CN116708347A - Method for realizing file distribution in iot network based on mail protocol - Google Patents
Method for realizing file distribution in iot network based on mail protocol Download PDFInfo
- Publication number
- CN116708347A CN116708347A CN202310589425.XA CN202310589425A CN116708347A CN 116708347 A CN116708347 A CN 116708347A CN 202310589425 A CN202310589425 A CN 202310589425A CN 116708347 A CN116708347 A CN 116708347A
- Authority
- CN
- China
- Prior art keywords
- file
- quantum
- gateway
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 230000003993 interaction Effects 0.000 claims abstract description 5
- 239000013598 vector Substances 0.000 claims description 21
- 239000012634 fragment Substances 0.000 claims description 15
- 230000002159 abnormal effect Effects 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 7
- 238000004891 communication Methods 0.000 claims description 6
- 238000012544 monitoring process Methods 0.000 claims description 6
- 238000013475 authorization Methods 0.000 claims description 3
- 238000007621 cluster analysis Methods 0.000 claims description 3
- 238000007726 management method Methods 0.000 description 20
- 230000005540 biological transmission Effects 0.000 description 10
- 230000008569 process Effects 0.000 description 10
- 238000012423 maintenance Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000012546 transfer Methods 0.000 description 3
- 238000009825 accumulation Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 238000011158 quantitative evaluation Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000003339 best practice Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/42—Mailbox-related aspects, e.g. synchronisation of mailboxes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/07—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
- H04L51/08—Annexed information, e.g. attachments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/224—Monitoring or handling of messages providing notification on incoming messages, e.g. pushed notifications of received messages
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Electromagnetism (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to the field of mail file distribution methods, and discloses a method for realizing file distribution in a iot network based on a mail protocol, which comprises the following steps: s1: starting a device management program at a mobile phone end, and completing interaction between a device distribution network and a service server in a Bluetooth mode to complete binding of devices and mail addresses; s2: the equipment end monitors whether new file information needs to be acquired or not through the mqtt heartbeat; s3: receiving all mails using a specific domain name by using an aws ses server; s4: checking whether the mail domain name is a legal mail address or not through email address validity checking; s5: if the mail is legal, the original file of the mail is stored in a file server 1, monitored through lambda2, the attachment of the mail is arranged in the file server 2 and stored in a database to complete the file record of the email, and meanwhile, the notification utilization iot network notifies the device that a new file arrives through the mqtt message, so that the intelligent distribution operation is realized.
Description
Technical Field
The invention relates to the field of mail file distribution methods, in particular to a method for realizing file distribution in a iot network based on a mail protocol.
Background
The goal of the mail transfer protocol (SMTP) is to reliably and efficiently transfer mail, which is independent of the transfer subsystem and requires only one channel that can guarantee the order of transferring data units; an important feature of SMTP is its ability to relay mail during delivery, and the delivery service provides an inter-process communication environment (IPCE) that may include a network, several networks, or a sub-network of a network. It is important to understand that the transport system (or IPCE) is not one-to-one. The process may communicate directly with other processes through known IPCE. Mail is an application or inter-process communication. Mail may be delivered across a network by processes connected to different IPCE. More particularly, mail may be delivered relay by hosts on different networks.
In the existing enterprises, the users need to take charge of receiving mail files manually every day, and the mail files are arranged into files after manual downloading and sent to the applicant through communication means such as mails or WeChat, the whole process is complex and complicated, errors are extremely easy to occur, and therefore, the method for realizing file distribution in the iot network based on a mail protocol is provided.
Disclosure of Invention
(one) solving the technical problems
Aiming at the defects of the prior art, the invention provides a method for realizing file distribution in a iot network based on a mail protocol, which solves the problems.
(II) technical scheme
In order to achieve the above purpose, the present invention provides the following technical solutions: a method for implementing file distribution in a iot network based on mail protocol, comprising the steps of:
s1: initializing equipment, starting an equipment management program at a mobile phone end, completing equipment network allocation by using a Bluetooth mode, interacting with a service server, and completing binding of equipment and mail addresses;
s2: the equipment end monitors whether new file information needs to be acquired or not through the mqtt heartbeat;
s3: receiving all mails using a specific domain name by using an aws ses server;
s4: checking whether the mail domain name is a legal mail address or not through email address validity checking;
s5: if the mail is legal, the original file of the mail is stored in a file server 1 (email source file), the file server 1 is monitored through lambda2 (email file processing), attachments of the mail are sorted to the file server 2 (processed file), and finally the attachment files in the mail are sorted to a database to complete email file recording, and meanwhile, a iot network is notified through an mqtt message to notify equipment that a new file arrives.
Preferably, the initializing the device in S1, and starting the device management program and the service server to interact at the mobile phone end includes: the device information is registered in a service server, which generates a unique mail identification for the device, and the interaction between the service server and the device is hosted by the Cloud IoT Core.
The device side comprises a main gateway, a plurality of sub-gateways and a corporate mail server, wherein the main gateway and the sub-gateways enable an mqtt proxy, the main gateway monitors heartbeat messages sent by the sub-gateways, the sub-gateways report searched Bluetooth device information to the main gateway, and the main gateway designates the sub-gateway to which the Bluetooth device is connected according to the signal intensity of the Bluetooth device;
the main gateway subscribes to the mqtt theme of the sub-gateway, the sub-gateway subscribes to the mqtt theme of the main gateway, the main gateway sends a command to the mqtt theme subscribed by the sub-gateway, and the sub-gateway publishes a state to the mqtt theme subscribed by the main gateway.
Preferably, the step S2 of monitoring, by the device side through the mqtt heartbeat, whether new file information needs to be acquired includes the following specific steps:
s21: starting an mqtt proxy and a Bluetooth gateway in a plurality of edge intelligent gateways, and designating one edge intelligent gateway as a main gateway and the rest edge intelligent gateways as sub-gateways by setting;
s22: when the main gateway receives the heartbeat message reported by the sub gateway, the main gateway performs mutual mqtt theme subscription according to the information of the sub gateway and the main gateway so as to establish communication connection between the sub gateway and the main gateway; starting a device management program at a mobile phone end, and reporting the mail file information to the main gateway through the heartbeat message when any sub gateway receives the device information by utilizing a Bluetooth mode and mail file information which is mutually transmitted by a service server and contains the device information;
s23: and the main gateway designates a sub-gateway accessed by the equipment according to the signal intensity of the equipment, and the starting of the mqtt proxy in the edge intelligent gateway is completed by executing an mqtt proxy starting script of a gateway program in the edge intelligent gateway.
Preferably, the step S3 of receiving all mails using the specific domain name by using the aws ses server specifically includes the following specific steps:
s31: binding mailbox users with the quantum security chips in advance, and binding one mailbox user with one quantum security chip;
s32: before receiving the mail, the mail receiving equipment performs identity verification through the quantum password management service system, reads a quantum security key preset in a built-in quantum security chip and the quantum password management service system to perform entity identity authentication, and finally returns an authentication result;
s23: after the user is authenticated by logging in through the steps, when needing to receive the mail, the device uses a preset key in the quantum security chip to apply for acquiring the mail encryption key to the quantum password management service system and decrypt the mail.
Preferably, the security key in the quantum security chip is built in advance, when the quantum security chip sends a card, the quantum security chip is filled in advance through a quantum key filling machine, the used quantum security chip is provided with preset quantum passwords, each quantum security chip is provided with a serial number, each quantum key is provided with a serial number, the serial numbers of the quantum security chip and the quantum key are provided, and a corresponding key can be found in the quantum exchange password machine.
Preferably, after the mailbox program for the mail receiving device is started for entity identity authentication in S32, the quantum security chip is automatically invoked to complete identity authentication of the symmetric key based on the quantum security key;
and authenticating the entity comprises the following steps:
s321: a user opens a mailbox application on mail receiving equipment, inputs an account number and a password to carry out login authorization of the mailbox application, logs in a mailbox, and after the user logs in, the mail receiving equipment automatically transmits an authentication request to a sub-security chip;
s322: the quantum security chip returns a quantum key and a sequence Z-1 where the quantum key is located to mail receiving equipment;
s323: the mail receiving equipment sends an authentication request and a quantum key sequence Z-1 returned by the quantum security chip to the quantum password management service system;
s324: the mail receiving equipment receives a good scheme of encryption by using a key corresponding to the quantum key sequence Z-1 sent by the quantum password management service system: the time stamp and the equipment physical address are used for verifying that the quantum cryptography management service system is the owner;
s325: the mail receiving equipment adopts a good scheme, uses the key encryption corresponding to the quantum key sequence Z-1 to send to the quantum password management service system, and is used for verifying that the mail receiving equipment is the own person and is not an application which is resent after the information is intercepted by other persons;
s326: after both sides pass the verification, the quantum cryptography management service system encrypts and sends an authentication result to the mail receiving equipment.
Preferably, the step of checking whether the email address domain name is legal in S4 includes the following steps:
s41: a data packet is predefined, and the data packet comprises equipment information, network information and account information for carrying out mail operation;
s42: receiving a data packet generated by mail operation of an email address from a server to acquire an email parameter set W;
s43: selecting a plurality of elements based on the parameter set W to update a history database, wherein the plurality of elements at least comprise the type of the mail operation event, the email address parameter and the event time stamp;
s44: counting the usage habit vector of each element based on the history database to form a usage habit vector set L corresponding to the parameter set W, wherein the usage habit vector at least comprises at least one of the following vectors: a first distribution vector of element occurrence ratios and a second distribution vector of mail operation event time frequency corresponding to each element;
s45: and carrying out cluster analysis aiming at the using habit vector set L, and detecting abnormal email addresses according to the clustering result.
Preferably, the selecting a plurality of elements from the parameter set W to update the history database in S43 includes: converting the time stamp into a time dimension according to a set time unit;
assigning weights to the assigned proportions in the historical time dimension based on the set time units;
the assigned proportions in time units are weighted added to update the history database.
Preferably, in the step S5, the attachment file in the mail is finally arranged in a database to complete the email file record, wherein the database includes a logic layer and a storage layer, the storage layer includes a plurality of key-value key value pairs storage systems, and the method specifically includes the following steps:
s51: the database acquires the files processed by the file server 2;
s52: generating a plurality of complete source file fragment objects according to the processed files based on a logic layer in a database;
s53: encoding and converting each complete source file fragment object to generate a complete source file byte code, wherein each complete source file fragment object corresponds to each complete source file byte code;
s54: taking the complete source file fragment object as a key, taking the complete source file byte code as a value, and storing each complete source file fragment object in each key-value key value pair storage system in a storage layer;
s55: generating a complete source file metadata object according to the processed file based on a logic layer in the database, wherein a key of the complete source file metadata object is a URL of the request;
s56: converting the complete source file metadata object into complete source file metadata byte codes according to the complete source file metadata object;
s57: and storing each complete source file metadata object in each key-value key value pair storage system in the storage layer by taking the complete source file metadata object as a key and the complete source file metadata byte code as a value.
(III) beneficial effects
Compared with the prior art, the invention provides a method for realizing file distribution in a iot network based on a mail protocol, which has the following beneficial effects:
1. according to the method for realizing file distribution in the iot network based on the mail protocol, a device management program is started at a mobile phone end through device initialization, and a Bluetooth mode is utilized to complete device network allocation and interaction with a service server, so that binding of devices and mail addresses is completed; the equipment end monitors whether new file information needs to be acquired or not through the mqtt heartbeat; receiving all mails using a specific domain name by using an aws ses server; checking whether the mail domain name is a legal mail address or not through email address validity checking; if the mail is legal, storing the original file of the mail into an email source file, processing the listening email source file through the email file, sorting the attachment of the mail into the processed file, and finally sorting the attachment file in the mail into a database to complete the recording of the email file, and notifying the device of the arrival of a new file through an mqtt message by using a iot network; the intelligent distribution operation is realized in the mail receiving and sending process of enterprises, so that not only is the occurrence of manual operation errors avoided, but also the overall working efficiency is improved, and meanwhile, the equipment is ensured to accurately receive the notification of the arrival of the new file.
2. According to the method for realizing file distribution in the iot network based on the mail protocol, the edge intelligent gateway is divided into the main gateway and the sub-gateway through the mqtt proxy and the heartbeat message, the Bluetooth equipment is managed through the sub-gateway, the main gateway sends a command to the sub-gateway and reports information reported by the received sub-gateway to the server, and meanwhile, the main gateway appoints the sub-gateway which is accessed by the main gateway according to the signal intensity of the Bluetooth equipment, so that the coverage capacity of the Bluetooth network is improved, and meanwhile, the Bluetooth equipment access providing the optimal signal is realized.
3. The method for realizing file distribution in iot network based on mail protocol uses quantum cipher management service system to make identity authentication and distribute mail cipher, so as to raise safety; the threat of the increasingly severe environment of network attack to the mailbox receiving and sending environment is solved; the identity authentication problem of the mail receiving and sending party entity is solved; the problem that mail contents are stolen in the mail transmission and storage processes is solved: mail is transmitted in ciphertext and stored in ciphertext. Even if the mail is intercepted, an attacker can only obtain ciphertext and cannot obtain information; the problems of possible tampering of a sender and mail contents in the mail transmission process are solved; the entities use a hash algorithm to carry out message digest on mail contents, and use mail encryption passwords to carry out encryption transmission and storage in a one-time encryption mode, and check after decrypting the mail so as to avoid the risk of content tampering.
4. The method for realizing file distribution in iot network based on mail protocol can effectively monitor the E-mail with abnormal operation by checking whether the mail address domain name is legal, detect the data packet generated in the E-mail sending process and perform habit clustering on each parameter, detect the abnormal mail address, thereby improving the accuracy of monitoring risk senders and junk mails; the method can also perform clustering evaluation of parameter sets by combining historical parameter data according to the parameter sets of the e-mail, perform weighted accumulation on the historical parameter sets based on time units, calculate distribution quantiles based on clustering results, and perform quantitative evaluation on abnormal e-mails, so that accuracy of monitoring risk senders and junk mails is further improved.
5. The method for realizing file distribution in iot network based on mail protocol comprises setting data based on a logic layer and a storage layer, wherein the storage layer comprises a plurality of key-value key value pairs storage system; the method has the advantages that the processed file is divided into a plurality of pieces of storage data based on a logic layer, each piece of storage data is stored in a plurality of key-value key value pairs in a storage layer, so that the cache can be quickly written in and read out, timeliness in the data transmission process is accelerated, the disk load is reduced, the network transmission speed is improved, the cost of the overhead of the disk is reduced, and the pressure of operation and maintenance on system maintenance is reduced; by enabling the storage layer to comprise a plurality of key-value pair storage systems, the storage and reading efficiency of large files can be greatly improved, because one large file can be divided into a plurality of pieces of storage data to be stored in different key-value pair storage systems, and different pieces of data can be read from the plurality of key-value pair storage systems at the same time during reading.
Drawings
FIG. 1 is a schematic diagram of a method architecture for implementing file distribution in a iot network in accordance with the present invention;
fig. 2 is a flow chart of a method for implementing file distribution in a iot network according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-2, a method for implementing file distribution in a iot network based on mail protocol includes the following steps:
s1: initializing equipment, starting an equipment management program at a mobile phone end, completing equipment network allocation by using a Bluetooth mode, interacting with a service server, and completing binding of equipment and mail addresses;
s2: the equipment end monitors whether new file information needs to be acquired or not through the mqtt heartbeat;
s3: receiving all mails using a specific domain name by using an aws ses server;
s4: checking whether the mail domain name is a legal mail address or not through email address validity checking;
s5: if the mail is legal, the original file of the mail is stored in a file server 1 (email source file), the file server 1 is monitored through lambda2 (email file processing), attachments of the mail are sorted to the file server 2 (processed file), and finally the attachment files in the mail are sorted to a database to complete email file recording, and meanwhile, a iot network is notified through an mqtt message to notify equipment that a new file arrives.
The step S1 of initializing equipment, wherein the step of starting the equipment management program and the service server to interact at the mobile phone end comprises the following steps: the device information is registered in the service server, which generates a unique mail identification for the device, and the service server and the device interact to be hosted by the Cloud IoT Core.
The Cloud IoT Core is an internet of Things hosting service of the Amazon AWS Cloud platform, and can be used for connecting, managing and extracting data from millions of global distributed devices, and the Amazon AWS further releases an Android thongs client function library of the Cloud IoT Core, so that a developer can configure and authenticate the Android thongs device, and can easily connect to an IoT Core MQTT bridge for verifying devices, deploying device telemetry, status and subscription configuration updating, even handling events such as errors and network interruption as long as a few lines of codes.
The developer can process the network, threads and message processing of the device through the Cloud IoT Core client function library to achieve authentication, security, error handling and offline operation with best practices. The Cloud IoT Core maintains a device registry to track authenticated devices, which use a public key for authentication.
The device side comprises a main gateway, a plurality of sub-gateways and a company mail server, wherein the main gateway and the sub-gateways are respectively started with an mqtt proxy, the main gateway monitors heartbeat messages sent by the sub-gateways, the sub-gateways report searched Bluetooth device information to the main gateway, and the main gateway designates the sub-gateway to which the Bluetooth device is connected according to the signal intensity of the Bluetooth device;
the main gateway subscribes to the mqtt theme of the sub-gateway, the sub-gateway subscribes to the mqtt theme of the main gateway, the main gateway sends a command to the mqtt theme subscribed by the sub-gateway, and the sub-gateway publishes a state to the mqtt theme subscribed by the main gateway.
S2, the equipment monitors whether new file information needs to be acquired or not through the mqtt heartbeat, and the method comprises the following specific steps:
s21: starting an mqtt proxy and a Bluetooth gateway in a plurality of edge intelligent gateways, and designating one edge intelligent gateway as a main gateway and the rest edge intelligent gateways as sub-gateways by setting;
s22: when the main gateway receives the heartbeat message reported by the sub gateway, the main gateway performs mutual mqtt theme subscription according to the information of the sub gateway and the main gateway so as to establish communication connection between the sub gateway and the main gateway; starting a device management program at a mobile phone end, and reporting the device information to a main gateway through a heartbeat message when any sub gateway receives the device information by utilizing mail file information which is mutually transmitted by a Bluetooth mode and a service server and contains the device information;
s23: the main gateway designates a sub-gateway accessed by the equipment according to the signal intensity of the equipment, and the starting of the mqtt proxy in the edge intelligent gateway is completed by executing an mqtt proxy starting script of a gateway program in the edge intelligent gateway.
According to the method, a device management program is started at a mobile phone end, a Bluetooth mode is utilized to complete device distribution, an edge intelligent gateway is divided into a main gateway and a sub-gateway through an mqtt proxy and a heartbeat message in interaction with a service server, bluetooth devices are managed through the sub-gateway, the main gateway sends commands to the sub-gateway and reports information reported by the received sub-gateway to the server, meanwhile, the main gateway appoints the sub-gateway which is accessed by the main gateway according to the signal intensity of the Bluetooth devices, the coverage capacity of the Bluetooth network is improved, and meanwhile, bluetooth device access with optimal signal providing is realized.
S3, receiving all mails using the specific domain name by using the aws servers specifically comprises the following specific steps:
s31: binding mailbox users with the quantum security chips in advance, and binding one mailbox user with one quantum security chip;
s32: before receiving the mail, the mail receiving equipment performs identity verification through the quantum password management service system, reads a quantum security key preset in a built-in quantum security chip and the quantum password management service system to perform entity identity authentication, and finally returns an authentication result;
s23: after the user is authenticated by logging in through the steps, when needing to receive the mail, the device uses a preset key in the quantum security chip to apply for acquiring the mail encryption key to the quantum password management service system and decrypt the mail.
The safe secret key in the quantum safe chip is built-in advance, the quantum safe chip is filled in advance by a quantum secret key filling machine when the quantum safe chip sends out a card, the used quantum safe chip is provided with preset quantum secret codes, each quantum safe chip is provided with a serial number, each quantum secret key is provided with a serial number, the serial numbers of the quantum safe chip and the quantum secret key are provided, and the corresponding secret key can be found in the quantum exchange secret code machine.
S32, after a mailbox program for the mail receiving equipment is started, the entity identity authentication is performed, the quantum security chip is automatically called, and the identity authentication of the symmetric key based on the quantum security key is completed;
and authenticating the entity comprises the following steps:
s321: a user opens a mailbox application on mail receiving equipment, inputs an account number and a password to carry out login authorization of the mailbox application, logs in a mailbox, and after the user logs in, the mail receiving equipment automatically transmits an authentication request to a sub-security chip;
s322: the quantum security chip returns a quantum key and a sequence Z-1 where the quantum key is located to mail receiving equipment;
s323: the mail receiving equipment sends an authentication request and a quantum key sequence Z-1 returned by the quantum security chip to the quantum password management service system;
s324: the mail receiving equipment receives a good scheme of key encryption corresponding to a quantum key sequence Z-1 sent by the quantum password management service system: the time stamp and the equipment physical address are used for verifying that the quantum cryptography management service system is the owner;
s325: the mail receiving equipment adopts a good scheme, uses the key encryption corresponding to the quantum key sequence Z-1 to send to the quantum password management service system, and is used for verifying that the mail receiving equipment is the own person and is not an application which is resent after the information is intercepted by other persons;
s326: after both sides pass the verification, the quantum cryptography management service system encrypts and sends an authentication result to the mail receiving equipment.
The method uses the quantum password management service system to carry out identity authentication and distribute mail encryption passwords, thereby increasing the security; the threat of the increasingly severe environment of network attack to the mailbox receiving and sending environment is solved; the identity authentication problem of the mail receiving and sending party entity is solved; carrying out identity authentication by using a quantum symmetric key built in the quantum security chip, and authenticating one key at a time; the problem that mail contents are stolen in the mail transmission and storage processes is solved: mail is transmitted in ciphertext, ciphertext is stored, and an encryption key is a quantum true random key which is generated by a quantum password management service system and is safely issued through a quantum password technology. Even if the mail is intercepted, an attacker can only obtain ciphertext and cannot obtain information; the problems of possible tampering of a receiving and sending person and mail content in the mail transmission process are solved: the quantum password management service system can carry out verification code authentication on the receiving and transmitting person, so that the receiving and transmitting person is ensured to be real; the entities use a hash algorithm to carry out message digest on mail contents, and use mail encryption passwords to carry out encryption transmission and storage in a one-time encryption mode, and check after decrypting the mail so as to avoid the risk of content tampering.
S4, checking whether the email address domain name is legal or not comprises the following steps:
s41: a data packet is predefined, and the data packet comprises equipment information, network information and account information for carrying out mail operation;
s42: receiving a data packet generated by mail operation of an email address from a server to acquire an email parameter set W;
s43: selecting a plurality of elements based on the parameter set W to update a history database, wherein the plurality of elements at least comprise the type of the mail operation event, the email address parameter and the event time stamp;
s44: based on the historical database, counting the usage habit vector of each element to form a usage habit vector set L corresponding to the parameter set W, wherein the usage habit vector at least comprises at least one of the following vectors: a first distribution vector of element occurrence ratios and a second distribution vector of mail operation event time frequency corresponding to each element;
s45: and carrying out cluster analysis aiming at the using habit vector set L, and detecting abnormal email addresses according to the clustering result.
Selecting a plurality of elements from the parameter set W to update the history database in S43 includes: converting the time stamp into a time dimension according to a set time unit;
assigning weights to the assigned proportions in the historical time dimension based on the set time units;
the assigned proportions in time units are weighted added to update the history database.
The method can effectively monitor the E-mail with abnormal operation by checking whether the mail address domain name is legal, detect the data packet generated in the E-mail sending process and perform habit clustering on each parameter, and detect the abnormal mail address, thereby improving the accuracy of monitoring risk senders and junk mails; the method can also perform clustering evaluation of parameter sets by combining historical parameter data according to the parameter sets of the e-mail, perform weighted accumulation on the historical parameter sets based on time units, calculate distribution quantiles based on clustering results, and perform quantitative evaluation on abnormal e-mails, so that accuracy of monitoring risk senders and junk mails is further improved.
S5, finally, the attachment files in the mails are arranged in a database to complete the recording of the email files, wherein the database comprises a logic layer and a storage layer, the storage layer comprises a plurality of key-value key value pair storage systems, and the method specifically comprises the following steps:
s51: the database acquires the files processed by the file server 2;
s52: generating a plurality of complete source file fragment objects according to the processed files based on a logic layer in a database;
s53: encoding and converting each complete source file fragment object to generate a complete source file byte code, wherein each complete source file fragment object corresponds to each complete source file byte code;
s54: taking the complete source file fragment object as a key, taking the complete source file byte code as a value, and storing each complete source file fragment object in each key-value key value pair storage system in a storage layer;
s55: generating a complete source file metadata object according to the processed file based on a logic layer in the database, wherein a key of the complete source file metadata object is a URL of the request;
s56: converting the complete source file metadata object into complete source file metadata byte codes according to the complete source file metadata object;
s57: and storing each complete source file metadata object in each key-value key value pair storage system in a storage layer by taking the complete source file metadata object as a key and the complete source file metadata byte code as a value.
The method comprises the steps of setting data based on a logic layer and a storage layer, wherein the storage layer comprises a plurality of key-value key value pairs; dividing the processed mail file into a plurality of pieces of storage data based on a logic layer, storing each piece of storage data in a plurality of key-value key value pairs in a storage layer, realizing quick writing and reading of a cache, accelerating timeliness in a data transmission process, reducing disk load, improving network transmission speed, reducing disk overhead cost and relieving pressure of operation and maintenance on system maintenance; by enabling the storage layer to comprise a plurality of key-value pair storage systems, the storage and reading efficiency of large files can be greatly improved, because one large file can be divided into a plurality of pieces of storage data to be stored in different key-value pair storage systems, and different pieces of data can be read from the plurality of key-value pair storage systems at the same time during reading.
Although embodiments of the present invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (10)
1. A method for implementing file distribution in a iot network based on mail protocol, comprising the steps of:
s1: initializing equipment, starting an equipment management program at a mobile phone end, completing equipment network allocation by using a Bluetooth mode, interacting with a service server, and completing binding of equipment and mail addresses;
s2: the equipment end monitors whether new file information needs to be acquired or not through the mqtt heartbeat;
s3: receiving all mails using a specific domain name by using an aws ses server;
s4: checking whether the mail domain name is a legal mail address or not through email address validity checking;
s5: if the mail is legal, the original file of the mail is stored in a file server 1, the file server 1 is monitored through lambda2, the attachment of the mail is arranged to the file server 2, the attachment file in the mail is finally arranged to a database, the file recording of the email is completed, and meanwhile, the notification device is notified of the arrival of a new file through an mqtt message by utilizing a iot network.
2. The method for implementing file distribution in iot network based on mail protocol according to claim 1, wherein the initializing the device in S1, starting the device management program and the service server to interact at the mobile phone terminal includes: the device information is registered in a service server, which generates a unique mail identification for the device, and the interaction between the service server and the device is hosted by the Cloud IoT Core.
3. The method for implementing file distribution in iot network based on mail protocol as set forth in claim 1, wherein the device side includes a main gateway, a plurality of sub-gateways and a corporate mail server, and the main gateway and the plurality of sub-gateways each enable an mqtt proxy, the main gateway monitors heartbeat messages sent by the sub-gateways, the sub-gateways report the searched bluetooth device information to the main gateway, and the main gateway designates the sub-gateway to which the bluetooth device is connected according to the signal strength of the bluetooth device;
the main gateway subscribes to the mqtt theme of the sub-gateway, the sub-gateway subscribes to the mqtt theme of the main gateway, the main gateway sends a command to the mqtt theme subscribed by the sub-gateway, and the sub-gateway publishes a state to the mqtt theme subscribed by the main gateway.
4. The method for implementing file distribution in iot network based on mail protocol according to claim 3, wherein the step of monitoring whether new file information needs to be acquired by the device side in S2 through mqtt heartbeat includes the following specific steps:
s21: starting an mqtt proxy and a Bluetooth gateway in a plurality of edge intelligent gateways, and designating one edge intelligent gateway as a main gateway and the rest edge intelligent gateways as sub-gateways by setting;
s22: when the main gateway receives the heartbeat message reported by the sub gateway, the main gateway performs mutual mqtt theme subscription according to the information of the sub gateway and the main gateway so as to establish communication connection between the sub gateway and the main gateway; starting a device management program at a mobile phone end, and reporting the mail file information to the main gateway through the heartbeat message when any sub gateway receives the device information by utilizing a Bluetooth mode and mail file information which is mutually transmitted by a service server and contains the device information;
s23: and the main gateway designates a sub-gateway accessed by the equipment according to the signal intensity of the equipment, and the starting of the mqtt proxy in the edge intelligent gateway is completed by executing an mqtt proxy starting script of a gateway program in the edge intelligent gateway.
5. The method for implementing file distribution in iot network based on mail protocol according to claim 1, wherein said S3 receiving all mails using specific domain names by using aws ses server specifically comprises the following specific steps:
s31: binding mailbox users with the quantum security chips in advance, and binding one mailbox user with one quantum security chip;
s32: before receiving the mail, the mail receiving equipment performs identity verification through the quantum password management service system, reads a quantum security key preset in a built-in quantum security chip and the quantum password management service system to perform entity identity authentication, and finally returns an authentication result;
s23: after the user is authenticated by logging in through the steps, when needing to receive the mail, the device uses a preset key in the quantum security chip to apply for acquiring the mail encryption key to the quantum password management service system and decrypt the mail.
6. The method for realizing file distribution in iot network based on mail protocol according to claim 5, wherein the security key in the quantum security chip is built-in advance, the quantum security chip is filled in advance by a quantum key filling machine when issuing the card, the used quantum security chip is provided with preset quantum passwords, each quantum security chip is provided with own serial number, each quantum key is provided with own serial number, the serial numbers of the quantum security chip and the serial numbers of the quantum key are provided, and the corresponding secret key can be found in the quantum exchange crypto machine.
7. The method for implementing file distribution in iot network based on mail protocol according to claim 5, wherein after the mail box program of mail receiving equipment is opened for entity identity authentication in S32, automatically invoking the quantum security chip to complete identity authentication of symmetric key based on quantum security key;
and authenticating the entity comprises the following steps:
s321: a user opens a mailbox application on mail receiving equipment, inputs an account number and a password to carry out login authorization of the mailbox application, logs in a mailbox, and after the user logs in, the mail receiving equipment automatically transmits an authentication request to a sub-security chip;
s322: the quantum security chip returns a quantum key and a sequence Z-1 where the quantum key is located to mail receiving equipment;
s323: the mail receiving equipment sends an authentication request and a quantum key sequence Z-1 returned by the quantum security chip to the quantum password management service system;
s324: the mail receiving equipment receives a good scheme of encryption by using a key corresponding to the quantum key sequence Z-1 sent by the quantum password management service system: the time stamp and the equipment physical address are used for verifying that the quantum cryptography management service system is the owner;
s325: the mail receiving equipment adopts a good scheme, uses the key encryption corresponding to the quantum key sequence Z-1 to send to the quantum password management service system, and is used for verifying that the mail receiving equipment is the own person and is not an application which is resent after the information is intercepted by other persons;
s326: after both sides pass the verification, the quantum cryptography management service system encrypts and sends an authentication result to the mail receiving equipment.
8. The method for implementing file distribution in iot network based on mail protocol according to claim 1, wherein the step of checking whether the email address domain name is legal in S4 comprises the steps of:
s41: a data packet is predefined, and the data packet comprises equipment information, network information and account information for carrying out mail operation;
s42: receiving a data packet generated by mail operation of an email address from a server to acquire an email parameter set W;
s43: selecting a plurality of elements based on the parameter set W to update a history database, wherein the plurality of elements at least comprise the type of the mail operation event, the email address parameter and the event time stamp;
s44: counting the usage habit vector of each element based on the history database to form a usage habit vector set L corresponding to the parameter set W, wherein the usage habit vector at least comprises at least one of the following vectors: a first distribution vector of element occurrence ratios and a second distribution vector of mail operation event time frequency corresponding to each element;
s45: and carrying out cluster analysis aiming at the using habit vector set L, and detecting abnormal email addresses according to the clustering result.
9. The method for implementing file distribution in iot network based on mail protocol according to claim 8, wherein selecting a plurality of elements from the parameter set W to update the history database in S43 comprises: converting the time stamp into a time dimension according to a set time unit;
assigning weights to the assigned proportions in the historical time dimension based on the set time units;
the assigned proportions in time units are weighted added to update the history database.
10. The method for implementing file distribution in iot network based on mail protocol according to claim 1, wherein in S5, the attachment files in the mail are finally sorted into a database to complete the email file record, wherein the database includes a logic layer and a storage layer, the storage layer includes a plurality of key-value pairs storage systems, and specifically includes the following steps:
s51: the database acquires the files processed by the file server 2;
s52: generating a plurality of complete source file fragment objects according to the processed files based on a logic layer in a database;
s53: encoding and converting each complete source file fragment object to generate a complete source file byte code, wherein each complete source file fragment object corresponds to each complete source file byte code;
s54: taking the complete source file fragment object as a key, taking the complete source file byte code as a value, and storing each complete source file fragment object in each key-value key value pair storage system in a storage layer;
s55: generating a complete source file metadata object according to the processed file based on a logic layer in the database, wherein a key of the complete source file metadata object is a URL of the request;
s56: converting the complete source file metadata object into complete source file metadata byte codes according to the complete source file metadata object;
s57: and storing each complete source file metadata object in each key-value key value pair storage system in the storage layer by taking the complete source file metadata object as a key and the complete source file metadata byte code as a value.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310589425.XA CN116708347A (en) | 2023-05-23 | 2023-05-23 | Method for realizing file distribution in iot network based on mail protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310589425.XA CN116708347A (en) | 2023-05-23 | 2023-05-23 | Method for realizing file distribution in iot network based on mail protocol |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116708347A true CN116708347A (en) | 2023-09-05 |
Family
ID=87840189
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310589425.XA Pending CN116708347A (en) | 2023-05-23 | 2023-05-23 | Method for realizing file distribution in iot network based on mail protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116708347A (en) |
-
2023
- 2023-05-23 CN CN202310589425.XA patent/CN116708347A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105376216B (en) | A kind of remote access method, proxy server and client | |
| US5440633A (en) | Communication network access method and system | |
| AU2005332289B8 (en) | A method of encrypting and transferring data between a sender and a receiver using a network | |
| US20220198049A1 (en) | Blockchain-Based Secure Email System | |
| KR20130129429A (en) | Identity management method and device for mobile terminal | |
| CN102572815B (en) | Method, system and device for processing terminal application request | |
| CN109361753A (en) | A kind of Internet of things system framework and encryption method | |
| CN112333201A (en) | Upper-layer application requests micro-service authentication optimization system through gateway | |
| WO2018017609A1 (en) | Secure asynchronous communications | |
| CN112149105A (en) | Data processing system, method, related device and storage medium | |
| CN109729000B (en) | Instant messaging method and device | |
| CN115118705A (en) | Industrial edge management and control platform based on micro-service | |
| CN112994897A (en) | Certificate query method, device, equipment and computer readable storage medium | |
| CN112714124B (en) | Cross-network and cross-border based data access security authentication method and system | |
| CN112667928A (en) | Prefix and identification data secure subscription method and system based on Handle system | |
| CN113472722A (en) | Data transmission method, storage medium, electronic device and automatic ticket selling and checking system | |
| CN116708347A (en) | Method for realizing file distribution in iot network based on mail protocol | |
| CN112132588B (en) | Data processing method and device based on block chain, routing equipment and storage medium | |
| CN101425925B (en) | Method, system and apparatus for providing authentication of data communication | |
| CN111935125B (en) | Authentication method and device based on distributed architecture and micro-service system | |
| CN114500031B (en) | System, method, electronic equipment and medium for acquiring BI report based on single sign-on | |
| CN115987524B (en) | Multi-factor authentication safety management method and device for fort machine | |
| CN113452702B (en) | Micro-service traffic detection system and method | |
| Leshchenko et al. | Model of a Subsystem for Securing E-Mail Against Loss using Mail Transport Agents based on Containerized Environments | |
| CN117557261A (en) | Block chain-based data processing method, device, equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |