to the server 101, which is just an example, and the embodiment is not limited in any way.
As shown in fig. 1, the above device network access method may be implemented in the user terminal 103 by the following steps:
s1, starting an application 107 in a user terminal 103, and acquiring a device identifier of a first device 109 to be networked, a network identifier of a target wireless network and a networking password;
s2, transmitting the equipment identification and the distribution network plaintext to the server 101 through the application 107;
s3, acquiring the distribution network ciphertext transmitted by the server 101 through the application 107.
And S4, the network identification and the distribution network ciphertext are sent to the first device 109 through the application 107.
The above is merely an example, and the present embodiment is not particularly limited.
Optionally, as an optional implementation manner, as shown in fig. 2, the device network access method includes:
s202, acquiring a device identifier of a first device to be accessed to a network, a network identifier of a target wireless network and an access password;
s204, transmitting the equipment identifier and the distribution network plaintext to background equipment, wherein the distribution network plaintext comprises a network access password;
s206, acquiring a distribution network ciphertext transmitted by the background equipment, wherein the distribution network ciphertext is obtained by encrypting a distribution network plaintext by using a target encryption key, and the target encryption key has a corresponding relationship with the equipment identifier;
And S208, the network identifier and the distribution network ciphertext are sent to first equipment, wherein the first equipment is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key to obtain a distribution network plaintext, accessing the target wireless network by using the network identifier and the network access password in the distribution network plaintext, connecting with background equipment after accessing the target wireless network, and sending the distribution network ciphertext to the background equipment.
Optionally, in this embodiment, the method for accessing the internet of things may include, but is not limited to, applying to an internet of things network architecture as shown in fig. 3, where the implementation main body is an intelligent terminal 302, the network architecture further includes an internet of things device 304 as the first device, and an internet of things background 306 as the background device, which further explains the method for accessing the internet of things device:
s1, an intelligent terminal 302 acquires a device identifier of an Internet of things device 304 to be networked, a network identifier of a target wireless network and a networking password;
s2, the intelligent terminal 302 sends the equipment identifier and the distribution network plaintext to the Internet of things background 306, wherein the distribution network plaintext comprises a network access password;
s3, the intelligent terminal 302 acquires a distribution network ciphertext sent by the Internet of things background 306, wherein the distribution network ciphertext is obtained by encrypting the distribution network plaintext by using a target encryption key, and the target encryption key has a corresponding relationship with the equipment identifier;
S4, the intelligent terminal 302 sends the network identifier and the distribution network ciphertext to the Internet of things equipment 304, wherein the Internet of things equipment 304 is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key to obtain a distribution network plaintext, accessing the target wireless network by using the network identifier and the network access password in the distribution network plaintext, and after accessing the target wireless network, connecting the Internet of things background 306, and sending the distribution network ciphertext to the Internet of things background 306.
Optionally, in this embodiment, the first device may include, but is not limited to, an internet of things device having a WiFi connection function but not having a man-machine interface, including an intelligent lamp, an intelligent socket, an intelligent sound box, an intelligent curtain, an intelligent door lock, an intelligent toothbrush, an intelligent water purifier, an intelligent shower, an intelligent home theater, an intelligent television, an intelligent projector, an intelligent running machine, an intelligent watch, an intelligent sweeping robot, an intelligent wearing and taking device, an intelligent wardrobe, an intelligent washing machine, a cargo transportation tool such as an automobile with an intelligent computer, and any other intelligent device needing to be added to the target wireless network. The device identifier may include, but is not limited to, preset identification information corresponding to the first device, and may include, but is not limited to, a character string, a number, a text, and a combination of some or all of them.
For example, taking an intelligent home scene as an example, an intelligent door lock may be preset with a "door lock", an intelligent lamp arranged in a living room may be preset with a "living room-lamp 01" and the like, and the intelligent door lock may further include, but is not limited to, serial number information of the first device, where the serial number information is used to record information of a type, a production date, a manufacturer and the like of the first device, and the background device may determine the corresponding target encryption key according to the device identifier.
The corresponding relation between the preset equipment identifier and the equipment can be stored in a database corresponding to the background equipment, or can be stored in other storage devices which can be acquired by the background equipment.
Optionally, in this embodiment, the target wireless network may include, but is not limited to, a WIFI network, a bluetooth network, and the like, taking the target wireless network as the WIFI network as an example, the network identifier may include, but is not limited to, a service set identifier SSID, and the access password may include, but is not limited to, a password PWD (password) corresponding to the SSID.
Optionally, in this embodiment, the distribution network plaintext may include, but is not limited to, the network access password, and may also include, but is not limited to, a combination of the network access password and a network identifier.
Alternatively, in this embodiment, the background device may include, but is not limited to, a server, a terminal, and the like, and may also include, but is not limited to, a cloud server, a cloud terminal, and the like, where a correspondence relationship between the device identifier and the target encryption key is stored.
For example, when the device identifier is used to indicate that the target encryption key corresponding to the first device is AES encryption, a distribution network ciphertext generated by the background device according to the distribution network plaintext information in the AES encryption manner is obtained.
Alternatively, in this embodiment, the target encryption key is generated by a preset encryption algorithm, and may include, for example, encryption modes such as 3DES, AES, DESX, blowfish, RC, RC5, RC6, etc., or a combination of the multiple encryption modes and other encryption modes.
The above is merely an example, and the present embodiment is not limited in any way.
Alternatively, in this embodiment, the target decryption key corresponds to the target encryption key, in other words, ciphertext encrypted by the target encryption key can be decrypted by the target decryption key.
Optionally, in this embodiment, the connecting the background device may include, but is not limited to, joining the internet of things where the background device is located after accessing the target wireless network, and may also include, but is not limited to, binding with the corresponding account while or after joining the internet of things where the background device is located.
For example, fig. 4 is a schematic diagram of an alternative device networking method according to an embodiment of the present invention, as shown in fig. 4, where an application 402 logs in through a first account, where the application 402 includes a display interface 404 for executing the device networking method.
S1, performing touch operation on an interactive object 406 in a display interface 404 to start binding of the first device;
s2, displaying an identifier 410 of a first device to be logged in, wherein the first device may include, but is not limited to, one or more devices, and in the case that the first device is multiple, selecting the first device to be logged in from the multiple first devices is achieved by performing a touch operation on an interaction object 412;
s3, after the first device to be accessed to the network is selected, an input box 416 for inputting a network identifier and an access code of the target wireless network is displayed in a display interface 414, and the network identifier and the access code are input in the input box 416, and touch operation is performed on an interaction object 418 to execute the device access method;
s4, after the touch operation is performed on the interaction object 418, the application 402 sends the device identifier corresponding to the selected first device and the distribution network plaintext to the background device, acquires the distribution network ciphertext returned by the background device, and forwards the distribution network ciphertext to the selected first device to realize network access of the first device.
Optionally, in this embodiment, the acquiring the device identifier of the first device to be connected to the network may include, but is not limited to, acquiring the device identifier by manually inputting the device identifier in an input box, may also include, but is not limited to, acquiring the device identifier by scanning two-dimensional code information corresponding to the first device, or may include, but is not limited to, acquiring the device identifier by artificial intelligence such as voice recognition or image recognition, for example, may include, but is not limited to, acquiring the voice information by a voice acquisition device, identifying that the voice information includes a device name, acquiring the corresponding device identifier according to the device name, and so on.
Optionally, in this embodiment, the binding with the corresponding account while or after joining the internet of things where the background device is located may include, but is not limited to, obtaining information of the internet of things device by an application installed by the terminal or controlling the internet of things device, and the specific binding process may include, but is not limited to, binding an account for logging in an application where the terminal is located with the internet of things device.
The above is merely an example, and the present embodiment is not limited in any way.
According to the method, the device identification of the first device to be accessed, the network identification of the target wireless network and the access password are obtained, the device identification and the access plaintext are sent to the background device, the access ciphertext sent by the background device is obtained, the network identification and the access ciphertext are sent to the first device, the first device can access the target wireless network by using the network identification and the access password in the access plaintext, after the access to the target wireless network, the background device is connected, the access information corresponding to the target wireless network is sent to the background device, and the background device encrypts the access information according to the device identification, so that the aim of encrypting the access information through the intelligent terminal in the related technology is achieved, the safety of the access network of the device is improved, the access efficiency of the device is optimized, the access flow of the device is closed-loop, the access cost is lower, the success rate is higher than that in the technical effect of using the methods such as token for encryption verification, and the like, and the technical problem of poor safety protection of the access network of the device in the related technology is solved.
As an alternative, after sending the distribution network ciphertext to the first device, the method further includes: and determining whether the first equipment is successful in network access according to whether the first equipment sends the network distribution ciphertext to the background equipment.
Optionally, in this embodiment, the sending, by the background device, the configuration ciphertext according to whether the first device sends the configuration ciphertext to the background device may include, but is not limited to, sending, by the background device, an indication message to an application terminal that performs a device networking method, or sending, by an application terminal that performs a device networking method, a message for determining whether the first device is successful in networking to the background device or the first device, and determining, by the background device or the first device, whether the first device is successful in networking according to the message after the background device or the first device sends the message.
Optionally, in this embodiment, the success of the network access of the first device may include, but is not limited to, success of the network access of the first device to the target wireless network, and may also include, but is not limited to, success binding between the first device to the target wireless network and an account of the application terminal of the login execution device network access method through the target wireless network.
According to the method and the device, whether the first device is successful in network access or not is determined by sending the network distribution ciphertext to the background device or not according to the first device, whether the first device is successful in network access or not can be rapidly and effectively determined, follow-up operation corresponding to the first device is conveniently executed by the first device, or follow-up functions corresponding to the first device are achieved.
As an optional solution, the determining whether the first device is successful in network access according to whether the first device sends the network configuration ciphertext to the background device, includes: sending a network access query request to the background equipment, wherein the network access query request comprises the equipment identifier and the distribution network ciphertext; acquiring target network access information sent by the background equipment in response to the network access inquiry request; determining that the first equipment is successful in network access under the condition that the target network access information indicates that the first equipment sends the distribution network ciphertext to the background equipment; or determining that the first device is successful in network access under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device.
Alternatively, in this embodiment, the target networking information may include, but is not limited to, being represented in the form of an indication message, a device networking list, or the like.
For example, fig. 5 is a schematic diagram of another alternative device networking method according to an embodiment of the present invention, as shown in fig. 5, taking the form of an indication message for representing the target networking information as an example, after obtaining an indication message 502 for representing the success of the first device networking, determining that the first device networking is successful, where the indication message 502 may be displayed in a form including but not limited to text, voice, picture, and the like. In the case where the target networking information is represented by a device networking list, after the device networking list 504 is obtained, the device networking list may be queried to determine that the first device networking is successful, where the device networking list displays one or more first devices that have been successfully networked currently.
Optionally, in this embodiment, the method may include, but is not limited to, determining that the first device is successful in network access after the background device receives the first device sending the network allocation ciphertext, or may include, but is not limited to, determining that the first device is successful in network access after the background device receives the first device sending the network allocation ciphertext, and the first device and the background device successfully implement connection, that is, the first device successfully joins in a network where the background device is located, for example, an internet of things where the background device is located, that is, determining that the first device is successful in network access.
Optionally, in this embodiment, the network access query request may include, but is not limited to, sending the network access query request to the background device by using a polling method, or may include, but is not limited to, sending the network access query request to a preset time node, and may include, but is not limited to, sending the network access query request in response to an interaction of a network access query.
The above is merely an example, and the present embodiment is not limited in any way.
According to the method, a network access inquiry request is sent to background equipment, wherein the network access inquiry request comprises equipment identification and a network allocation ciphertext, target network access information sent by the background equipment in response to the network access inquiry request is obtained, and the first equipment is determined to be successful in network access under the condition that the target network access information indicates that the first equipment sends the network allocation ciphertext to the background equipment; or under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device, determining that the first device is successful in network access can realize fast determination of whether the first device completes network access operation so as to facilitate the first device to execute subsequent operations corresponding to the first device or realize subsequent functions corresponding to the first device.
As an optional solution, the determining whether the first device is successful in network access according to whether the first device sends the network configuration ciphertext to the background device, includes: acquiring target network access information actively transmitted by the background equipment; determining that the first equipment is successful in network access under the condition that the target network access information indicates that the first equipment sends the distribution network ciphertext to the background equipment; or determining that the first device is successful in network access under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device.
Optionally, in this embodiment, the method may include, but is not limited to, determining that the first device is successful in network access after the background device receives the configuration ciphertext sent by the first device, and actively sending the target network access information, and may also include, but is not limited to, receiving, by the background device, that the first device sends the configuration ciphertext, and that the first device and the background device successfully implement connection, that is, the first device successfully joins the network where the background device is located, for example, the internet of things where the background device is located, that is, determining that the first device is successful in network access, and actively sending the target network access information.
Optionally, in this embodiment, the target network access information may include, but is not limited to, sending by using a periodic sending manner, and may also include, but is not limited to, sending, by the background device, the target network access information by using a preset time node.
The above is merely an example, and the present embodiment is not limited in any way.
Through the embodiment, target networking information actively sent by background equipment is acquired; under the condition that the target network access information indicates that the first equipment sends a network distribution ciphertext to the background equipment, determining that the first equipment is successful in network access; or under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device, determining that the first device is successful in network access can realize fast determination of whether the first device completes network access operation so as to facilitate the first device to execute subsequent operations corresponding to the first device or realize subsequent functions corresponding to the first device.
As an optional solution, the sending the device identifier and the plain text of the distribution network to the background device includes: generating a random character string with a preset length; and sending the equipment identifier and the distribution network plaintext to the background equipment, wherein the distribution network plaintext comprises the random character strings and the network access passwords which are sequentially arranged.
Alternatively, in this embodiment, the random string may include, but is not limited to, a random string generated by a system or an application for executing the device access method, and the specification of the random string may include, but is not limited to, presetting by a staff member, for example, configuring the length to be 6, or configuring the length to be 12, so as to practically avoid device access collision due to the same random string, and the generation manner of the random string may include, but is not limited to, dynamic generation by the application, so as to prevent replay attack, that is, by ensuring that, even for the same device, the distribution network plaintext/ciphertext generated by each device access is different for a period of time.
In addition, the preset length of the random string may be configured to be greater than 0 and less than the first length, for example, for smartconfig, since the implementation of a part of smartconfig has a length limitation on the transmitted information, by setting the random string with the preset length less than the first length, the compatibility of the existing smartconfig is prevented from being affected, and the technical effects of improving the security of device network access and optimizing the efficiency of device network access are achieved.
Optionally, in this embodiment, the sequentially arranged random string and the access password may include, but are not limited to, putting the random string in a front row, and after putting the access password in the random string, performing an offset according to a length of the random string in a decryption process, and decrypting the access password in the public key text.
The above is merely an example, and the present embodiment is not limited in any way.
According to the embodiment, the equipment identifier and the distribution network plaintext are sent to the background equipment, wherein the distribution network plaintext comprises random character strings and network access passwords which are sequentially arranged, and the random character strings in the distribution network plaintext have random differences, so that the dynamic random distribution network ciphertext can be generated without a complex asymmetric encryption mechanism, and the technical effect of preventing replay attack is achieved.
As an optional solution, the sending the network identifier and the distribution network ciphertext to the first device includes: establishing connection with the wireless hotspot established by the first device, and sending the network identifier and the distribution network ciphertext to the first device through the established connection; or alternatively
And encoding the network identifier and the distribution network ciphertext to obtain a target message to be transmitted, and sending the target message in a broadcast or multicast mode, wherein the first device is used for obtaining the target message and decoding the target message to obtain the network identifier and the distribution network ciphertext.
Optionally, in this embodiment, a connection is established with a wireless hotspot created by the first device, and the network identifier and the distribution network ciphertext are sent to the first device through the established connection, which may be implemented by, but not limited to, a softAP method, a WiFi hotspot is created by the first device, an application is connected to the hotspot created by the first device, and an SSID of the target wireless network and the distribution network ciphertext are sent to the first device through TCP/UDP communication.
Optionally, in this embodiment, the network identifier and the distribution network ciphertext are encoded to obtain a target packet to be transmitted, and the target packet is sent in a broadcast or multicast manner, which may include, but is not limited to, implementation by a SmartConfig shortcut distribution network, where an application encodes an SSID and a distribution network ciphertext of a target wireless network in a packet length or a multicast address, and sends the SSID and the distribution network ciphertext by using a UDP broadcast packet or a multicast packet, and the first device enters a hybrid mode, grabs an air interface packet, and parses the SSID and the distribution network ciphertext from the packet according to a default encoding manner.
The above is merely an example, and the present embodiment is not limited in any way.
According to an aspect of the embodiment of the present invention, there is further provided another method for device network access, optionally, in this embodiment, the method for device network access may further include, but is not limited to, the following steps:
s1, acquiring a network identifier of a target wireless network and a distribution network ciphertext transmitted by a second device on a first device to be connected, wherein the distribution network ciphertext is obtained by encrypting a distribution network plaintext by using a target encryption key by a background device, the distribution network plaintext comprises a network access password of the target wireless network, and the target encryption key has a corresponding relation with the device identifier of the first device;
s2, decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key on the first device to obtain the distribution network plaintext;
s3, accessing the target wireless network on the first equipment by using the network identifier and the network access password in the distribution network text;
and S4, connecting the background equipment on the first equipment after the target wireless network is accessed, and sending the distribution network ciphertext to the background equipment.
Optionally, in this embodiment, the method for accessing the network by using the device may include, but is not limited to, applying an internet of things network architecture as shown in fig. 6, where an execution subject is an internet of things device 602, where the network architecture further includes an intelligent terminal device 604 as the second device, and an internet of things background 606 as the background device, which further explains the method for accessing the network by using the device as an example:
s1, acquiring a network identifier and a network distribution ciphertext of a target wireless network sent by intelligent terminal equipment 604 on Internet of things equipment 602 to be networked;
s2, decrypting the distribution network ciphertext on the Internet of things device 602 by using a target decryption key corresponding to the target encryption key to obtain a distribution network plaintext;
s3, accessing a target wireless network on the Internet of things device 602 by using the network identifier and the network access password in the network allocation plaintext;
s4, after the target wireless network is accessed, the Internet of things background 606 is connected to the Internet of things device 602, and the distribution network ciphertext is sent to the Internet of things background 606.
Optionally, in this embodiment, the first device may include, but is not limited to, an internet of things device having a WiFi connection function but not having a man-machine interface, including an intelligent lamp, an intelligent socket, an intelligent sound box, an intelligent curtain, an intelligent door lock, an intelligent toothbrush, an intelligent water purifier, an intelligent shower, an intelligent home theater, an intelligent television, an intelligent projector, an intelligent running machine, an intelligent watch, an intelligent sweeping robot, an intelligent wearing and taking device, an intelligent wardrobe, an intelligent washing machine, a cargo transportation tool such as an automobile with an intelligent computer, and any other intelligent device needing to be added to the target wireless network.
Optionally, in this embodiment, the second device may include, but is not limited to, an intelligent terminal device that has a man-machine interface and stores a network identifier and a network configuration ciphertext of the target wireless network, for example, a mobile phone (such as an Android mobile phone, an iOS mobile phone, etc.), a notebook computer, a tablet computer, a palm computer, an MID (Mobile Internet Devices, a mobile internet device), a PAD, a desktop computer, a smart television, etc.
Optionally, in this embodiment, the target wireless network may include, but is not limited to, a WIFI network, a bluetooth network, and the like, taking the target wireless network as the WIFI network as an example, the network identifier may include, but is not limited to, a service set identifier SSID, and the access password may include, but is not limited to, a password PWD (password) corresponding to the SSID.
Optionally, in this embodiment, the distribution network plaintext may include, but is not limited to, the network access password, and may also include, but is not limited to, a combination of the network access password and a network identifier.
Alternatively, in the present embodiment, the background device may include, but is not limited to, a server, a terminal, and the like, and may also include, but is not limited to, a cloud server, a cloud terminal, and the like.
Optionally, in this embodiment, the target decryption key is generated by a preset decryption algorithm, and may include, for example, a decryption method corresponding to an encryption method such as 3DES, AES, DESX, blowfish, RC, RC5, RC6, or a combination of the plurality of encryption methods and other encryption methods.
The above is merely an example, and the present embodiment is not limited in any way.
Alternatively, in this embodiment, the target decryption key corresponds to the target encryption key, in other words, ciphertext encrypted by the target encryption key can be decrypted by the target decryption key.
Optionally, in this embodiment, the connecting the background device may include, but is not limited to, joining the internet of things where the background device is located after accessing the target wireless network, and may also include, but is not limited to, binding with the corresponding account while or after joining the internet of things where the background device is located.
The specific process may include, but is not limited to, logging in, by the second device, an application for sending a network identifier and a network configuration ciphertext through a first account, where the first account is an account registered in the background device or a server where the background device is located.
After the second device determines the first device to be networked, the first device performs the following steps:
s1, acquiring a network identifier and a distribution network ciphertext of the target wireless network sent by second equipment;
s2, decrypting the distribution network ciphertext on the first device by using a target decryption key corresponding to the target encryption key to obtain a distribution network plaintext;
s3, accessing a target wireless network on the first equipment by using the network identifier and the network access password in the network distribution plaintext;
and S4, connecting the background equipment on the first equipment after the target wireless network is accessed, and sending the distribution network ciphertext to the background equipment.
The above is merely an example, and the present embodiment is not limited in any way.
According to the embodiment, a network identifier and a distribution network ciphertext of a target wireless network sent by a second device are acquired on a first device to be connected to the network, and the distribution network ciphertext is decrypted on the first device by using a target decryption key corresponding to a target encryption key to obtain a distribution network plaintext; accessing a target wireless network on the first device by using a network identifier and a network access password in a distribution network plaintext; after the target wireless network is accessed, the background equipment is connected to the first equipment, and the distribution ciphertext is sent to the background equipment, the first equipment decrypts the distribution ciphertext obtained by encrypting the key corresponding to the equipment identifier of the first equipment according to the target decryption key to obtain the corresponding network identifier and the network access password, and then the background equipment is connected, so that the aim of encrypting the equipment through the intelligent terminal in the related technology is replaced, the safety of the equipment access network is improved, the network access efficiency of the equipment is optimized, the network access process of the equipment can be closed, compared with the scheme of encrypting and verifying by using a token and the like, the technical effects of lower network access cost and higher success rate are achieved, and the technical problem of poor safety protection of the equipment access network in the related technology is solved.
As an alternative, the accessing, on the first device, the target wireless network using the network identifier and the access password in the distribution network context includes: determining characters in the distribution network plaintext after skipping a preset length as the network access password on the first device, wherein the distribution network plaintext comprises a random character string and the network access password which are sequentially arranged, and the random character string is a random character string with the preset length generated by the second device; the target wireless network is accessed on the first device using the network identification and the access password.
Alternatively, in this embodiment, the random string may include, but is not limited to, a random string generated by the second device, and the specification of the random string may include, but is not limited to, a preset by a worker, or a flexible configuration according to parameters of the target wireless network.
The above flexible configuration according to the parameters of the target wireless network may include, but is not limited to, the following examples:
s1, acquiring the number of first devices connected with a target wireless network;
s2, configuring the length of the random character string to be longer when the number of the first devices is larger than a preset threshold value, configuring the preset length to be shorter when the number of the first devices is smaller than the preset threshold value, for example, configuring the preset length to be 6 when 3 devices which do not realize network access exist in the target wireless network, and configuring the preset length to be 12 when 30 devices which do not realize network access exist in the target wireless network, so that different random character strings corresponding to different devices are realized, and avoiding network access conflicts of the devices due to the fact that the random character strings are identical;
And S3, generating the distribution network plaintext according to the random character string, for example, configuring the distribution network plaintext as (the random character string and the network access password of the target wireless network).
Alternatively, in this embodiment, the random string may include, but is not limited to, storing after use, and in the next process of device access, by querying the random string used last time, regenerating the random string that is not repeated if the new random string is the same as the previous random string.
Optionally, in this embodiment, the generation manner of the random string may include, but is not limited to, dynamic generation by the second device, so as to prevent replay attack, thereby achieving the technical effects of improving the security of device network access and optimizing the efficiency of device network access.
The above is merely an example, and the present embodiment is not limited in any way.
According to the embodiment, characters which are skipped by a preset length in the distribution network plaintext are determined to be the network access passwords on the first equipment, and the network identification and the network access passwords are used on the first equipment to access the target wireless network.
As an optional solution, the obtaining, on the first device to be network-accessed, the network identifier and the distribution network ciphertext of the target wireless network sent by the second device includes: creating a wireless hotspot on the first device; under the condition that the second equipment establishes connection with the wireless hotspot created by the first equipment, acquiring the network identifier and the distribution network ciphertext sent by the second equipment on the first equipment through the established connection; or acquiring a target message sent by the second device in a broadcast or multicast mode on the first device, wherein the target message is a message to be transmitted obtained by encoding the network identifier and the distribution network ciphertext by the second device; and decoding the network identifier and the distribution network ciphertext from the target message on the first equipment.
Optionally, in this embodiment, a wireless hotspot is created on the first device; under the condition that the second device establishes connection with the wireless hotspot established by the first device, acquiring the network identifier and the distribution network ciphertext sent by the second device on the first device through the established connection can be realized in a mode of, but is not limited to, softAP, establishing a WiFi hotspot by the first device, connecting the second device with the hotspot established by the first device, and sending the SSID and the distribution network ciphertext of the target wireless network to the first device through TCP/UDP communication.
Optionally, in this embodiment, a second device obtains, on a first device, a target packet sent by the second device in a broadcast or multicast manner, where the target packet is a packet to be transmitted obtained by encoding, by the second device, a network identifier and a network configuration ciphertext; decoding the target message to obtain a network identifier and a distribution network ciphertext on the first device, realizing the network identifier and the distribution network ciphertext by a SmartConfig shortcut distribution network mode, encoding the SSID and the distribution network ciphertext of the target wireless network by the second device by a message length or a multicast address, sending out by using a UDP broadcast packet or a multicast packet, entering a hybrid mode by the first device, grabbing an air interface message, and analyzing the SSID and the distribution network ciphertext from the message according to a contracted encoding mode.
The above is merely an example, and the present embodiment is not limited in any way.
As an alternative to this, it is also possible,
the connecting the background device on the first device includes: the first device is connected with the background device through a preset internet of things protocol;
the sending the distribution network ciphertext to the background device includes: transmitting authentication information to the background device on the first device, wherein the authentication information comprises the device identification and an authentication key of the first device; and under the condition that the background equipment determines that the first equipment passes the verification according to the verification information, the distribution network ciphertext is sent to the background equipment.
Optionally, in this embodiment, the above connection of the background device to the first device may include, but is not limited to, connection of the background device to the first device through a preset internet of things protocol.
For example, taking the first device as an internet of things device as an example, after the internet of things device is successfully connected to the target wireless network, connecting the internet of things (background device) through a secure internet of things protocol such as MQTT (Message Queuing Telemetry Transport, message queue telemetry transport protocol), completing identity authentication based on a device identifier and a device key, and reporting a distribution network ciphertext, wherein the identity authentication can be determined through verification information including, but not limited to, the device identifier and the verification key, and determining that the first device passes verification when the identity authentication passes, and determining that the first device fails verification when the identity authentication fails.
Through the embodiment, a wireless hotspot is created on the first device; under the condition that the second equipment establishes connection with the wireless hot spot created by the first equipment, acquiring a network identifier and a distribution network ciphertext which are sent by the second equipment on the first equipment through the established connection; or acquiring a second device on the first device to send a target message in a broadcast or multicast mode, wherein the target message is a message to be transmitted obtained by encoding a network identifier and a distribution network ciphertext by the second device; and decoding the target message on the first equipment to obtain a network identifier and a distribution network ciphertext so as to realize verification of the first equipment, and completing connection of the first equipment with the background equipment and accessing the Internet of things network where the background equipment is located.
According to an aspect of the embodiment of the present invention, there is further provided a method for accessing a device, optionally, in this embodiment, the method for accessing a device may further include, but is not limited to, the following steps:
s1, acquiring a device identifier of a first device and a network distribution plaintext sent by a second device on background equipment, wherein the first device is to-be-network-connected device, and the network distribution plaintext comprises a network access password of a target wireless network;
s2, encrypting the distribution network plaintext by using a target encryption key on background equipment to obtain a distribution network ciphertext, wherein the target encryption key has a corresponding relation with an equipment identifier;
s3, sending the distribution network ciphertext to the second device on the background device;
and S4, under the condition that the first equipment uses the network identifier of the target wireless network and the network access password in the distribution network plaintext to access the target wireless network, connection is established between the first equipment and the background equipment, and the distribution network ciphertext sent by the first equipment is obtained.
Optionally, in this embodiment, the method for network access of devices may include, but is not limited to, application to an internet of things network architecture as shown in fig. 7, where an execution body is an internet of things background (background device) 702, the network architecture further includes an intelligent terminal device 704 as the second device, and an internet of things device 706 as the first device, which is used for further explaining the method for network access of devices.
S1, acquiring an equipment identifier of an Internet of things device and a network distribution plaintext sent by an intelligent terminal device 704 on an Internet of things background 702, wherein the Internet of things device is to-be-network-connected equipment, and the network distribution plaintext comprises a network access password of a target wireless network;
s2, encrypting a distribution network plaintext by using a target encryption key on the Internet of things background 702 to obtain a distribution network ciphertext, wherein the target encryption key has a corresponding relationship with a device identifier;
s3, sending the distribution network ciphertext to the intelligent terminal equipment 704 on the Internet of things background 702;
s4, under the condition that the Internet of things device 706 uses the network identifier of the target wireless network and the network access password in the network distribution plaintext to access the target wireless network, connection is established between the Internet of things device 706 and the Internet of things background 702, and the network distribution ciphertext sent by the Internet of things device 706 is obtained.
Optionally, in this embodiment, the first device may include, but is not limited to, an internet of things device having a WiFi connection function but not having a man-machine interface, including an intelligent lamp, an intelligent socket, an intelligent sound box, an intelligent curtain, an intelligent door lock, an intelligent toothbrush, an intelligent water purifier, an intelligent shower, an intelligent home theater, an intelligent television, an intelligent projector, an intelligent running machine, an intelligent watch, an intelligent sweeping robot, an intelligent wearing and taking device, an intelligent wardrobe, an intelligent washing machine, a cargo transportation tool such as an automobile with an intelligent computer, and any other intelligent device needing to be added to the target wireless network.
Optionally, in this embodiment, the second device may include, but is not limited to, an intelligent terminal device that has a man-machine interface and stores a network identifier and a network configuration ciphertext of the target wireless network, for example, a mobile phone (such as an Android mobile phone, an iOS mobile phone, etc.), a notebook computer, a tablet computer, a palm computer, an MID (Mobile Internet Devices, a mobile internet device), a PAD, a desktop computer, a smart television, etc.
Optionally, in this embodiment, the target wireless network may include, but is not limited to, a WIFI network, a bluetooth network, and the like, taking the target wireless network as the WIFI network as an example, the network identifier may include, but is not limited to, a service set identifier SSID, and the access password may include, but is not limited to, a password PWD (password) corresponding to the SSID.
Optionally, in this embodiment, the distribution network plaintext may include, but is not limited to, the network access password, and may also include, but is not limited to, a combination of the network access password and a network identifier.
Alternatively, in the present embodiment, the background device may include, but is not limited to, a server, a terminal, and the like, and may also include, but is not limited to, a cloud server, a cloud terminal, and the like.
Alternatively, in this embodiment, the target encryption key is generated by a preset encryption algorithm, and may include, for example, encryption modes such as 3DES, AES, DESX, blowfish, RC, RC5, RC6, etc., or a combination of the multiple encryption modes and other encryption modes.
The above is merely an example, and the present embodiment is not limited in any way.
Optionally, in this embodiment, the above-mentioned obtaining, on the background device, the device identifier of the first device and the configuration network plaintext sent by the second device may include, but is not limited to, implementation of the second device in response to a touch operation obtained in an application for executing the device networking method.
Optionally, in this embodiment, the target encryption key is determined according to the correspondence between the device identifier and the encryption key, the distribution network plaintext sent by the second device is encrypted by using the target encryption key, the distribution network ciphertext is sent to the second device, the second device forwards the distribution network ciphertext to the first device, the first device joins the target wireless network, and after determining that the first device has joined the target wireless network, a connection is established with the first device on the background device.
According to the method, a device identifier and a distribution network plaintext of a first device sent by a second device are obtained on a background device, the distribution network plaintext is encrypted on the background device by using a target encryption key to obtain a distribution network ciphertext, when the first device is connected with the first device by using a network identifier of a target wireless network and a network access password in the distribution network plaintext, connection is established on the background device and the first device, a mode of the distribution network ciphertext sent by the first device is obtained, the background device determines a target encryption key according to the device identifier and the distribution network plaintext sent by the second device, encrypts the distribution network plaintext based on the target encryption key to obtain the distribution network ciphertext, the distribution network ciphertext is sent to the second device, the second device is sent to the first device through the second device, the first device is added into the target wireless network, and after the first device is added into the target wireless network, corresponding connection is established with the first device. The method and the device achieve the aim of encrypting through the intelligent terminal in the related technology, thereby improving the safety of equipment access to the network, optimizing the network access efficiency of the equipment, enabling the network access flow of the equipment to realize closed loop, and compared with the scheme of encrypting and verifying by using a token and other modes, the method and the device have the technical effects of lower network access cost and higher success rate, and further solve the technical problem of poor safety protection of the equipment access to the network in the related technology.
As an alternative, the method further comprises: and sending target networking information to the second device on the background device, wherein the target networking information is used for indicating whether the background device acquires the distribution network ciphertext sent by the first device.
Alternatively, in this embodiment, the above-mentioned target networking information may be implemented by means of an indication message or a device networking list, but is not limited to this.
Alternatively, in this embodiment, the target network access information is sent to the second device on the background device, and may be sent actively by the background device or sent to the second device after receiving the query request of the second device.
As an optional solution, the sending, at the background device, the target network access information to the second device includes:
acquiring a network access query request sent by the second device on the background device, wherein the network access query request comprises the device identifier and the distribution network ciphertext; determining whether the background equipment acquires the distribution network ciphertext transmitted by the first equipment according to the equipment identifier and the distribution network ciphertext; transmitting the target network access information to the second device on the background device under the condition that the background device acquires the network distribution ciphertext transmitted by the first device, wherein the target network access information is used for indicating that the background device acquires the network distribution ciphertext transmitted by the first device; or alternatively
And under the condition that the background equipment acquires the distribution network ciphertext transmitted by the first equipment, actively transmitting the target network access information to the second equipment on the background equipment, wherein the target network access information is used for indicating that the background equipment acquires the distribution network ciphertext transmitted by the first equipment.
Optionally, in this embodiment, the method may include, but is not limited to, determining that the first device is successful in network access after the background device receives the first device sending the network allocation ciphertext, or may include, but is not limited to, determining that the first device is successful in network access after the background device receives the first device sending the network allocation ciphertext, and the first device and the background device successfully implement connection, that is, the first device successfully joins in a network where the background device is located, for example, an internet of things where the background device is located, that is, determining that the first device is successful in network access.
As an optional solution, when it is determined that the background device obtains the network configuration ciphertext sent by the first device, sending, by the background device, the target network access information to the second device, where the method includes:
and under the condition that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment, sending target network access information to the second equipment on the background equipment, wherein the target network access information is used for indicating that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment.
As an optional solution, when the background device obtains the network configuration ciphertext sent by the first device, the method actively sends, on the background device, the target network access information to the second device includes:
and under the condition that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment, the background equipment actively sends the target network access information to the second equipment, wherein the target network access information is used for indicating that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment.
As an alternative, the method further comprises:
recording the connection setup time on the background device in case the connection is established with the first device on the background device;
and under the condition that the establishment time is recorded on the background equipment, determining that the background equipment establishes the connection with the first equipment.
Alternatively, in this embodiment, the time of establishment may include, but is not limited to, time information established between the background device and the first device, where the time information may be stored in the background device, or may include, but is not limited to, stored in the first device, and then sent to the background device through the first device.
Alternatively, in this embodiment, the method may include, but is not limited to, configuring corresponding time synchronization devices for the first device and the background device, and ensuring that the recorded time information is accurate.
Optionally, in this embodiment, the method may further include, but is not limited to, obtaining time information of connection establishment between the first device and the background device, so as to determine a time length spent in the connection establishment process, comparing the time length spent in the connection establishment process with the time length spent in the connection establishment process by means of a preset time length threshold, and determining that the background device is not connected to the first device when the time length spent in the connection establishment process exceeds the preset time length threshold, and determining that the background device is connected to the first device when the time length spent in the connection establishment process does not exceed the preset time length threshold.
The invention is further illustrated by the following examples:
according to the technical scheme, the network distribution method based on the Internet of things realizes safe and efficient network distribution and binding methods of the Internet of things equipment through interaction of intelligent terminal application, the Internet of things equipment and the Internet of things background, and fig. 8 is a flow chart of an optional equipment network access method according to an embodiment of the invention, as shown in fig. 8, wherein the intelligent terminal application is the second equipment, the Internet of things equipment is the first equipment, and the Internet of things background is the background equipment, and the method comprises the following detailed steps:
S802, a user opens an intelligent terminal application (applet or app), logs in and enters a distribution network mode;
s804, the user sets the Internet of things equipment to enter a distribution network mode;
s806, in the intelligent terminal application, a user acquires the equipment ID (such as the equipment serial number) of the equipment of the Internet of things by scanning a two-dimensional code or manually inputting the equipment ID (such as the equipment serial number) and inputs the SSID and the Password of the target WiFi network, the intelligent terminal application generates a random character string Nonce with a fixed length (such as 6 bytes), and the equipment ID of the Internet of things and the Password of the target WiFi are reported to the background of the Internet of things through safe transmission such as HTTPS;
s808, the background of the Internet of things stores the IDs and key information of all legal Internet of things devices, a device key can be inquired through the device ID, encryption information conversion (such as AES encryption and base64 encoding) is carried out on plain text information of the distribution network based on the device key, a distribution network ciphertext is generated, and the distribution network ciphertext is sent to an intelligent terminal for application;
s810, the intelligent terminal application sends the SSID and the distribution network ciphertext of the WiFi to the Internet of things equipment, wherein the two modes comprise, but are not limited to:
softAP hot spot distribution network: the method comprises the steps that an Internet of things device creates a WiFi hotspot, an intelligent terminal is connected with the device hotspot, and an SSID (service set identifier) and a distribution network ciphertext of a target WiFi are sent to the device through TCP/UDP (Transmission control protocol/user datagram protocol) communication;
SmartConfig shortcut distribution network: the intelligent terminal application encodes the SSID of the target WiFi and the distribution network ciphertext in a message length or a multicast address, and sends out the SSID and the distribution network ciphertext by using a UDP broadcast packet or a multicast packet, the Internet of things equipment enters a hybrid mode, captures an air interface message, and analyzes the SSID and the distribution network ciphertext from the message according to a contracted encoding mode;
s812, after receiving the distribution network ciphertext, the Internet of things equipment decrypts the distribution network ciphertext by using a pre-stored equipment key according to a stipulated mode, and obtains a Password of the target WiFi from the decrypted distribution network plaintext according to fixed-length offset;
s814, connecting the Internet of things equipment with the target WiFi, connecting the Internet of things background through a safe Internet of things protocol such as MQTT, completing identity authentication based on the equipment ID and the equipment key, and reporting a distribution network ciphertext;
s816, after receiving equipment connection and verifying equipment identity, the background of the Internet of things records time of successful equipment connection and reported distribution network ciphertext;
s818, the intelligent terminal uses the equipment ID and the distribution network ciphertext as parameters to poll the background of the Internet of things;
s820, comparing the ID of the equipment with the distribution network ciphertext by the background of the Internet of things, if the target Internet of things equipment has the Internet and reports the record of the distribution network ciphertext in a specified time, indicating that the information is closed-loop, successfully distributing and binding the equipment, and returning a result to the intelligent terminal;
S822, the intelligent terminal application prompts the operation result, and the network allocation and equipment binding procedure is finished.
Through the embodiment, the user WiFi Password is safely and effectively protected in the network distribution process, sensitive information of the user WiFi is prevented from being eavesdropped or leaked, safety is improved, the steps of equipment network distribution and equipment binding are combined into one, interaction steps can be reduced, efficiency and success rate are improved, the existing software AP and SmartConfig network distribution protocol can be compatible, the bottom protocol is not required to be changed, and the method is easy to popularize.
In addition, if the Internet of things equipment has Bluetooth and WiFi capabilities, wiFi network configuration and binding can be carried out by virtue of Bluetooth, and the SSID and the Password of WiFi are transmitted based on a Bluetooth communication security mechanism, so that the existing softAP and SmartConfig network configuration protocol are prevented from being used, the underlying protocol is not required to be changed, and the Internet of things equipment is easy to popularize.
It should be noted that, for simplicity of description, the foregoing method embodiments are all described as a series of acts, but it should be understood by those skilled in the art that the present invention is not limited by the order of acts described, as some steps may be performed in other orders or concurrently in accordance with the present invention. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily required for the present invention.
According to another aspect of the embodiment of the invention, a device networking device for implementing the device networking method is also provided. As shown in fig. 9, the apparatus includes:
a first obtaining module 902, configured to obtain a device identifier of a first device to be networked, a network identifier of a target wireless network, and a networking password;
a first sending module 904, configured to send the device identifier and a distribution network plaintext to a background device, where the distribution network plaintext includes the network access password;
a second obtaining module 906, configured to obtain a distribution network ciphertext sent by the background device, where the distribution network ciphertext is a ciphertext obtained by encrypting the distribution network plaintext with a target encryption key, and the target encryption key has a corresponding relationship with the device identifier;
and a second sending module 908, configured to send the network identifier and the distribution network ciphertext to the first device, where the first device is configured to decrypt the distribution network ciphertext using a target decryption key corresponding to the target encryption key to obtain the distribution network plaintext, access the target wireless network using the network identifier and the network access password in the distribution network plaintext, and connect the background device after accessing the target wireless network, and send the distribution network ciphertext to the background device.
The device is also for: after the distribution network ciphertext is sent to the first device, whether the first device is successful in network access is determined according to whether the first device sends the distribution network ciphertext to the background device.
As an optional solution, the apparatus is further configured to determine whether the first device is successful in network access according to whether the first device sends the configuration network ciphertext to the background device by: sending a network access query request to the background equipment, wherein the network access query request comprises the equipment identifier and the distribution network ciphertext; acquiring target network access information sent by the background equipment in response to the network access inquiry request; determining that the first equipment is successful in network access under the condition that the target network access information indicates that the first equipment sends the distribution network ciphertext to the background equipment; or determining that the first device is successful in network access under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device.
As an optional solution, the apparatus is further configured to determine whether the first device is successful in network access according to whether the first device sends the configuration network ciphertext to the background device by: acquiring target network access information actively transmitted by the background equipment; determining that the first equipment is successful in network access under the condition that the target network access information indicates that the first equipment sends the distribution network ciphertext to the background equipment; or determining that the first device is successful in network access under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device.
As an alternative, the apparatus is further configured to send the device identifier and the plain text of the distribution network to a background device in the following manner: generating a random character string with a preset length; and sending the equipment identifier and the distribution network plaintext to the background equipment, wherein the distribution network plaintext comprises the random character strings and the network access passwords which are sequentially arranged.
As an alternative, the apparatus is further configured to send the network identifier and the distribution network ciphertext to the first device by: establishing connection with the wireless hotspot established by the first device, and sending the network identifier and the distribution network ciphertext to the first device through the established connection; or encoding the network identifier and the distribution network ciphertext to obtain a target message to be transmitted, and sending the target message in a broadcast or multicast mode, wherein the first device is used for obtaining the target message, and decoding the target message to obtain the network identifier and the distribution network ciphertext.
According to another aspect of the embodiment of the present invention, there is also provided another device for implementing the above device network access method, where the device includes:
A third obtaining module, configured to obtain, on a first device to be network-connected, a network identifier of a target wireless network and a network distribution ciphertext that are sent by a second device, where the network distribution ciphertext is a ciphertext obtained by encrypting a network distribution plaintext by using a target encryption key by a background device, where the network distribution plaintext includes a network-connected password of the target wireless network, and the target encryption key has a corresponding relationship with the device identifier of the first device;
the decryption module is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key on the first device to obtain the distribution network plaintext;
an access module, configured to access, on the first device, the target wireless network using the network identifier and the access password in the distribution network context;
and the connection module is used for connecting the background equipment to the first equipment after the target wireless network is accessed, and sending the distribution network ciphertext to the background equipment.
As an alternative, the apparatus is further configured to access the target wireless network on the first device using the network identifier and the access password in the distribution network context by: determining characters in the distribution network plaintext after skipping a preset length as the network access password on the first device, wherein the distribution network plaintext comprises a random character string and the network access password which are sequentially arranged, and the random character string is a random character string with the preset length generated by the second device; the target wireless network is accessed on the first device using the network identification and the access password.
As an optional solution, the apparatus is further configured to obtain, on a first device to be network-connected, a network identifier and a network configuration ciphertext of a target wireless network sent by a second device, by: creating a wireless hotspot on the first device; under the condition that the second equipment establishes connection with the wireless hotspot created by the first equipment, acquiring the network identifier and the distribution network ciphertext sent by the second equipment on the first equipment through the established connection; or acquiring a target message sent by the second device in a broadcast or multicast mode on the first device, wherein the target message is a message to be transmitted obtained by encoding the network identifier and the distribution network ciphertext by the second device; and decoding the network identifier and the distribution network ciphertext from the target message on the first equipment.
As an alternative, the apparatus is further configured to connect the background device to the first device by: the first device is connected with the background device through a preset internet of things protocol; the device is further configured to send the distribution network ciphertext to the background device by: transmitting authentication information to the background device on the first device, wherein the authentication information comprises the device identification and an authentication key of the first device; and under the condition that the background equipment determines that the first equipment passes the verification according to the verification information, the distribution network ciphertext is sent to the background equipment.
According to another aspect of the embodiment of the present invention, there is also provided a device networking apparatus for implementing the device networking method, where the apparatus includes:
a fourth obtaining module, configured to obtain, on a background device, a device identifier of a first device and a network configuration plaintext, where the first device is a device to be network-connected, and the network configuration plaintext includes a network-connected password of a target wireless network;
the encryption module is used for encrypting the distribution network plaintext by using a target encryption key on the background equipment to obtain a distribution network ciphertext, wherein the target encryption key has a corresponding relation with the equipment identifier;
the third sending module is used for sending the distribution network ciphertext to the second device on the background device;
and the processing module is used for establishing connection with the first equipment on the background equipment and acquiring the distribution network ciphertext sent by the first equipment under the condition that the first equipment uses the network identifier of the target wireless network and the network access password in the distribution network plaintext to access the target wireless network.
As an alternative, the device is further configured to:
And sending target networking information to the second device on the background device, wherein the target networking information is used for indicating whether the background device acquires the distribution network ciphertext sent by the first device.
As an alternative, the apparatus is further configured to send, on the background device, target network access information to the second device by: acquiring a network access query request sent by the second device on the background device, wherein the network access query request comprises the device identifier and the distribution network ciphertext; determining whether the background equipment acquires the distribution network ciphertext transmitted by the first equipment according to the equipment identifier and the distribution network ciphertext; transmitting the target network access information to the second device on the background device under the condition that the background device acquires the network distribution ciphertext transmitted by the first device, wherein the target network access information is used for indicating that the background device acquires the network distribution ciphertext transmitted by the first device; or if the background equipment acquires the distribution network ciphertext transmitted by the first equipment, actively transmitting the target network access information to the second equipment on the background equipment, wherein the target network access information is used for indicating that the background equipment acquires the distribution network ciphertext transmitted by the first equipment.
As an optional solution, the apparatus is further configured to send, on the background device, the target network access information to the second device, where it is determined that the background device obtains the network configuration ciphertext sent by the first device: and under the condition that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment, sending target network access information to the second equipment on the background equipment, wherein the target network access information is used for indicating that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment.
As an optional solution, the apparatus is further configured to actively send, on the background device, the target network access information to the second device when the background device obtains the network allocation ciphertext sent by the first device, by: and under the condition that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment, the background equipment actively sends the target network access information to the second equipment, wherein the target network access information is used for indicating that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment.
As an alternative, the device is further configured to:
recording the connection setup time on the background device in case the connection is established with the first device on the background device;
and under the condition that the establishment time is recorded on the background equipment, determining that the background equipment establishes the connection with the first equipment.
According to still another aspect of the embodiment of the present invention, there is further provided an electronic device for implementing the above device network access method, where the electronic device may be a terminal device or a server as shown in fig. 1. The present embodiment is described taking the electronic device as an example. As shown in fig. 10, the electronic device comprises a memory 1002 and a processor 1004, the memory 1002 having stored therein a computer program, the processor 1004 being arranged to perform the steps of any of the method embodiments described above by means of the computer program.
Alternatively, in this embodiment, the electronic device may be located in at least one network device of a plurality of network devices of the computer network.
Alternatively, in the present embodiment, the above-described processor may be configured to execute the following steps by a computer program:
S1, acquiring a device identifier of a first device to be accessed to a network, a network identifier of a target wireless network and an access password;
s2, transmitting the equipment identifier and the distribution network plaintext to background equipment, wherein the distribution network plaintext comprises a network access password;
s3, acquiring a distribution network ciphertext transmitted by the background equipment, wherein the distribution network ciphertext is obtained by encrypting the distribution network plaintext by using a target encryption key, and the target encryption key has a corresponding relationship with the equipment identifier;
and S4, sending the network identifier and the distribution network ciphertext to first equipment, wherein the first equipment is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key to obtain a distribution network plaintext, accessing the target wireless network by using the network identifier and the network access password in the distribution network plaintext, connecting background equipment after accessing the target wireless network, and sending the distribution network ciphertext to the background equipment.
Alternatively, as will be appreciated by those skilled in the art, the structure shown in fig. 10 is merely illustrative, and the electronic device may be a smart phone (such as an Android mobile phone, an iOS mobile phone, etc.), a tablet computer, a palmtop computer, a mobile internet device (Mobile Internet Devices, MID), a PAD, or other terminal devices. Fig. 10 is not limited to the structure of the electronic device and the electronic apparatus described above. For example, the electronics may also include more or fewer components (e.g., network interfaces, etc.) than shown in FIG. 10, or have a different configuration than shown in FIG. 10.
The memory 1002 may be configured to store software programs and modules, such as program instructions/modules corresponding to the device networking method and apparatus in the embodiment of the present invention, and the processor 1004 executes the software programs and modules stored in the memory 1002 to perform various functional applications and data processing, that is, implement the device networking method described above. The memory 1002 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, the memory 1002 may further include memory located remotely from the processor 1004, which may be connected to the terminal via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof. The memory 1002 may be used for storing information such as device information and device connection status, but is not limited to. As an example, as shown in fig. 10, the memory 1002 may include, but is not limited to, a first acquiring module 902, a first transmitting module 904, a second acquiring module 906, and a second transmitting module 908 in the device networking apparatus. In addition, other module units in the network access device may be included but not limited to the above device, which is not described in detail in this example.
Optionally, the transmission device 1006 is configured to receive or transmit data via a network. Specific examples of the network described above may include wired networks and wireless networks. In one example, the transmission means 1006 includes a network adapter (Network Interface Controller, NIC) that can be connected to other network devices and routers via a network cable to communicate with the internet or a local area network. In one example, the transmission device 1006 is a Radio Frequency (RF) module for communicating with the internet wirelessly.
In addition, the electronic device further includes: a display 1008 for displaying the device connection information; and a connection bus 1010 for connecting the respective module parts in the above-described electronic apparatus.
In other embodiments, the terminal device or the server may be a node in a distributed system, where the distributed system may be a blockchain system, and the blockchain system may be a distributed system formed by connecting the plurality of nodes through a network communication. Among them, the nodes may form a Peer-To-Peer (P2P) network, and any type of computing device, such as a server, a terminal, etc., may become a node in the blockchain system by joining the Peer-To-Peer network.
According to one aspect of the present application, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The computer instructions are read from a computer readable storage medium by a processor of a computer device, which executes the computer instructions, causing the computer device to perform a device networking method provided in various alternative implementations of the device networking aspect described above, wherein the computer program is configured to perform the steps of any of the method embodiments described above when run.
Alternatively, in the present embodiment, the above-described computer-readable storage medium may be configured to store a computer program for executing the steps of:
s1, acquiring a device identifier of a first device to be accessed to a network, a network identifier of a target wireless network and an access password;
s2, transmitting the equipment identifier and the distribution network plaintext to background equipment, wherein the distribution network plaintext comprises a network access password;
s3, acquiring a distribution network ciphertext transmitted by the background equipment, wherein the distribution network ciphertext is obtained by encrypting the distribution network plaintext by using a target encryption key, and the target encryption key has a corresponding relationship with the equipment identifier;
And S4, sending the network identifier and the distribution network ciphertext to first equipment, wherein the first equipment is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key to obtain a distribution network plaintext, accessing the target wireless network by using the network identifier and the network access password in the distribution network plaintext, connecting background equipment after accessing the target wireless network, and sending the distribution network ciphertext to the background equipment.
Alternatively, in this embodiment, it will be understood by those skilled in the art that all or part of the steps in the methods of the above embodiments may be performed by a program for instructing a terminal device to execute the steps, where the program may be stored in a computer readable storage medium, and the storage medium may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic or optical disk, and the like.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
The integrated units in the above embodiments may be stored in the above-described computer-readable storage medium if implemented in the form of software functional units and sold or used as separate products. Based on such understanding, the technical solution of the present invention may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing one or more computer devices (which may be personal computers, servers or network devices, etc.) to perform all or part of the steps of the method described in the embodiments of the present invention.
In the foregoing embodiments of the present invention, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In several embodiments provided in the present application, it should be understood that the disclosed client may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of the units, such as the division of the units, is merely a logical function division, and may be implemented in another manner, for example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The foregoing is merely a preferred embodiment of the present invention and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present invention, which are intended to be comprehended within the scope of the present invention.

Claims (13)

1. A method for accessing a network by a device, comprising:
acquiring a device identifier of a first device to be accessed to a network, a network identifier of a target wireless network and an access password;
transmitting the equipment identifier and the distribution network plaintext to background equipment, wherein the distribution network plaintext comprises the network access password;
acquiring a distribution network ciphertext transmitted by the background equipment, wherein the distribution network ciphertext is a ciphertext obtained by encrypting the distribution network plaintext by using a target encryption key, and the target encryption key has a corresponding relation with the equipment identifier;
The network identifier and the distribution network ciphertext are sent to the first device, wherein the first device is used for decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key to obtain the distribution network plaintext, characters in the distribution network plaintext after skipping a preset length are determined to be the network access passwords, the network identifier and the network access passwords in the distribution network plaintext are used for accessing the target wireless network, and after the network access is performed to the target wireless network, the background device is connected to send the distribution network ciphertext to the background device;
the step of sending the device identifier and the distribution network plaintext to background devices comprises the following steps: generating a random character string with the preset length; and sending the equipment identifier and the distribution network plaintext to the background equipment, wherein the distribution network plaintext comprises the random character strings and the network access passwords which are sequentially arranged, and the preset length is positively correlated with the number of the first equipment connected with the target wireless network.
2. The method of claim 1, wherein after sending the distribution network ciphertext to the first device, the method further comprises:
And determining whether the first equipment is successful in network access according to whether the first equipment sends the network distribution ciphertext to the background equipment.
3. The method of claim 2, wherein the determining whether the first device successfully accesses the network according to whether the first device sends the distribution network ciphertext to the background device comprises:
sending a network access query request to the background equipment, wherein the network access query request comprises the equipment identifier and the distribution network ciphertext;
acquiring target network access information sent by the background equipment in response to the network access inquiry request;
determining that the first equipment is successful in network access under the condition that the target network access information indicates that the first equipment sends the distribution network ciphertext to the background equipment; or determining that the first device is successful in network access under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device.
4. The method of claim 2, wherein the determining whether the first device successfully accesses the network according to whether the first device sends the distribution network ciphertext to the background device comprises:
Acquiring target network access information actively transmitted by the background equipment;
determining that the first equipment is successful in network access under the condition that the target network access information indicates that the first equipment sends the distribution network ciphertext to the background equipment; or determining that the first device is successful in network access under the condition that the target network access information indicates that the first device is successfully connected with the background device and the first device sends the network distribution ciphertext to the background device.
5. The method of claim 1, wherein the sending the network identification and the distribution network ciphertext to the first device comprises:
establishing connection with the wireless hotspot established by the first device, and sending the network identifier and the distribution network ciphertext to the first device through the established connection; or alternatively
And encoding the network identifier and the distribution network ciphertext to obtain a target message to be transmitted, and sending the target message in a broadcast or multicast mode, wherein the first device is used for obtaining the target message and decoding the target message to obtain the network identifier and the distribution network ciphertext.
6. A method for accessing a network by a device, comprising:
acquiring a network identifier of a target wireless network and a distribution network ciphertext transmitted by a second device on a first device to be connected, wherein the distribution network ciphertext is a ciphertext obtained by encrypting a distribution network plaintext by using a target encryption key by a background device, the distribution network plaintext comprises a random character string and a network access password of the target wireless network, which are sequentially arranged, the random character string is a character string with a preset length generated by the second device, the preset length is positively correlated with the number of the first devices connected with the target wireless network, and the target encryption key has a corresponding relation with the device identifier of the first device;
decrypting the distribution network ciphertext by using a target decryption key corresponding to the target encryption key on the first device to obtain the distribution network plaintext, and determining characters in the distribution network plaintext after skipping the preset length as the network access password;
accessing, on the first device, the target wireless network using the network identification and the access password in the distribution network context;
and after the target wireless network is accessed, connecting the background equipment on the first equipment, and sending the distribution network ciphertext to the background equipment.
7. The method of claim 6, wherein the step of providing the first layer comprises,
the connecting the background device on the first device includes: the first device is connected with the background device through a preset internet of things protocol;
the sending the distribution network ciphertext to the background device includes: transmitting authentication information to the background device on the first device, wherein the authentication information comprises the device identification and an authentication key of the first device; and under the condition that the background equipment determines that the first equipment passes the verification according to the verification information, the distribution network ciphertext is sent to the background equipment.
8. A method for accessing a network by a device, comprising:
acquiring a device identifier of a first device and a network configuration plaintext sent by a second device on a background device, wherein the first device is a device to be connected to the network, the network configuration plaintext comprises a random character string and a network connection password of a target wireless network, which are sequentially arranged, the random character string is a character string with a preset length generated by the second device, and the preset length is positively correlated with the number of the first devices connected with the target wireless network;
Encrypting the distribution network plaintext by using a target encryption key on the background equipment to obtain a distribution network ciphertext, wherein the target encryption key has a corresponding relation with the equipment identifier;
the distribution network ciphertext is sent to the second device on the background device;
and under the condition that the first equipment uses the network identifier of the target wireless network and the network access password in the distribution network plaintext to access the target wireless network, establishing connection with the first equipment on the background equipment, and acquiring the distribution network ciphertext sent by the first equipment, wherein the first equipment is used for determining characters in the distribution network plaintext after skipping the preset length as the network access password.
9. The method of claim 8, wherein the method further comprises:
and sending target networking information to the second device on the background device, wherein the target networking information is used for indicating whether the background device acquires the distribution network ciphertext sent by the first device.
10. The method of claim 9, wherein the sending, at the background device, target networking information to the second device comprises:
Acquiring a network access query request sent by the second device on the background device, wherein the network access query request comprises the device identifier and the distribution network ciphertext; determining whether the background equipment acquires the distribution network ciphertext transmitted by the first equipment according to the equipment identifier and the distribution network ciphertext; transmitting the target network access information to the second device on the background device under the condition that the background device acquires the network distribution ciphertext transmitted by the first device, wherein the target network access information is used for indicating that the background device acquires the network distribution ciphertext transmitted by the first device; or alternatively
And under the condition that the background equipment acquires the distribution network ciphertext transmitted by the first equipment, actively transmitting the target network access information to the second equipment on the background equipment, wherein the target network access information is used for indicating that the background equipment acquires the distribution network ciphertext transmitted by the first equipment.
11. The method of claim 10, wherein transmitting, on the background device, the target networking information to the second device if it is determined that the background device acquired the configuration network ciphertext transmitted by the first device, comprises:
And under the condition that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment, sending target network access information to the second equipment on the background equipment, wherein the target network access information is used for indicating that the background equipment establishes the connection with the first equipment and the background equipment acquires the distribution network ciphertext sent by the first equipment.
12. A computer-readable storage medium, characterized in that the computer-readable storage medium comprises a stored program, wherein the program is executable by a terminal device or a computer to perform the method of any one of claims 1 to 5, or the method of any one of claims 6 to 7, or the method of any one of claims 8 to 11.
13. An electronic device comprising a memory and a processor, characterized in that the memory has stored therein a computer program, the processor being arranged to perform the method of any of the claims 1 to 5, or the method of any of the claims 6 to 7, or the method of any of the claims 8 to 11, by means of the computer program.
CN202011194110.8A 2020-10-30 2020-10-30 Equipment network access method and device, storage medium and electronic equipment Active CN112187831B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011194110.8A CN112187831B (en) 2020-10-30 2020-10-30 Equipment network access method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011194110.8A CN112187831B (en) 2020-10-30 2020-10-30 Equipment network access method and device, storage medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN112187831A CN112187831A (en) 2021-01-05
CN112187831B true CN112187831B (en) 2023-04-25

Family

ID=73917383

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011194110.8A Active CN112187831B (en) 2020-10-30 2020-10-30 Equipment network access method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN112187831B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113064926B (en) * 2021-03-16 2022-12-30 青岛海尔科技有限公司 Data screening method and device, storage medium and electronic device
CN113473479A (en) * 2021-03-31 2021-10-01 长沙博安通软件科技有限公司 Method for rapidly distributing WiFi modules in batch
CN113630727B (en) * 2021-07-09 2023-04-07 珠海荣邦智能科技有限公司 Intelligent household network distribution method, device and system, electronic equipment and storage medium
CN113965360A (en) * 2021-09-29 2022-01-21 达闼科技(北京)有限公司 Intelligent device cloud server access method, device, medium, device and system
CN113934151B (en) * 2021-10-22 2022-05-27 洛阳职业技术学院 Communication method applied to gateway of Internet of things
CN114422216B (en) * 2021-12-31 2024-01-09 杭州华橙软件技术有限公司 Internet of things equipment binding method, device and storage medium
CN114501591B (en) * 2022-02-11 2023-10-27 珠海格力电器股份有限公司 Intelligent equipment network access method and device and computer readable storage medium
CN115208677B (en) * 2022-07-19 2024-01-30 光大科技有限公司 Malicious website identification method and device
CN115988490B (en) * 2022-12-02 2023-10-20 广东保伦电子股份有限公司 APP-based hardware equipment network distribution method, apparatus and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104506439A (en) * 2014-12-19 2015-04-08 重庆邮电大学 IPv6 (Internet protocol version 6) message transmission system and method applicable to WIA-PA (windows image acquisition-power amplification) network
CN104869612A (en) * 2015-04-30 2015-08-26 小米科技有限责任公司 Method and device for accessing network
CN108055130A (en) * 2017-12-27 2018-05-18 深圳技术大学(筹) The ciphertext protection system of differentiation safety

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111615172B (en) * 2019-02-22 2023-01-24 阿里巴巴集团控股有限公司 Network configuration method, device, equipment and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104506439A (en) * 2014-12-19 2015-04-08 重庆邮电大学 IPv6 (Internet protocol version 6) message transmission system and method applicable to WIA-PA (windows image acquisition-power amplification) network
CN104869612A (en) * 2015-04-30 2015-08-26 小米科技有限责任公司 Method and device for accessing network
CN108055130A (en) * 2017-12-27 2018-05-18 深圳技术大学(筹) The ciphertext protection system of differentiation safety

Also Published As

Publication number Publication date
CN112187831A (en) 2021-01-05

Similar Documents

Publication Publication Date Title
CN112187831B (en) Equipment network access method and device, storage medium and electronic equipment
CN110493261B (en) Verification code obtaining method based on block chain, client, server and storage medium
CN105027493B (en) Safety moving application connection bus
US20160269176A1 (en) Key Configuration Method, System, and Apparatus
CN104754582B (en) Safeguard the client and method of BYOD safety
CN109936547A (en) Identity identifying method, system and calculating equipment
CN103959735A (en) Systems and methods for providing secure multicast intra-cluster communication
CN103596173A (en) Wireless network authentication method, client wireless network authentication device, and server wireless network authentication device
CN103428221A (en) Safety logging method, system and device of mobile application
CN110741614B (en) Data communication system and method
CN113765713A (en) Data interaction method based on Internet of things equipment acquisition
CN108200037B (en) Method and system for executing security operation by using security device
CN113114665B (en) Data transmission method and device, storage medium and electronic device
Bergmann et al. Secure bootstrapping of nodes in a CoAP network
Hou et al. Design and prototype implementation of a blockchain-enabled LoRa system with edge computing
CN111683370B (en) Access authentication method, device and system of wireless network equipment
CN106169952A (en) Authentication method that a kind of internet IKMP is heavily consulted and device
RU2474073C2 (en) Network and method for initialising trust centre link key
CN109218334A (en) Data processing method, device, access control equipment, certificate server and system
CN106302369A (en) Long-range Activiation method, device and the remote activation system of a kind of network monitoring device
CN110602133B (en) Intelligent contract processing method, block chain management device and storage medium
KR102219018B1 (en) Blockchain based data transmission method in internet of things
CN112333214B (en) Safe user authentication method and system for Internet of things equipment management
CN109150661A (en) A kind of method for discovering equipment and device
CN112422479B (en) Equipment binding method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant