CN114640510B - Method for communication by adopting separated encryption server - Google Patents
Method for communication by adopting separated encryption server Download PDFInfo
- Publication number
- CN114640510B CN114640510B CN202210206333.4A CN202210206333A CN114640510B CN 114640510 B CN114640510 B CN 114640510B CN 202210206333 A CN202210206333 A CN 202210206333A CN 114640510 B CN114640510 B CN 114640510B
- Authority
- CN
- China
- Prior art keywords
- encryption server
- upper computer
- card machine
- encryption
- meter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Abstract
The invention relates to a method for communication by adopting a separated encryption server, which comprises the steps that S1, an upper computer is connected with the encryption server, the encryption server is connected with a card machine respectively for starting, and the encryption server and the upper computer are separately designed; s2, the upper computer encrypts the plaintext through the encryption server and the card machine, forms ciphertext, sends the ciphertext to the meter, receives information fed back by the meter, decrypts the fed back information through the encryption server and the card machine, and achieves communication between the upper computer and the meter. The method improves communication rate and security.
Description
Technical Field
The invention relates to the technical field of electric meters, in particular to a method for communication by adopting a separated encryption server.
Background
At present, the electric energy meter 698 protocol encryption communication is popularized and applied in the national network, the requirements of the market on the communication success rate of the electric energy meter are higher and higher, and the functional requirements on the electric energy meter are more and more complex. In recent years, the new standard protocol of the intelligent electric energy meter is fast in release and update, and in order to meet the requirements of communication safety, new functions of a power supply bureau or new product research and development and defect repair of manufacturers, the ESAM test of each manufacturer is a necessary trend to realize local encryption communication. Standard telecommunication procedures require 698 background support 698 protocols local card secrets or remote encryptors.
However, the existing dynamic library call is completed in the upper computer, and the memory capacity occupied by the upper computer is limited, so that when the upper computer directly calls the card dynamic library, memory leakage exists, communication is easy to crash, and when the card returns data, the speed is very slow, and the overtime judgment of a program is influenced.
Disclosure of Invention
In view of the above problems, the present invention aims to provide a method for communication using a separate encryption server, which has the advantages of high operation speed, large memory, reasonable design and low cost.
In order to achieve the above purpose, the technical scheme of the invention is as follows: a method for communicating using a separate encryption server, comprising:
s1, respectively connecting and starting an upper computer, an encryption server and a card machine, wherein the encryption server and the upper computer are separately designed;
s2, the upper computer encrypts the plaintext through the encryption server and the card machine, forms ciphertext, sends the ciphertext to the meter, receives information fed back by the meter, decrypts the fed back information through the encryption server and the card machine, and achieves communication between the upper computer and the meter.
Further, the upper computer is connected with the encryption server for starting, which comprises,
s111, starting an upper computer, and sending the upper computer parameters to an encryption server;
s112, judging whether the encryption server is started or not, if yes, executing S13, and if not, disconnecting the encryption server from the upper computer;
s113, verifying whether the received upper computer parameters are matched with the stored information, if so, establishing connection with the upper computer, and if not, disconnecting with the upper computer.
Further, the encryption server is connected with the card machine for starting, and concretely comprises,
s121, the encryption server sends a dynamic library instruction of the connection card machine to the card machine;
s122, the card machine receives the dynamic library instruction of the connection card machine and performs parameter verification, the verification is successful, connection is established with the encryption server, and otherwise, the connection is not established.
Furthermore, the upper computer encrypts the plaintext through the encryption server and the card machine to form ciphertext, which comprises,
s211, the upper computer sends an encryption instruction to the encryption server;
s212, the encryption server receives an encryption instruction and selects and calls a corresponding card machine dynamic library interface function;
s213, the card machine executes the encryption function according to the selected card machine dynamic library interface function and returns the execution result;
s214, the encryption server judges the returned execution result, and feeds back the encrypted data to the upper computer when the judgment result is correct.
Furthermore, the upper computer performs the following operations after receiving the encrypted data fed back by the encryption server,
s215, judging whether an execution result is correct, if so, executing S216, otherwise, prompting that the execution is failed, and ending the execution;
s216, the composed ciphertext frame is sent to a meter.
Further, the method further comprises the following operation after the upper computer constructs the ciphertext frame and sends the ciphertext frame to the meter,
s217, the upper computer receives the meter return frame, extracts the data area to be decrypted, and sends the data area to the encryption server in combination with the decryption instruction;
s218, the encryption server selects and calls the corresponding card machine dynamic library interface function so as to enable the card machine to execute decryption.
Further, the method further comprises, after the card machine performs decryption,
s219, the card machine returns an execution result, the encryption server judges whether the execution result is correct, and when the result is correct, the encryption server sends plaintext data to the upper computer;
s220, the upper computer receives the returned information, judges whether the execution result is correct, if so, analyzes the plaintext, displays the result and finishes the execution.
Further, the method further comprises the steps of analyzing the error code and feeding the error code back to the upper computer when the encryption server judges that the execution result is incorrect.
Further, the upper computer and the encryption server are located on a local computer.
Further, the upper computer and the encryption server are located on different local computers.
Compared with the prior art, the invention has the advantages that:
the encryption server is independent of the upper computer, the problems of insufficient memory, memory leakage and system breakdown when the upper computer calls a dynamic library interface function in the past are avoided, meanwhile, the encryption server is independent of the upper computer, the characteristic of large memory of the local computer can be fully utilized, the safety of data transmission and the reliability of successful communication are ensured, and a plurality of upper computers can be supported to be simultaneously connected with the encryption communication of one server, so that the application range and possibility are enlarged.
Drawings
Fig. 1 is a flowchart of the encryption initiation of the present application.
Fig. 2 is a flowchart of encryption and decryption in the present application.
Detailed Description
Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the invention.
A preferred embodiment of a method of communicating using a separate encryption server as shown in fig. 1-2, the method comprising the steps of,
s1, respectively connecting and starting an upper computer, an encryption server and a card machine, wherein the encryption server and the upper computer are separately designed;
s2, the upper computer encrypts the plaintext through the encryption server and the card machine, forms ciphertext, sends the ciphertext to the meter, receives information fed back by the meter, decrypts the fed back information through the encryption server and the card machine, and achieves communication between the upper computer and the meter.
The upper computer and the encryption server are separated, and can be both positioned on the same local computer or respectively positioned on different local computers, so that the multi-upper computer can be conveniently connected with the same encryption server for encryption communication at the same time, namely, the local card machine is inserted on a remote computer, the background can also be remotely accessed through IP, the multi-user multi-table self-adaptive service opening communication requirement is met, if the card machine is inserted on an A computer, the encryption server is operated on the A computer, the local encryption service of the A computer is accessed on a plurality of computers such as B, C, D … … through IP, and the application requirement of a remote technical support communication scene is met.
Meanwhile, by adopting the communication design, the dynamic library can be popularized in remote encryption dynamic library updating, for example, the application requirements of one-to-many local area network communication and remote technical support scenes are met.
Wherein, the upper computer is connected with the encryption server for starting, which comprises,
s111, starting an upper computer, and sending the upper computer parameters to an encryption server;
s112, judging whether the encryption server is started or not, if yes, executing S13, and if not, disconnecting the encryption server from the upper computer;
s113, verifying whether the received upper computer parameters are matched with the stored information, if so, establishing connection with the upper computer, and if not, disconnecting with the upper computer.
The upper computer parameters comprise a local computer IP, an encryption server port number and communication delay time.
The connection start of the encryption server and the card machine correspondingly comprises,
s121, the encryption server sends a dynamic library instruction of the connection card machine to the card machine;
s122, the card machine receives the dynamic library instruction of the connection card machine and performs parameter verification, the verification is successful, connection is established with the encryption server, and otherwise, the connection is not established.
Wherein, the upper computer encrypts the plaintext through the encryption server and the card machine to form ciphertext, which comprises,
s211, the upper computer sends an encryption instruction to the encryption server;
s212, the encryption server receives an encryption instruction and selects and calls a corresponding card machine dynamic library interface function;
s213, the card machine executes the encryption function according to the selected card machine dynamic library interface function, and returns the execution result;
s214, the encryption server judges the returned execution result, and feeds back the encrypted data to the upper computer when the judgment result is correct.
Wherein, the specific mode of parameter verification is that,
1. the encryption server is internally provided with 3 parameters of an ammeter key state, a table number and a session negotiation counter;
2. the encryption server calls a dynamic library link instruction and sends 3 built-in parameters;
3. the dynamic library executes a link function and verifies 3 parameters;
4. if the verification is successful, the function returns 0, otherwise an error code is returned.
Meanwhile, the upper computer receives the encrypted data fed back by the encryption server and then performs the following operations,
s215, judging whether an execution result is correct, if so, executing S216, otherwise, prompting that the execution is failed, and ending the execution;
s216, the composed ciphertext frame is sent to a meter.
The method further comprises the following operations after the upper computer constructs the ciphertext frame and sends the ciphertext frame to the meter,
s217, the upper computer receives the meter return frame, extracts the data area to be decrypted, and sends the data area to the encryption server in combination with the decryption instruction;
s218, the encryption server selects and calls the corresponding card machine dynamic library interface function so as to enable the card machine to execute decryption.
And the card machine performs the following operations after decryption,
s219, the card machine returns an execution result, the encryption server judges whether the execution result is correct, and when the result is correct, the encryption server sends plaintext data to the upper computer;
s220, the upper computer receives the returned information, judges whether the execution result is correct, if so, analyzes the plaintext, displays the result and finishes the execution.
It should be noted that, whether encryption or decryption is performed, after the card machine executes the encryption/decryption function, after the execution result is returned, the encryption server analyzes the error code and feeds back the error code to the upper computer when judging that the execution result is incorrect, and the upper computer uniformly considers that the result is incorrect after receiving the feedback information.
Therefore, the method and the device can fully utilize the dynamic flexible space of computer storage on the basis of not changing the existing card machine dynamic library, the capacity of the computer storage space is usually Gb level, the residual space is sufficient, the local card machine dynamic library is independently packaged into a local service, and service call can be started when needed; separated from the upper computer, the local service abnormality can not influence the normal application of the upper computer.
The mobile library of the card machine is moved to the computer end, so that a man-machine interaction monitoring log mechanism is added, and the safety of data transmission and the reliability of successful communication are ensured; the man-machine interaction monitoring interface can save key information of encrypted communication, so that message analysis is supported to optimize an electric energy meter communication mechanism, the application requirements of an electric energy meter encrypted communication scene and a card machine manufacturer for updating a dynamic library in real time are met, the hardware cost is low, the configuration is simple, even if the card machine manufacturer updates the card machine encrypted dynamic library, the card machine can be normally used by only replacing an encryption server, and a background communication protocol is optimized, so that the operation speed and the reliability of calling card machine service are improved.
While embodiments of the invention have been shown and described, it will be understood by those skilled in the art that: many changes, modifications, substitutions and variations may be made to the embodiments without departing from the spirit and principles of the invention, the scope of which is defined by the claims and their equivalents.
Claims (9)
1. A method for communicating using a separate encryption server, comprising:
s1, respectively connecting and starting an upper computer, an encryption server and a card machine, wherein the encryption server and the upper computer are separately designed;
s2, the upper computer encrypts the plaintext through the encryption server and the card machine, forms a ciphertext, sends the ciphertext to the meter, receives information fed back by the meter, decrypts the fed back information through the encryption server and the card machine, and achieves communication between the upper computer and the meter; the upper computer encrypts plaintext through the encryption server and the card machine to form ciphertext, and the method specifically comprises the following steps:
s211, the upper computer sends an encryption instruction to the encryption server;
s212, the encryption server receives an encryption instruction and selects and calls a corresponding card machine dynamic library interface function;
s213, the card machine executes the encryption function according to the selected card machine dynamic library interface function, and returns the execution result;
s214, the encryption server judges the returned execution result, and feeds back the encrypted data to the upper computer when the judgment result is correct.
2. The method of communicating using a separate encryption server according to claim 1, wherein: the upper computer is connected with the encryption server for starting, and concretely comprises,
s111, starting an upper computer, and sending the upper computer parameters to an encryption server;
s112, judging whether the encryption server is started or not, if yes, executing S13, and if not, disconnecting the encryption server from the upper computer;
s113, verifying whether the received upper computer parameters are matched with the stored information, if so, establishing connection with the upper computer, and if not, disconnecting with the upper computer.
3. The method of communicating using a separate encryption server according to claim 1, wherein: the encryption server is connected with the card machine for starting, and concretely comprises,
s121, the encryption server sends a dynamic library instruction of the connection card machine to the card machine;
s122, the card machine receives the dynamic library instruction of the connection card machine and performs parameter verification, the verification is successful, connection is established with the encryption server, and otherwise, the connection is not established.
4. The method of communicating using a separate encryption server according to claim 1, wherein: the upper computer also performs the following operations after receiving the encrypted data fed back by the encryption server,
s215, judging whether an execution result is correct, if so, executing S216, otherwise, prompting that the execution is failed, and ending the execution;
s216, the composed ciphertext frame is sent to a meter.
5. The method of communicating using a separate encryption server according to claim 4, wherein: the method further comprises the following operations after the upper computer constructs the ciphertext frame and sends the ciphertext frame to the meter,
s217, the upper computer receives the meter return frame, extracts the data area to be decrypted, and sends the data area to the encryption server in combination with the decryption instruction;
s218, the encryption server selects and calls the corresponding card machine dynamic library interface function so as to enable the card machine to execute decryption.
6. The method of communicating using a separate encryption server according to claim 5, wherein: the method further comprises after the card machine performs decryption,
s219, the card machine returns an execution result, the encryption server judges whether the execution result is correct, and when the result is correct, the encryption server sends plaintext data to the upper computer;
s220, the upper computer receives the returned information, judges whether the execution result is correct, if so, analyzes the plaintext, displays the result and finishes the execution.
7. The method of communicating using a separate encryption server according to claim 6, wherein: the method also comprises the steps of analyzing the error code and feeding the error code back to the upper computer when the encryption server judges that the execution result is incorrect.
8. The method of communicating using a separate encryption server according to claim 1, wherein:
the upper computer and the encryption server are located on a local machine.
9. The method of communicating using a separate encryption server according to claim 1, wherein:
the upper computer and the encryption server are located on different local computers.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210206333.4A CN114640510B (en) | 2022-03-02 | 2022-03-02 | Method for communication by adopting separated encryption server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210206333.4A CN114640510B (en) | 2022-03-02 | 2022-03-02 | Method for communication by adopting separated encryption server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114640510A CN114640510A (en) | 2022-06-17 |
| CN114640510B true CN114640510B (en) | 2023-07-04 |
Family
ID=81948132
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210206333.4A Active CN114640510B (en) | 2022-03-02 | 2022-03-02 | Method for communication by adopting separated encryption server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114640510B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108197501A (en) * | 2017-12-28 | 2018-06-22 | 天地融科技股份有限公司 | Information input equipment inputs encryption method, device and the information input equipment of information |
| CN113507435A (en) * | 2021-06-01 | 2021-10-15 | 武汉天喻信息产业股份有限公司 | Data transmission method and system |
Family Cites Families (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9515997B1 (en) * | 2013-07-19 | 2016-12-06 | Amazon Technologies, Inc. | Inline data encryption |
| US9819493B2 (en) * | 2014-02-26 | 2017-11-14 | Unisys Corporation | Enhanced security for media encryption |
| WO2016126151A1 (en) * | 2015-02-05 | 2016-08-11 | Mtouche Technology Berhad | System for establishing secure communication between multiple electronic communication devices |
| CN105243746B (en) * | 2015-10-21 | 2018-03-20 | 宁波三星医疗电气股份有限公司 | A kind of single-phase intelligent electric energy meter takes control mode switching method |
| JP6728799B2 (en) * | 2016-03-11 | 2020-07-22 | 日本電気株式会社 | Cryptographic communication system, cryptographic communication method, security chip, communication device, control method thereof, and control program |
| CN205787091U (en) * | 2016-06-29 | 2016-12-07 | 中国南方电网有限责任公司电网技术研究中心 | For taking the simulation electric energy meter of control interactive terminal expense control Function detection |
| CN108809906B (en) * | 2017-05-03 | 2020-07-07 | 腾讯科技(深圳)有限公司 | Data processing method, system and device |
| CN109450857B (en) * | 2018-10-12 | 2022-05-31 | 五八有限公司 | Encrypted data configuration method, device, server, encryption equipment and storage medium |
| CN110324143B (en) * | 2019-05-24 | 2022-03-11 | 平安科技(深圳)有限公司 | Data transmission method, electronic device and storage medium |
| CN110944010B (en) * | 2019-12-13 | 2021-09-14 | 辽宁省计量科学研究院 | Anti-theft flow device control system and method |
| CN113420309B (en) * | 2021-07-01 | 2022-05-17 | 广东工业大学 | Lightweight data protection system based on state cryptographic algorithm |
| CN113612769B (en) * | 2021-08-02 | 2023-04-07 | 北京力天世技系统集成有限公司 | Data safety type connector |
| CN114070614B (en) * | 2021-11-15 | 2024-01-09 | 中国工商银行股份有限公司 | Identity authentication method, apparatus, device, storage medium and computer program product |
-
2022
- 2022-03-02 CN CN202210206333.4A patent/CN114640510B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108197501A (en) * | 2017-12-28 | 2018-06-22 | 天地融科技股份有限公司 | Information input equipment inputs encryption method, device and the information input equipment of information |
| CN113507435A (en) * | 2021-06-01 | 2021-10-15 | 武汉天喻信息产业股份有限公司 | Data transmission method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114640510A (en) | 2022-06-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9979817B2 (en) | Using automatically collected device problem information to route and guide users' requests | |
| EP2056195B1 (en) | Implementation method for updating the terminals in batches | |
| EP3048759B1 (en) | Fault diagnosis method, device and system | |
| CN110719166A (en) | Chip burning method, chip burning device, chip burning system and storage medium | |
| US8750831B2 (en) | Method and apparatus for realizing unlocking for terminal device | |
| CN103974250B (en) | Collocation method and equipment | |
| CN106302415A (en) | A kind of method verifying equipment validity and distribution automatic to legitimate device | |
| CN109558261B (en) | Method and system for acquiring abnormal log of wearable device | |
| CN108021382A (en) | A kind of embedded device remote update system, method and embedded device | |
| CN107484152B (en) | Management method and device for terminal application | |
| EP2611226B1 (en) | Processing method and system for over-the-air bootstrap | |
| CN109890029B (en) | Automatic network distribution method of intelligent wireless equipment | |
| EP4068834A1 (en) | Initial security configuration method, security module, and terminal | |
| CN113162973B (en) | IP access method and device of SSL VPN | |
| CN114024790A (en) | Distribution network binding method of intelligent household appliance, mobile terminal and cloud server | |
| CN114640510B (en) | Method for communication by adopting separated encryption server | |
| CN106453282B (en) | Control method and system of ATM equipment | |
| CN108449181A (en) | Terminal device with encryption system and its system start method | |
| CN110430572B (en) | eUICC card, communication method of eUICC card and management platform and communication system thereof | |
| US9294865B2 (en) | Enhanced system and method for custom programming of large groups of phones without requiring additional equipment | |
| CN113709142B (en) | Hot spot distribution network method and device, intelligent terminal and storage medium | |
| EP3086583B1 (en) | Wireless terminal network locking method and system | |
| CN110493785B (en) | Login method of mobile client, SIM card and system | |
| CN113014592B (en) | Automatic registration system and method for Internet of things equipment | |
| CN113573339B (en) | Equipment wireless connection method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |