CN112533203A - Zigbee-based network access method and related device - Google Patents
Zigbee-based network access method and related device Download PDFInfo
- Publication number
- CN112533203A CN112533203A CN202011310338.9A CN202011310338A CN112533203A CN 112533203 A CN112533203 A CN 112533203A CN 202011310338 A CN202011310338 A CN 202011310338A CN 112533203 A CN112533203 A CN 112533203A
- Authority
- CN
- China
- Prior art keywords
- parent
- network access
- zigbee
- equipment
- parent device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 71
- 230000004044 response Effects 0.000 claims description 34
- 230000006855 networking Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 6
- 238000012795 verification Methods 0.000 abstract description 7
- 238000010586 diagram Methods 0.000 description 9
- 238000004364 calculation method Methods 0.000 description 7
- 238000004891 communication Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000006872 improvement Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the application discloses a Zigbee-based network access method, which is used for safety verification of a Zigbee network. The method in the embodiment of the application comprises the following steps: the child device sends a connection request to the parent device; the parent equipment acquires an encryption algorithm; the parent equipment acquires the local time of the parent equipment; the parent equipment calculates the local time of the parent equipment according to the encryption algorithm to obtain a network access password; the sub-device obtains an encryption algorithm; the method comprises the steps that the sub-equipment obtains local time of the sub-equipment; the sub-equipment calculates the local time of the sub-equipment according to the encryption algorithm to obtain a network access password; the child device sends a network access password to the parent device; and the child device sends the calculated network access password to the parent device so that the parent device can verify the network access password of the child device.
Description
Technical Field
The embodiment of the application relates to the field of wireless communication, in particular to a Zigbee-based network access method and a related device.
Background
With the gradual improvement of the Zigbee protocol standard and the rapid development of the internet of things, the whole Zigbee industry is also developing towards an increasingly prevalent trend. Zigbee is widely used in smart homes, smart factories, and other fields. However, the current Zigbee network does not have an encryption function.
When the existing Zigbee device accesses the network, it can join the network only if PANID is the same. This means that in some non-closed scenarios, any device with the same PANID can join the existing Zigbee network, and an illegal person can use the device with the same PANID to join the network to steal information.
Disclosure of Invention
The embodiment of the application provides a Zigbee-based network access method and a related device, which ensure the data security in a Zigbee network.
A first aspect of the present application provides a Zigbee-based network access method, which is applied to a parent device, and the method includes:
receiving a connection request of the sub-equipment;
acquiring an encryption algorithm;
acquiring the local time of the parent equipment;
calculating the local time of the parent equipment according to the encryption algorithm to obtain a network access password;
detecting whether a network access password sent by the sub-equipment is received within preset time;
and if so, sending a success response to the sub-equipment to inform the sub-equipment of successful network access.
Optionally, if the request is not received, the network access of the child device is prohibited.
Optionally, before the receiving the connection request of the parent device, the method further includes:
acquiring a target network identifier;
networking using the target network identifier.
Optionally, before the detecting whether the network access password sent by the child device is received within the preset time, the method further includes:
and sending a connection response to the child device, wherein the connection response indicates that the parent device receives the connection request and requires the child device to send a network access password within a preset time.
A second aspect of the present application provides a Zigbee-based network access method, which is applied to a sub-device, and the method includes:
sending a connection request to the parent device;
acquiring an encryption algorithm;
acquiring the local time of the sub-equipment;
calculating the local time of the sub-equipment according to the encryption algorithm to obtain a network access password;
and sending the network access password to the parent equipment within preset time.
Optionally, before the detecting whether the network access password sent by the child device is received within a preset time, the method further includes:
and receiving a network access response sent by the parent equipment, and joining the Zigbee network of the parent equipment.
Optionally, before the sending the connection request to the parent device, the method further includes:
acquiring a target network identifier of a parent device;
setting the network identifier of the child device itself to be the same as the target network identifier.
Optionally, before the obtaining of the coordinator local time, the method further includes:
and receiving a connection response sent by the parent device, wherein the connection response indicates that the parent device receives the connection request and requires the child device to send a network access password within a preset time.
A third aspect of the present application provides a Zigbee-based network access apparatus, which is applied to a parent device, and may include:
a receiving unit, configured to receive a connection request of a child device;
an acquisition unit configured to acquire an encryption algorithm;
the acquisition unit is further used for acquiring the local time of the parent device;
the computing unit is used for computing the local time of the parent equipment according to the encryption algorithm to obtain a network access password;
the detection unit is used for detecting whether the network access password sent by the sub-equipment is received within the preset time;
and the sending unit is used for sending a success response to the sub-equipment when receiving the network access password sent by the sub-equipment within the preset time so as to inform the sub-equipment of successful network access.
Optionally, the parent device further includes a prohibiting unit, configured to prohibit the child device from accessing the network when the detecting unit determines that the child device is not connected to the network.
Optionally, the obtaining unit is further configured to obtain a target network identifier; the parent device further comprises a networking unit for networking using the target network identifier.
Optionally, before the detecting whether the network access password sent by the child device is received within the preset time, the method further includes:
and sending a connection response to the child device, wherein the connection response indicates that the parent device receives the connection request and requires the child device to send a network access password within a preset time.
The fourth aspect of the present application provides a Zigbee-based network access apparatus, which is applied to a sub-device, including:
a transmission unit configured to transmit a connection request to a parent device;
an acquisition unit configured to acquire an encryption algorithm;
the obtaining unit is further configured to obtain a local time of the child device;
the computing unit is used for computing the local time of the sub-equipment according to the encryption algorithm to obtain a network access password;
the sending unit is further configured to send the network access password to the parent device within a preset time.
Optionally, the sub-device further comprises: and the receiving unit is used for receiving the network access response sent by the parent equipment and joining the Zigbee network of the parent equipment.
Optionally, the obtaining unit is further configured to obtain a target network identifier of the parent device;
the child device further includes a setting unit configured to set a network identifier of the child device itself to be the same as the target network identifier.
Optionally, the receiving unit is further configured to receive a connection response sent by the parent device.
A fifth aspect of the present application provides an electronic device, comprising a memory, a processor, and a wireless transceiver, wherein the memory stores a computer program, and the processor executes the computer program in the memory to implement the steps of the method according to any one of the first to second aspects.
A sixth aspect of the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method of any one of the first to second aspects.
According to the technical scheme, the embodiment of the application has the following advantages: according to the method and the device, the dynamic network access password based on time is added to the ZigBee network, and the external equipment can be added into the ZigBee network only through verification of the dynamic network access password.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a schematic diagram of an application scenario of the present application;
FIG. 2 is a schematic diagram of an application scenario of the present application;
fig. 3 is a schematic diagram of an embodiment of a Zigbee-based network access method according to the present application;
fig. 4 is a schematic diagram of an embodiment of a Zigbee-based network access method according to the present application;
fig. 5 is a schematic diagram of an embodiment of a Zigbee-based network access method according to the present application;
fig. 6 is a schematic diagram of an embodiment of a Zigbee-based network access method according to the present application;
FIG. 7 is a schematic diagram of one embodiment of a parent device of the present application;
FIG. 8 is a schematic diagram of one embodiment of a kid device of the present application.
Detailed Description
The embodiment of the application provides a Zigbee-based network access method and a related device, which are used for ensuring data security in a Zigbee network.
The application scenario of the present application is shown in fig. 1 or fig. 2. The solid black icon represents a Zigbee coordinator, the shaded icon represents a Zigbee routing node, and the white icon represents a Zigbee terminal. Fig. 1 is a schematic view of a scenario of the present application in a star network, where a Zigbee coordinator is used as a center, and all Zigbee terminals communicate through the Zigbee coordinator. Fig. 2 is a schematic view of a scenario of the present application under tree network, in which a Zigbee coordinator is used as a center, and a plurality of Zigbee routing nodes are arranged, and a Zigbee terminal can access a network from the Zigbee coordinator or the Zigbee routing nodes. According to the classification of Zigbee nodes, there can be three network access situations, the first is that a Zigbee terminal accesses a network through a Zigbee coordinator, the second is that a Zigbee routing node accesses a network through a Zigbee coordinator, and the third is that a Zigbee terminal accesses a network through a Zigbee routing node. For ease of understanding and generalization, in the present application, a device that is not networked may be regarded as a child device, and a device that has been networked by the child device and receives a network access request from the child device may be regarded as a parent device. That is to say, the Zigbee coordinator always serves as a parent device, the Zigbee terminal always serves as a child device, and the Zigbee routing node may only serve as a child device according to different situations, or serve as both a parent device of the Zigbee terminal and a child device of the Zigbee coordinator, and simultaneously implement the functions of the parent device and the child device.
Specifically, in the Zigbee network in the present application, only one coordinator exists, but a plurality of routing nodes and terminals may exist in one Zigbee network. The coordinator can have the capability of communicating with the internet, so that the routing node and the terminal node can also have the capability of communicating with the internet through the coordinator after joining the network.
Fig. 3 is a schematic diagram of an embodiment of a Zigbee-based network access method, which specifically includes:
301. the child device sends a connection request to the parent device;
the child device sends a request to the parent device to join the Zigbee network where the parent device is located, where the parent device has already established or joined a Zigbee network, and the child device has not yet joined or established any Zigbee network. If the parent device is a Zigbee coordinator, the child device may be a Zigbee router or Zigbee terminal; if the parent device is a Zigbee router, the child device must be a Zigbee terminal.
302. The parent equipment acquires an encryption algorithm;
the parent device obtains a preset encryption algorithm, and the encryption algorithm is usually pre-stored in a memory or an internal memory of the parent device and recorded in a storage unit of the parent device during networking or factory shipment.
303. The parent equipment acquires the local time of the parent equipment;
the parent device is internally provided with a clock, so that local time records can be acquired in real time, and the parent device acquires local time recorded by the parent device. It can be appreciated that since the parent device is already in the Zigbee network, if the Zigbee network can be connected to the internet, the parent device can calibrate the local time with the universal time on the network at any time, where the local time of the parent device corresponds to the universal time.
304. The parent equipment calculates the local time of the parent equipment according to the encryption algorithm to obtain a network access password;
and the parent equipment calculates the local time according to an encryption algorithm, and the calculation result is the network access password permitted by the parent equipment at the moment. The effective time and the replacement time of the network access password are related to the specific rules of the encryption algorithm, and can be set by engineering personnel when defining the specific encryption algorithm.
305. The sub-device obtains an encryption algorithm;
the preset encryption algorithm which is the same as that of the parent device is stored in the child device and is prestored in a memory or an internal memory of the child device, and the encryption algorithm is defined by engineering personnel before leaving a factory or is set by the engineering personnel before networking.
306. The method comprises the steps that the sub-equipment obtains local time of the sub-equipment;
the sub-equipment is also internally provided with a clock, so that local time records can be acquired in real time, and the sub-equipment acquires local time recorded by the sub-equipment. It will be appreciated that since the kid device needs to be connected to the parent device, the local time of the kid device and the parent device is typically the same, or with minimal error.
307. The sub-equipment calculates the local time of the sub-equipment according to the encryption algorithm to obtain a network access password;
and the sub-equipment calculates the corresponding network access password by using the local time as the basis according to an encryption algorithm. If the time alignment of the child device with the parent device is correct, the network access password of the child device should also be consistent with the network access password of the parent device.
308. The child device sends a network access password to the parent device;
and the child device sends the calculated network access password to the parent device so that the parent device can verify the network access password of the child device.
309. The parent device detects whether the network access password sent by the child device is received within a preset time, and if the network access password is received, the step 310 is executed;
and the parent equipment detects whether the network access password which is sent by the child equipment and has the same calculation result with the parent equipment is received within the preset time. Obviously, when the local time of the parent device is the same as that of the child device, the child device needs to possess the same encryption algorithm as that of the parent device, and the authentication of the parent device is passed; when the local times of the parent device and the child device are different, the child device cannot pass the authentication of the parent device anyway.
310. And the parent device sends a success response to the child device to inform the child device of successful network access.
And after the child device passes the verification of the parent device, the parent device sends a successful response to the child device, and the child device knows that the child device has accessed the network of the parent device and completes the connection.
It can be understood that, in the verification process of this embodiment, there is no inevitable precedence relationship between step 302-. For example, if the validity period of the network access password generated each time is 10 seconds, and it takes 100 milliseconds for the parent device and the child device to generate the network access password, the sequence of generating the network access password by the parent device and the child device does not affect the execution of the network access method based on Zigbee in this embodiment.
Based on the embodiment shown in fig. 3, the present application further provides a more specific embodiment, if the child device fails to detect by the parent device, the parent device will also remove the connection of the child device, so as not to occupy the connection resource of the parent device. The embodiment specifically comprises the following steps:
401. the child device sends a connection request to the parent device;
the child device sends a request to the parent device to join the Zigbee network where the parent device is located, where the parent device has already established or joined a Zigbee network, and the child device has not yet joined or established any Zigbee network. If the parent device is a Zigbee coordinator, the child device may be a Zigbee router or Zigbee terminal; if the parent device is a Zigbee router, the child device must be a Zigbee terminal.
402. The parent equipment acquires an encryption algorithm;
the parent device obtains a preset encryption algorithm, and the encryption algorithm is usually pre-stored in a memory or an internal memory of the parent device and recorded in a storage unit of the parent device during networking or factory shipment.
403. The parent equipment acquires the local time of the parent equipment;
the parent device is internally provided with a clock, so that local time records can be acquired in real time, and the parent device acquires local time recorded by the parent device. It can be appreciated that since the parent device is already in the Zigbee network, if the Zigbee network can be connected to the internet, the parent device can calibrate the local time with the universal time on the network at any time, where the local time of the parent device corresponds to the universal time.
404. The parent equipment calculates the local time of the parent equipment according to the encryption algorithm to obtain a network access password;
and the parent equipment calculates the local time according to an encryption algorithm, and the calculation result is the network access password permitted by the parent equipment at the moment. The effective time and the replacement time of the network access password are related to the specific rules of the encryption algorithm, and can be set by engineering personnel when defining the specific encryption algorithm.
405. The sub-device obtains an encryption algorithm;
the preset encryption algorithm which is the same as that of the parent device is stored in the child device and is prestored in a memory or an internal memory of the child device, and the encryption algorithm is defined by engineering personnel before leaving a factory or is set by the engineering personnel before networking.
406. The sub-device obtains the local time of the sub-device
The sub-equipment is also internally provided with a clock, so that local time records can be acquired in real time, and the sub-equipment acquires local time recorded by the sub-equipment. It will be appreciated that since the kid device needs to be connected to the parent device, the local time of the kid device and the parent device is typically the same, or with minimal error.
407. The sub-equipment calculates the local time of the sub-equipment according to the encryption algorithm to obtain a network access password;
and the sub-equipment calculates the corresponding network access password by using the local time as the basis according to an encryption algorithm. If the time alignment of the child device with the parent device is correct, the network access password of the child device should also be consistent with the network access password of the parent device.
408. The child device sends a network access password to the parent device;
and the child device calculates the network access password to the parent device so that the parent device can verify the network access password of the child device.
409. The parent device detects whether the network access password sent by the child device is received within a preset time, and if the network access password is received, the step 410 is executed; if not, go to step 411.
And the parent equipment detects whether the network access password which is sent by the child equipment and has the same calculation result with the parent equipment is received within the preset time. If the parent device receives the same network access password, go to step 410; if the parent device does not receive the network access password of the child device within the preset time, or the network access password sent by the child device is inconsistent with that of the parent device, step 411 is executed.
Obviously, when the local time of the parent device is the same as that of the child device, the child device needs to possess the same encryption algorithm as that of the parent device, and the authentication of the parent device is passed; when the local times of the parent device and the child device are different, the child device cannot pass the authentication of the parent device anyway.
410. The parent equipment sends a success response to the child equipment to inform the child equipment of successful network access
And after the child device passes the verification of the parent device, the parent device sends a successful response to the child device, and the child device knows that the child device has accessed the network of the parent device and completes the connection.
411. And the parent equipment forbids the child equipment to access the network.
If the child device fails the authentication of the parent device, the parent device may disable the child device from accessing the network and disconnect from the child device to conserve communication resources of the parent device.
As an improvement to the embodiment shown in fig. 3 or fig. 4, when the child device connects to the parent device, the parent device further receives the connection request and then sends a connection response to inform the child device of sending the network access password.
501. The child device sends a connection request to the parent device;
the child device sends a request to the parent device to join the Zigbee network where the parent device is located, where the parent device has already established or joined a Zigbee network, and the child device has not yet joined or established any Zigbee network. If the parent device is a Zigbee coordinator, the child device may be a Zigbee router or Zigbee terminal; if the parent device is a Zigbee router, the child device must be a Zigbee terminal.
502. And the parent device sends a connection response to the child device, wherein the connection response indicates that the parent device receives the connection request and requires the child device to send the network access password within the preset time.
503. The parent equipment acquires an encryption algorithm;
the parent device obtains a preset encryption algorithm, and the encryption algorithm is usually pre-stored in a memory or an internal memory of the parent device and recorded in a storage unit of the parent device during networking or factory shipment.
504. The parent equipment acquires the local time of the parent equipment;
the parent device is internally provided with a clock, so that local time records can be acquired in real time, and the parent device acquires local time recorded by the parent device. It can be appreciated that since the parent device is already in the Zigbee network, if the Zigbee network can be connected to the internet, the parent device can calibrate the local time with the universal time on the network at any time, where the local time of the parent device corresponds to the universal time.
505. The parent equipment calculates the local time of the parent equipment according to the encryption algorithm to obtain a network access password;
and the parent equipment calculates the local time according to an encryption algorithm, and the calculation result is the network access password permitted by the parent equipment at the moment. The effective time and the replacement time of the network access password are related to the specific rules of the encryption algorithm, and can be set by engineering personnel when defining the specific encryption algorithm.
506. The sub-device obtains an encryption algorithm;
the preset encryption algorithm which is the same as that of the parent device is stored in the child device and is prestored in a memory or an internal memory of the child device, and the encryption algorithm is defined by engineering personnel before leaving a factory or is set by the engineering personnel before networking.
507. The sub-device obtains the local time of the sub-device
The sub-equipment is also internally provided with a clock, so that local time records can be acquired in real time, and the sub-equipment acquires local time recorded by the sub-equipment. It will be appreciated that since the kid device needs to be connected to the parent device, the local time of the kid device and the parent device is typically the same, or with minimal error.
508. The sub-equipment calculates the local time of the sub-equipment according to the encryption algorithm to obtain a network access password;
and the sub-equipment calculates the corresponding network access password by using the local time as the basis according to an encryption algorithm. If the time alignment of the child device with the parent device is correct, the network access password of the child device should also be consistent with the network access password of the parent device.
509. The child device sends a network access password to the parent device;
and the child device calculates the network access password to the parent device so that the parent device can verify the network access password of the child device.
510. The parent device detects whether the network access password sent by the child device is received within a preset time, and if the network access password is received, step 511 is executed;
511. the parent equipment sends a success response to the child equipment to inform the child equipment of successful network access
And after the child device passes the verification of the parent device, the parent device sends a successful response to the child device, and the child device knows that the child device has accessed the network of the parent device and completes the connection.
It can be seen that, in the present application, the parent device replies a corresponding connection response when receiving a connection request of the child device. In this way, the child device can confirm whether the Zigbee network of the parent device is in need of encryption authentication when connecting. If necessary, the sub-equipment sends the network access password; if the Zigbee network does not need encryption authentication, the network access password is not sent, so that a communication error caused by sending of redundant network access passwords by the factor device is avoided.
On the basis of any one of the embodiments shown in fig. 3, fig. 4, or fig. 5, the Zigbee-based network access method further includes a process of synchronizing the network identifiers of the child device and the parent device. Referring specifically to fig. 6, this embodiment includes:
601. the parent equipment acquires a target network identifier;
and when the Zigbee network is not established, the parent equipment acquires a preset target network identifier. If the parent device is a Zigbee coordinator, the target network identifier may be randomly selected by the parent device, or may be set by an engineer by inputting the target network identifier. If the parent device is a Zigbee router, the network identifier must be consistent with the Zigbee coordinator being networked.
602. The parent device uses the target network identifier to form a network;
the parent device uses the target network identifier in step 601 to establish a new Zigbee network or join a Zigbee network. Specifically, if the parent device is a Zigbee coordinator, the parent device specifically performs a function of establishing a new Zigbee network. If the parent device is a Zigbee router, the parent device specifically performs a function of joining an existing Zigbee network.
603. The child device acquires a target network identifier of the parent device;
a child device to be added to a network where a parent device is located first acquires a network identifier of the parent device. According to the standard of the Zigbee protocol, the network identifiers of Zigbee devices in the same Zigbee network are consistent, so that obtaining the network identifier of the parent device by the child device is equivalent to obtaining the network identifier of the Zigbee network. The child device may confirm the target identifier by probing the network identifier broadcast by the parent device, or may set the target identifier by manual input.
604. The sub-equipment sets the network identifier of the sub-equipment to be the same as the target network identifier;
the sub-device replaces the network identifier of itself with the target network identifier in step 603, so that the network identifier of itself is consistent with the Zigbee network to be joined.
605. The child device sends a connection request to the parent device;
the child device sends a request to the parent device to join the Zigbee network where the parent device is located, where the parent device has already established or joined a Zigbee network, and the child device has not yet joined or established any Zigbee network. If the parent device is a Zigbee coordinator, the child device may be a Zigbee router or Zigbee terminal; if the parent device is a Zigbee router, the child device must be a Zigbee terminal.
606. The parent equipment acquires an encryption algorithm;
the parent device obtains a preset encryption algorithm, and the encryption algorithm is usually pre-stored in a memory or an internal memory of the parent device and recorded in a storage unit of the parent device during networking or factory shipment.
607. The parent equipment acquires the local time of the parent equipment;
the parent device is internally provided with a clock, so that local time records can be acquired in real time, and the parent device acquires local time recorded by the parent device. It can be appreciated that since the parent device is already in the Zigbee network, if the Zigbee network can be connected to the internet, the parent device can calibrate the local time with the universal time on the network at any time, where the local time of the parent device corresponds to the universal time.
608. The parent equipment calculates the local time of the parent equipment according to the encryption algorithm to obtain a network access password;
and the parent equipment calculates the local time according to an encryption algorithm, and the calculation result is the network access password permitted by the parent equipment at the moment. The effective time and the replacement time of the network access password are related to the specific rules of the encryption algorithm, and can be set by engineering personnel when defining the specific encryption algorithm.
609. The sub-device obtains an encryption algorithm;
the preset encryption algorithm which is the same as that of the parent device is stored in the child device and is prestored in a memory or an internal memory of the child device, and the encryption algorithm is defined by engineering personnel before leaving a factory or is set by the engineering personnel before networking.
610. The sub-device obtains the local time of the sub-device
The sub-equipment is also internally provided with a clock, so that local time records can be acquired in real time, and the sub-equipment acquires local time recorded by the sub-equipment. It will be appreciated that since the kid device needs to be connected to the parent device, the local time of the kid device and the parent device is typically the same, or with minimal error.
611. The sub-equipment calculates the local time of the sub-equipment according to the encryption algorithm to obtain a network access password;
and the sub-equipment calculates the corresponding network access password by using the local time as the basis according to an encryption algorithm. If the time alignment of the child device with the parent device is correct, the network access password of the child device should also be consistent with the network access password of the parent device.
612. The child device sends a network access password to the parent device;
and the child device sends the calculated network access password to the parent device so that the parent device can verify the network access password of the child device.
613. The parent device detects whether the network access password sent by the child device is received within a preset time, and if the network access password is received, step 614 is executed;
and the parent equipment detects whether the network access password which is sent by the child equipment and has the same calculation result with the parent equipment is received within the preset time. Obviously, when the local time of the parent device is the same as that of the child device, the child device needs to possess the same encryption algorithm as that of the parent device, and the authentication of the parent device is passed; when the local times of the parent device and the child device are different, the child device cannot pass the authentication of the parent device anyway.
614. The parent equipment sends a success response to the child equipment to inform the child equipment of successful network access
And after the child device passes the verification of the parent device, the parent device sends a successful response to the child device, and the child device knows that the child device has accessed the network of the parent device and completes the connection.
In this embodiment, a specific target identifier obtaining process is added, and the parent device and the child device can obtain the target network identifier by themselves or manually set the network identifiers of the parent device and the child device. In consideration of the encryption effect, the parent device does not broadcast the network identification code of the parent device, and the target network identification code is manually input into the parent device and the child device, so that the confidentiality of the Zigbee network is improved.
It can be seen that in the network access methods based on Zigbee shown in fig. 3 to fig. 6, all the sub-devices accessing the Zigbee network need to provide a correct network access password to enter the network. The access password is updated continuously according to time, so that even if the access password of a certain terminal or a certain routing node at a certain moment is illegally intercepted, an intruder cannot reuse the intercepted access password. In addition, the method only needs to verify the access password when accessing the network, and the data transmission information of each device after the device is added into the network can be encrypted or not encrypted, so that the operation burden on each device is small.
Referring to fig. 7, a parent device provided in an embodiment of the present application is introduced below, where the parent device of the present embodiment may include:
a receiving unit 701, configured to receive a connection request of a sub device;
an obtaining unit 702 configured to obtain an encryption algorithm;
the acquiring unit 702 is further configured to acquire a local time of the parent device;
a calculating unit 703, configured to calculate the local time of the parent device according to the encryption algorithm to obtain a network access password;
a detecting unit 704, configured to detect whether a network access password sent by the child device is received within a preset time;
a sending unit 705, configured to send a success response to the child device when the network access password sent by the child device is received within a preset time, so as to notify the child device of successful network access.
In some embodiments, the parent device further includes a prohibiting unit 706, configured to prohibit the child device from accessing the network when the detecting unit determines that the child device is not connected to the network.
In some embodiments, the obtaining unit 702 is further configured to obtain a target network identifier; the parent device further comprises a networking unit 707 for networking using the target network identifier.
In some embodiments, before the detecting whether the network access password sent by the child device is received within a preset time, the method further includes:
and sending a connection response to the child device, wherein the connection response indicates that the parent device receives the connection request and requires the child device to send a network access password within a preset time.
It can be understood that the parent device and the Zigbee-based network access method described above may be referred to correspondingly, and implement the steps performed by the parent device in the embodiments shown in fig. 3 to fig. 6.
Referring to fig. 8, the sub-device provided in the embodiment of the present application is introduced below, where the sub-device of the embodiment may include:
a transmission unit 801 for transmitting a connection request to a parent device;
an obtaining unit 802, configured to obtain an encryption algorithm;
the obtaining unit 802 is further configured to obtain a local time of the sub-device;
a calculating unit 803, configured to calculate the local time of the sub-device according to the encryption algorithm, so as to obtain a network access password;
the sending unit 801 is further configured to send the network access password to the parent device within a preset time.
In some embodiments, the sub-device further comprises: a receiving unit 804, configured to receive a network entry response sent by the parent device, and join the Zigbee network of the parent device.
In some embodiments, the obtaining unit 802 is further configured to obtain a target network identifier of the parent device;
the sub-device further comprises a setting unit 805 for setting the network identifier of the sub-device itself to be the same as the target network identifier.
In some embodiments, the receiving unit 804 is further configured to receive a connection response sent by the parent device.
The sub-device and the network access method based on Zigbee described above may be referred to correspondingly, and implement the steps executed by the sub-device in the embodiments shown in fig. 3 to fig. 6.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and the like.
Claims (10)
1. A Zigbee-based network access method is applied to Zigbee parent equipment, and comprises the following steps:
receiving a connection request of the sub-equipment;
acquiring an encryption algorithm;
acquiring the local time of the coordinator;
calculating the local time of the parent equipment according to the encryption algorithm to obtain a network access password;
detecting whether a network access password sent by the sub-equipment is received within preset time;
and if so, sending a success response to the sub-equipment to inform the sub-equipment of successful network access.
2. The method of claim 1, wherein if the dynamic password is not received, the network access of the child device is prohibited.
3. The dynamic password networking method of Zigbee according to claim 1 or 2, wherein before the receiving of the connection request of the parent device, the method further comprises:
acquiring a target network identifier;
networking using the target network identifier.
4. A Zigbee-based network access method according to claim 1 or 2, wherein before the detecting whether the network access password sent by the sub-device is received within a preset time, the method further includes:
and sending a connection response to the child device, wherein the connection response indicates that the parent device receives the connection request and requires the child device to send a network access password within a preset time.
5. A Zigbee-based network access method is applied to Zigbee sub-equipment, and the method comprises the following steps:
sending a connection request to the parent device;
acquiring an encryption algorithm;
acquiring the local time of the sub-equipment;
calculating the local time of the sub-equipment according to the encryption algorithm to obtain a network access password;
and sending the network access password to the parent equipment within preset time.
6. The Zigbee-based network access method according to claim 5, wherein before the detecting whether the network access password sent by the child device is received within a preset time, the method further comprises:
and receiving a network access response sent by the parent equipment, and joining the Zigbee network of the parent equipment.
7. A Zigbee-based networking method according to claim 5 or 6, wherein before said sending of the connection request to the parent device, the method further comprises:
acquiring a target network identifier of a parent device;
setting the network identifier of the child device itself to be the same as the target network identifier.
8. A Zigbee-based network entry method according to claim 5 or 6, wherein before said obtaining of the coordinator local time, the method further comprises:
and receiving a connection response sent by the parent device, wherein the connection response indicates that the parent device receives the connection request and requires the child device to send a network access password within a preset time.
9. An electronic device comprising a memory, a processor and radio, the memory having stored therein a computer program that, when executed by the processor in the memory, carries out the method of any one of claims 1 to 4 or 5 to 8.
10. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4 or 5 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011310338.9A CN112533203A (en) | 2020-11-20 | 2020-11-20 | Zigbee-based network access method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011310338.9A CN112533203A (en) | 2020-11-20 | 2020-11-20 | Zigbee-based network access method and related device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112533203A true CN112533203A (en) | 2021-03-19 |
Family
ID=74981983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011310338.9A Pending CN112533203A (en) | 2020-11-20 | 2020-11-20 | Zigbee-based network access method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112533203A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113038399A (en) * | 2021-04-14 | 2021-06-25 | 广州讯鸿网络技术有限公司 | Method, electronic device and storage medium for quickly verifying user identity through 5G message |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105960027A (en) * | 2016-05-05 | 2016-09-21 | 四川九洲电器集团有限责任公司 | ZigBee network networking method and ZigBee coordinator |
| US20180069813A1 (en) * | 2016-09-08 | 2018-03-08 | Alcatel-Lucent Usa Inc. | Routing parent and child device calls through a parent telephony application server |
| CN109286932A (en) * | 2017-07-20 | 2019-01-29 | 阿里巴巴集团控股有限公司 | Networking authentication method, apparatus and system |
| CN110098923A (en) * | 2019-04-08 | 2019-08-06 | 浙江大华技术股份有限公司 | A kind of method and apparatus of generation and verifying temporary password |
| CN110995759A (en) * | 2019-12-23 | 2020-04-10 | 中国联合网络通信集团有限公司 | Access method and device of Internet of things |
-
2020
- 2020-11-20 CN CN202011310338.9A patent/CN112533203A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105960027A (en) * | 2016-05-05 | 2016-09-21 | 四川九洲电器集团有限责任公司 | ZigBee network networking method and ZigBee coordinator |
| US20180069813A1 (en) * | 2016-09-08 | 2018-03-08 | Alcatel-Lucent Usa Inc. | Routing parent and child device calls through a parent telephony application server |
| CN109286932A (en) * | 2017-07-20 | 2019-01-29 | 阿里巴巴集团控股有限公司 | Networking authentication method, apparatus and system |
| CN110098923A (en) * | 2019-04-08 | 2019-08-06 | 浙江大华技术股份有限公司 | A kind of method and apparatus of generation and verifying temporary password |
| CN110995759A (en) * | 2019-12-23 | 2020-04-10 | 中国联合网络通信集团有限公司 | Access method and device of Internet of things |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113038399A (en) * | 2021-04-14 | 2021-06-25 | 广州讯鸿网络技术有限公司 | Method, electronic device and storage medium for quickly verifying user identity through 5G message |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20100299730A1 (en) | User authentication method, wireless communication apparatus, base station, and account management apparatus | |
| CN111465014B (en) | Security authentication method, configuration method and related equipment | |
| US10542433B2 (en) | Connection establishment method, device, and system | |
| CN111783068A (en) | Device authentication method, system, electronic device and storage medium | |
| CN106549925A (en) | Prevent method, the apparatus and system of cross-site request forgery | |
| CN112491829B (en) | MEC platform identity authentication method and device based on 5G core network and blockchain | |
| CN114629719B (en) | Resource access control method and resource access control system | |
| CN111818528B (en) | Connection method and device of wireless local area network, storage medium and wireless access equipment | |
| CN108156169A (en) | Account login validation method, system and computer readable storage medium | |
| CN112448956A (en) | Authority processing method and device of short message verification code and computer equipment | |
| EP3101929A1 (en) | Information processing method, terminal and server, and communication method and system | |
| CN104469736A (en) | Data processing method, server and terminal | |
| CN112533203A (en) | Zigbee-based network access method and related device | |
| KR20100044199A (en) | Network and method for initializing a trust center link key | |
| KR101879843B1 (en) | Authentication mehtod and system using ip address and short message service | |
| CN112464213A (en) | Operating system access control method, device, equipment and storage medium | |
| CN116235467A (en) | Correlation control method and correlation device | |
| CN113810330A (en) | Method, device and storage medium for sending verification information | |
| CN117320007B (en) | Office system control method and system | |
| CN113206817B (en) | Equipment connection confirmation method and block chain network | |
| US11388157B2 (en) | Multi-factor authentication of internet of things devices | |
| CN111859406B (en) | Method, device and system for remote authentication | |
| US20220408264A1 (en) | Wireless communication method between a client object and a server object | |
| CN117715038A (en) | Authentication method for wireless communication, authentication device for wireless communication and communication system | |
| CN117318961A (en) | Communication protection method, system, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210319 |