KR102472159B1 - Cloud-based IoT device control method and system - Google Patents

Abstract

A cloud-based IoT device control method is disclosed. A cloud service for controlling a plurality of IoT devices is provided through a plurality of physical servers, and each of the plurality of physical servers includes a processor and a memory. Receiving each profile information from the processor, generating a plurality of virtual devices corresponding to each of the plurality of IoT devices using the received profile information, the processor setting a plurality of clients connecting the plurality of clients and the plurality of virtual devices to each other according to signals; applying, by the processor, different security levels to each of the plurality of virtual devices according to the importance of the plurality of virtual devices; , and the processor generating different encryption keys according to the applied security level and encrypting each of the plurality of virtual devices, wherein the profile information includes type information, location information, and IDs of the plurality of IoT devices. , or motion information.

Description

Cloud-based IoT device control method and system {Cloud-based IoT device control method and system}

The present invention relates to a method and system for controlling a cloud-based IoT device, and more particularly, to a method and system for controlling a cloud-based IoT device excellent in security.

An Internet Of Things (IoT) device refers to a physical device to which sensors, software, and network technologies are grafted. IoT devices are used in various industries such as home, transportation, medical care, or factories. IoT devices such as IP cameras, light bulbs, air conditioners, or vacuum cleaners can be utilized in homes. In transportation, IoT devices such as smart traffic controllers, smart parking, or vehicle-to-vehicle communication systems can be utilized.

In general, the function of an IoT device (eg, movement of an IP camera in the case of an IP camera) may be operated through software stored in an internal memory. In order to add a new function to the IoT device or to interoperate with other IoT devices, software stored in an internal memory of the IoT device must be updated. In particular, software updates may be required due to security defects in existing software. However, there is a possibility that an error may occur due to reasons such as power supply interruption during software update of the IoT device.

In order to solve the above problems, the IoT device may be controlled based on the cloud. However, security issues arise when controlling IoT devices based on the cloud. In particular, when an outside intruder illegally accesses the cloud and controls an IoT device in national infrastructure such as transportation or power plants that require security, control of the illegal IoT device can lead to a major accident. Therefore, when the IoT device is controlled based on the cloud, a method for safely controlling the IoT device is required.

Korean Registration Publication No. 10-2015-0123374 (2015.11.04.)

A technical problem to be achieved by the present invention is to provide a cloud-based IoT device control method and system excellent in security.

A cloud service for controlling a plurality of IoT devices according to an embodiment of the present invention is provided through a plurality of physical servers, and each of the plurality of physical servers includes a processor and a memory. Receiving profile information from each of a plurality of IoT devices, generating, by the processor, a plurality of virtual devices corresponding to each of the plurality of IoT devices using the received profile information; connecting, by a processor, the plurality of clients and the plurality of virtual devices to each other according to configuration signals of the plurality of clients, wherein the processor connects each of the plurality of virtual devices to each other according to the importance of the plurality of virtual devices; Applying a different security level, and generating, by the processor, different encryption keys according to the applied security level and encrypting each of the plurality of virtual devices.

As the number of the applied security level decreases, the security of the plurality of virtual devices is further strengthened, and different encryption keys of the plurality of virtual devices are sequentially generated from the lower number of the applied security level.

When the security level applied to any one of the plurality of virtual devices is level 1, the processor generates the highest secret key shared by only clients who can access the virtual device of the first level for the virtual device to which the first level is applied. A first-class encryption key is generated using the hash function result value and the hash function result value of the ID of the virtual device to which the first level is applied, and when the security level applied to another one of the plurality of virtual devices is n-level, The processor calculates the hash function result value of the encryption key of the (n-1) grade for the virtual device to which the n grade (n is a natural number of 2 or more) is applied and the hash function result value of the ID of the virtual device to which the n grade is applied. Generate an n-level encryption key using

The processor grants different access rights to a plurality of clients, and all the authorized clients receive the first-class encryption key generated by the processor.

A cloud-based IoT device control system according to an embodiment of the present invention includes a processor that executes commands and a memory that stores the commands. The commands receive each profile information from each of a plurality of IoT devices, create a plurality of virtual devices corresponding to each of the plurality of IoT devices using the received profile information, and generate a plurality of virtual devices corresponding to each of the plurality of clients. The plurality of clients and the plurality of virtual devices are connected to each other according to setting signals, different security levels are applied to each of the plurality of virtual devices according to the importance of the plurality of virtual devices, and the applied security It is implemented to encrypt each of the plurality of virtual devices by generating different encryption keys according to levels. The processor and the memory are implemented in a physical server, and cloud services are provided through the physical server.

Cloud-based IoT device control method and system according to an embodiment of the present invention By applying different security levels according to the importance of virtual devices, it is possible to safely control cloud-based IoT devices.

A detailed description of each drawing is provided in order to more fully understand the drawings cited in the detailed description of the present invention.
1 shows a block diagram of a cloud-based IoT device control system according to an embodiment of the present invention.
2 and 3 are flowcharts for explaining a cloud-based IoT device control method according to an embodiment of the present invention.
4 is a block diagram illustrating an operation of a client capable of accessing a virtual device according to an embodiment of the present invention.
5 is a block diagram for explaining operations of creating a virtual device and setting a security level according to an embodiment of the present invention.

Specific structural or functional descriptions of the embodiments according to the concept of the present invention disclosed in this specification are only illustrated for the purpose of explaining the embodiments according to the concept of the present invention, and the embodiments according to the concept of the present invention It can be embodied in various forms and is not limited to the embodiments described herein.

Embodiments according to the concept of the present invention can apply various changes and can have various forms, so the embodiments are illustrated in the drawings and described in detail in this specification. However, this is not intended to limit the embodiments according to the concept of the present invention to specific disclosure forms, and includes all changes, equivalents, or substitutes included in the spirit and technical scope of the present invention.

Terms such as first or second may be used to describe various components, but the components should not be limited by the terms.

Terms used in this specification are only used to describe specific embodiments, and are not intended to limit the present invention. Singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, terms such as "comprise" or "having" are intended to designate that the described feature, number, step, operation, component, part, or combination thereof exists, but one or more other features or numbers However, it should be understood that it does not preclude the presence or addition of steps, operations, components, parts, or combinations thereof.

Unless defined otherwise, all terms used herein, including technical and scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which the present invention belongs. Terms such as those defined in commonly used dictionaries should be interpreted as having a meaning consistent with the meaning in the context of the related art, and unless explicitly defined in this specification, it should not be interpreted in an ideal or excessively formal meaning. don't

Hereinafter, the present invention will be described in detail by describing preferred embodiments of the present invention with reference to the accompanying drawings.

1 shows a block diagram of a cloud-based IoT device control system according to an embodiment of the present invention.

Referring to FIG. 1 , a cloud-based IoT device control system 100 means a system for controlling a plurality of IoT devices 10-1 to 10-K (K is a natural number) through a cloud service 30. The cloud-based IoT device control system 100 can be used in a home for building a smart home, a factory for building a smart factory, a hospital, a traffic control system that is a national infrastructure, or a nuclear power plant. can Controlling the IoT devices 10-1 to 10-K means driving the IoT devices 10-1 to 10-K, interworking with other IoT devices, or controlling the IoT devices 10-1 to 10-K. ) means an operation such as update of a new function. Security is important for controlling the IoT devices 10-1 to 10-K. Assume that the cloud-based IoT device control system 100 is utilized at home. If a person without authority controls a plurality of IoT devices through the cloud service 30, the person without authority may illegally leak data including personal information to the outside. This can lead to privacy issues. Also, let's assume that the cloud-based IoT device control system 100 is utilized in factories, hospitals, or nuclear power plants. If, when a person without authority controls a plurality of IoT devices through the cloud service 30, the person without authority stops the operation of some IoT devices in a factory, hospital, or nuclear power plant, or controls them to operate incorrectly. By doing so, factories, hospitals, or nuclear power plants can stop functioning properly. Therefore, the present invention discloses a security technology capable of safely controlling the IoT devices 10-1 to 10-K.

The cloud-based IoT device control system 100 includes a plurality of IoT devices 10-1 to 10-K, a plurality of clients 20-1 to 20-N (N is a natural number), and a cloud service 30. include A plurality of IoT devices (10-1 to 10-K; K is a natural number), a plurality of clients 20-1 to 20-N, and the cloud service 30 exchange data through the network 101. can

The plurality of IoT devices 10-1 to 10-K refer to devices whose operations can be controlled or new functions can be updated through the cloud service 30. When the cloud-based IoT device control system 100 is used at home, each of the plurality of IoT devices 10-1 to 10-K may be an LED light bulb, a vacuum cleaner, a refrigerator, an air conditioner, or a smart speaker. In the home, each member can control the operation by directly manipulating the IoT device (10-1, 10-2, ..., or 10-K) LED light bulb, vacuum cleaner, air conditioner, or smart speaker, but the client (20 -1, 20-2, ..., or 20-N) may access the cloud service 30 and control the IoT devices 10-1, 10-2, ..., or 10-K. . For example, each member may directly press a switch implemented in the house to turn on the LED bulb, but the LED bulb may be turned on using the client 20-1. In addition, according to an embodiment, when the cloud-based IoT device control system 100 is used in a hospital, each of the plurality of IoT devices 10-1 to 10-K may be a medical device, an LED light bulb, or an air conditioner. have.

Each of the plurality of clients 20-1 to 20-N means an electronic device capable of accessing the cloud service 30 through the network 101, such as a smart phone, a tablet PC, a laptop computer, or a PC. The user is a manager for controlling the IoT device (10-1, 10-2, ..., or 10-K) and uses the client (20-1, 20-2, ..., or 20-N) to control the IoT devices 10-1, 10-2, ..., or 10-K.

In the cloud service 30, a user of a client 20-1, 20-2, ..., or 20-N controls an IoT device 10-1, 10-2, ..., or 10-K. provide services for The cloud service 30 is a virtual server and may be referred to as a cloud server, cloud computing, or cloud-based service. The cloud service 30 is provided through a plurality of physical servers 40 , 50 , and 60 . A plurality of physical servers 40, 50, and 60 may be divided into a plurality of groups. In FIG. 1, the plurality of physical servers 40, 50, and 60 are shown as being divided into three groups, but are not necessarily limited thereto. Each of the first plurality of physical servers 40, the second plurality of physical servers 50, and the third plurality of physical servers 60 is implemented as a plurality of physical servers. The first plurality of physical servers 40 , the second plurality of physical servers 50 , and the third plurality of physical servers 60 may be managed by different entities. For example, a company managing a first plurality of physical servers 40, a company managing a second plurality of physical servers 50, and a company managing a third plurality of physical servers 60 are different from each other. could be a company. The company that manages the second plurality of physical servers 50 may be a company commissioned by the company that manages the first plurality of physical servers 40 . In addition, the company managing the third plurality of physical servers 60 is entrusted from the company managing the second plurality of physical servers 50, or the company managing the first plurality of physical servers 40 It may be a company commissioned by a company. Each of the first plurality of physical servers 40 includes a processor and memory. In FIG. 1, a processor 41 and a memory 43 of any one of a first plurality of physical servers 40 are representatively shown. Each of the second plurality of physical servers 50 includes a processor and memory. In FIG. 1, a processor 51 and a memory 53 of any one of the second plurality of physical servers 50 are representatively shown. Each of the third plurality of physical servers 60 includes a processor and memory. In FIG. 1, a processor 61 and a memory 63 of any one of the third plurality of physical servers 60 are representatively shown. The processor 41, 51, or 61 executes instructions for controlling the cloud-based IoT device 10-1, 10-2, ..., or 10-K. Memory 43, 53 or 63 stores the instructions. However, the cloud service 30 does not require knowledge of specific locations and configurations of the physical servers 40, 50, and 60 from users of the plurality of clients 20-1 to 20-N.

2 and 3 are flowcharts for explaining a cloud-based IoT device control method according to an embodiment of the present invention.

1 and 2, each of the plurality of IoT devices 10-1 to 10-K transmits profile information to the cloud service 30 through the network 101 (S10). ). The profile information includes type information, location information, ID, or operation information of the IoT devices 10-1, 10-2, ..., or 10-K. For example, assuming that the IoT device 10-1, 10-2, ..., or 10-K is an IP camera, the profile information includes a camera as type information, a home as location information, and a camera as motion information. It can include move, move down, move left, move right.

The cloud service 30 receives the respective profile information from each of the plurality of IoT devices 10-1 to 10-K through the network 101 (S20). Since the cloud service 30 is provided through a plurality of physical servers 40, 50, and 60, operations of the cloud service 30 can be understood as operations of the physical servers 40, 50, and 60. have. Since each of the physical servers 40, 50, and 60 includes a processor 41, 51, or 61 and a memory 43, 53, or 63, operations of the cloud service 30 are performed on the physical servers 40, 50 and 60) can also be understood as operations of each processor 41, 51, or 61. Hereinafter, the operations of the cloud service 30 are the operations of the physical servers 40, 50, and 60, or the operations of the processors 41, 51, and 61 of the physical servers 40, 50, and 60. can be understood as Conversely, the operations of the physical servers 40, 50, and 60, or the operations of the processors 41, 51, and 61 of the physical servers 40, 50, and 60 are the operations of the cloud service 30. can be understood as the actions of That is, the processor (eg, 41) of any one of the physical servers 40, 50, and 60 is respectively from each of the plurality of IoT devices 10-1, 10-2, ..., and 10-K. Receive profile information of

The processor 41 uses the received profile information to generate a plurality of virtual devices 11- corresponding to each of the plurality of IoT devices 10-1, 10-2, ..., and 10-K. 1 to 11-M; M is a natural number) is generated (S30). The plurality of virtual devices 11-1 to 11-M are implemented as software in the cloud service 30. For example, the virtual device 11-1 corresponding to the first IoT device 10-1 implemented as hardware is implemented as software in the cloud service 30. For example, when the first IoT device 10-1 is a fan and the second IoT device 10-2 is a thermometer, the first virtual device corresponding to the first IoT device 10-1 in the cloud service 30 ( 11-1) and the second virtual device 11-2 corresponding to the second IoT device 10-2 are created. That is, by accessing and controlling the virtual device 11-1, physical control of the IoT device 10-1 corresponding to the virtual device 11-1 is possible. For example, by accessing the virtual device 11-1 and adjusting the speed of the fan, it is possible to control the speed of the fan, which is the physical IoT device 10-1.

Also, according to an embodiment, several virtual devices (eg, 11-1 and 11-2) may be combined to create one new virtual device (eg, 11-3). One new virtual device 11-3 does not correspond to the hardware-implemented IoT device 10-1, 10-2, ... or 10-K. For example, a third virtual device 11-3, a virtual smart fan, may be created by combining a first virtual device 11-1, which is a virtual electric fan, and a second virtual device 11-2, which is a virtual thermometer. IoT devices 10-1, 10-2, ..., 10-K corresponding to the third virtual device 11-3, which is the virtual smart electric fan, may not exist.

Profile information (eg, type information, location information, ID or IoT device ID information) of the plurality of virtual devices 11-1 to 11-M displayed on each of the plurality of clients 20-1 to 20-N. Setting signals are generated by selecting or inputting . The plurality of clients 20-1 to 20-N transmit the generated setting signals to the processor 41 (S40). The processor 41 receives the generated setting signals from the plurality of clients 20-1 to 20-N (S50). The processor 41 operates the plurality of clients 20-1 to 20-N and the plurality of virtual devices 11-1 to 11-N according to the setting signals of the plurality of clients 20-1 to 20-N. M) are connected to each other (S60). The setting signals refer to each user of the plurality of clients 20-1 to 20-N, each of the plurality of clients 20-1 to 20-N and the plurality of virtual devices 11-1 to 11-N. Profile information (eg, type information, location information, or ID information of the IoT device) is selected or input. The setting signals are generated according to the selection or input, and the setting signals are transmitted to the cloud service 30 from the clients 20-1 to 20-N. The cloud service 30 selects each virtual device corresponding to the received setting signals from among the plurality of virtual devices 11-1 to 11-M, and connects the virtual device to the plurality of clients 20-1 to 20-N. A plurality of virtual devices 11-1 to 11-M are connected to each other. For example, the user of the first client 20-1 uses the first client 20-1 to connect the first virtual device 11-1 corresponding to the first IoT device 10-1 to each other. In (20-1), it is possible to select profile information of the first virtual device 11-1 (eg, LED bulb type information and ID of the LED bulb). A setting signal is generated according to the user's selection of the first client 20 - 1 , and the generated setting signal is transmitted to the cloud service 30 . The processor 41 selects a corresponding virtual device (eg, 11-1) from the virtual devices 11-1 to 11-M according to the received setting signal, and the first client 20-1 and the second One virtual device 11-1 can be connected to each other. That is, the first client 20-1 is ready to control the first virtual device 11-1.

The processor 41 applies different security levels to each of the plurality of virtual devices 11-1 to 11-M according to the importance of the plurality of virtual devices 11-1 to 11-M (S70). .

The importance is determined according to risk and sensitivity. The degree of risk means a degree of physical, physical, or property damage due to malfunction of the virtual devices 11-1, 11-2, ..., or 11-M. For example, when the virtual device 11-1 is a thermometer, the thermometer itself is safe because it cannot physically or physically harm a person. That is, when the virtual device 11-1 is a thermometer, the risk is low. On the other hand, when the virtual device 11-2 is a heater, there is a danger of physically or physically harming people due to a fire occurring when overheated for a long time. That is, when the virtual device 11-2 is a heater, the risk is high. The risk has a range between 1 and 100. The processor 41 sets risk levels for the plurality of virtual devices 11-1 to 11-M according to whether they contain motors, heat generating parts, or hazardous substances. The sensitivity refers to the degree of exposure of an individual's privacy due to malfunction of the virtual devices 11-1, 11-2, ..., or 11-M. For example, when the virtual device 11-3 is an IP camera, the privacy of the user may be exposed. The sensitivity has a range between 1 and 100. The processor 41 sets sensitivity for the plurality of virtual devices 11-1 to 11-M according to whether they include a camera module, a microphone, or a fingerprint sensor. The higher the number of the risk and the sensitivity, the higher the security level. That is, the higher the number of the risk and the sensitivity, the higher level of security is required.

According to embodiments, the importance may be determined in consideration of user settings. In this case, the user setting means that the user directly sets it. The user is a person using an IoT device (10-1, 10-2, ..., or 10-K), or a client (20-1, 20-2, ..., or 20-N). means a person who The user setting has a range of 0 to 100. The higher the number, the higher the security level of the IoT device (10-1, 10-2, ..., or 10-K). When the user setting is 100, the user sets the IoT device 10-1, 10-2, ..., or 10 through the virtual device 11-1, 11-2, ..., or 11-M. -K) cannot be controlled, and the IoT device (10-1, 10-2, ..., or 10-K) must be controlled in such a way as to directly press a physical button. The security levels of the plurality of virtual devices 11-1 to 11-M are determined according to Equation 1 below.

[Equation 1]

Where w(d) is the security level of the virtual device (11-1, 11-2, ..., or 11-M), s is the risk level, p is the sensitivity, u is the user setting, The g(s, p) denotes a rating calculation function according to risk and sensitivity.

When the average score of the risk and sensitivity is equal to or greater than the score set by the user, the security level of the virtual devices 11-1, 11-2, ..., or 11-M is determined according to the level calculation function. Conversely, when the average score of the risk and sensitivity is smaller than the user setting score, the security level of the virtual devices 11-1, 11-2, ..., or 11-M is determined according to the user setting.

The rating calculation function is shown in Table 1 below.

Rating Risk (s) Condition Sensitivity (p) One s>80 OR p>80 2 s>60 OR p>60 3 s>40 OR p>40 4 s>20 OR p>20 5 s>0 AND p>0 6 s=0 AND p=0

For example, when the score of the risk level (s) of the virtual device 11-1 is 65 points and the score of the sensitivity (p) is 20 points, the security level of the virtual device 11-1 may be determined as level 2.

The security level according to the user setting is shown in Table 2 below.

Rating User settings (u) One u>80 2 u>60 3 u>40 4 u>20 5 u>0 6 u=0

For example, when the score of the user setting (n) of the virtual device 11-2 is 50 points, the security level of the virtual device 11-2 may be determined as level 3.

The lower the number of the security level, the higher the security level of the plurality of virtual devices 11-1 to 11-M. Level 1 is the possibility of exposure of sensitive personal information or physical harm through virtual devices (11-1, 11-2, ..., or 11-M), environmental destruction, human damage, large-scale catastrophe, or This means that there is a possibility of social disruption. Level 2 means that control of the virtual devices 11-1, 11-2, ..., or 11-M is impossible and there is a possibility of a fatal defect. Level 3 means a case in which significant damage is caused to the virtual device (11-1, 11-2, ..., or 11-M) and normal operation is difficult and unpredictable operation may occur. Level 4 means that the virtual devices 11-1, 11-2, ..., or 11-M have some failures, and a failure that the user can recognize as a malfunction has occurred. Level 5 is a case in which a slight failure occurred in the virtual device (11-1, 11-2, ..., or 11-M), but the purpose-fitting operation is possible and a slight malfunction that is difficult for the user to perceive occurs. it means. Level 6 means that the virtual device (11-1, 11-2, ..., or 11-M) is not affected at all. Depending on embodiments, the importance may be implemented in various ways.

1 to 3, the processor 41 encrypts each of the plurality of virtual devices 11-1 to 11-M by generating different encryption keys according to the applied security level (S80).

4 is a block diagram illustrating an operation of a client capable of accessing a virtual device according to an embodiment of the present invention.

1 to 4, when the security level applied to one of the plurality of virtual devices 11-1 to 11-M (eg, 11-1 or 11-2) is 1, the processor ( 41) generates a first-class encryption key for the IoT virtual device 11-1 or 11-2 to which the first-class is applied using Equation 2 below.

[Equation 2]

는 XOR 연산을 나타낸다. The _KG ¹ is a first-class encryption key when the security level is 1, the HMAC ( ) is an HMAC function, the H ( ) is a hash function, and the DUID is the IoT device (10-1, 10- 2, ..., or 10-K), where K _T is the highest secret key,

represents the XOR operation.

The hash function result value of the highest secret key (K _T ) shared only by clients (eg, 20-1 to 20-3) that can access the first-class virtual device (eg, 11-1 or 11-2). And, a first-class encryption key ( _KG ¹ ) is generated using the hash function result value of the IDs of the virtual devices (eg, 11-1 and 11-2) to which the first class is applied.

When the ID of the first IoT device (eg, 10-1) is "DEV_12345", the DUID is "DEV_12345". The processor 41 calculates a resultant value of the hash function H( ) for the DUID "DEV_12345". The processor 41 calculates a result value of the hash function (H( )) for "secret", which is the highest secret key (K _T ). The processor 41 determines the resultant value of the hash function (H( )) for the DUID "DEV_12345" and the hash function (H( )) resultant value for the highest secret key (K _T ) "secret". XOR operation is performed on The processor 41 applies the HMAC function (HMAC( )) to the XOR operation result value and the highest secret key (K _T ) to generate an encryption key (K _G ¹ ) when the security level is 1st level.

The DUID (Device Unique Identifier) is a unique ID having a GUID (Global Unique Identifier) attribute of the IoT device (10-1, 10-2, ..., or 10-K). The DUID must not be duplicated. One DUID can be mapped with one IoT (10-1, 10-2, ..., or 10-K), or virtual device (11-1, 11-2, ..., or 11-M). should be able to The DUID is information that can be disclosed.

The K _T is the highest secret key, and clients (eg, 20-1, 20-2, and 20-3) granted access to virtual devices (eg, 11-1 and 11-2) having a security level of 1 ) is a key shared only by each other. That is, only clients (eg, 20-1, 20-2, and 20-3) assigned the highest level of security (eg, level 1) access the highest secret key (K _T ) in the cloud service 30. can do. That is, only the clients (eg, 20-1, 20-2, and 20-3) that can access the first-class virtual device (eg, 11-1 or 11-2) have the highest secret key in the cloud service 30. (K _T ) is accessible. Confidentiality of the highest secret key (K _T ) must be maintained, unlike DUID, which is publicly available information. The processor 41 grants different access rights to the plurality of clients 20-1 to 20-N. For example, the processor 41 grants the first to third clients 20-1 to 20-3 the first-class access authority, and the fourth to seventh clients 20-4 to 20-7 the first-class access authority. A lower level 2 access right is granted, and the 8th to 11th clients (20-8 to 20-11) can be given a level 3 lower level access right than the level 2 access right.

The first to third clients 20-1 to 20-3 are granted access rights to the virtual devices of the first level (eg, 11-1 and 11-2). , 11-1 and 11-2) are accessible and controllable. At this time, the first to third clients 20-1 to 20-3 granted access to the first-class virtual devices (eg, 11-1 and 11-2) are virtual devices having a first-level security level. (eg, 11-1 and 11-2) as well as virtual devices (eg, 11-3 to 11-M) whose security level is lower than level 1 (eg, level 2 to 6) control is possible

The 4th to 7th clients 20-4 to 20-7 to which the 2nd level is assigned include virtual devices (eg, 11-3 to 11-5) having a security level of 2nd, and a level lower than the 2nd level ( For example, it is possible to access and control virtual devices (eg, 11-6 to 11-M) of grades 3 to 6). However, it is impossible to access and control virtual devices (eg, 11-1 and 11-2) having a security level of 1.

That is, clients (eg, 20-4 to 20-7) granted access rights of a specific level (eg, level 2) are clients granted access rights of a lower level than the specific level (eg, level 2). (eg, 20-8 to 20-12) can also access and control virtual devices (eg, 11-6 to 11-15) that can be accessed and controlled. However, clients (eg, 20-4 to 20-7) granted access rights of a specific level (eg, level 2) have access to a higher level (eg, level 1) than the specific level (eg, level 2). It is impossible to access and control a virtual device (eg, 11-1 or 11-2) to which authorized clients (eg, 20-1 to 20-3) can access and control.

When the security level applied to any one (eg, 11-3) of the plurality of virtual devices 11-1 to 11-M is n level (n is a natural number equal to or greater than 2), the processor 41 determines that the n level is For the applied virtual device (eg, 11-3), an n-level encryption key is generated using Equation 3 below.

[Equation 3]

는 XOR 연산을 나타낸다. 상기 공유 비밀키는 모든 클라이언트들(20-1~20-N)끼리 공유하는 키이다. 즉, 모든 클라이언트들(20-1~20-N)은 클라우드 서비스(30)에서 공유 비밀키(K_P)에 접근할 수 있다.The _KG ⁿ is the n-level encryption key when the security level is n, the HMAC( ) is the HMAC function, the H( ) is the hash function, and the DUID is the IoT device (10-1, 10- 2, ..., or 10-K), the K _G ^(n-1) is the (n-1) grade encryption key, the K _P is the shared secret key,

represents the XOR operation. The shared secret key is a key shared by all clients 20-1 to 20-N. That is, all clients 20 - 1 to 20 -N can access the shared secret key K _P in the cloud service 30 .

When the security level applied to any one (eg, 11-3) of the plurality of virtual devices 11-1 to 11-M is level n, the processor 41 determines that the level n (n is a natural number greater than or equal to 2) is The hash function result value of the (n-1) grade encryption key (K _G ^(n-1) ) for the applied virtual device (eg, 11-3), and the virtual device to which the n grade is applied (eg, 11- 3~11-M) generate an n-level encryption key (K _G ⁿ ) using the hash function result of the ID.

A client (eg, 20-1, 20-2, or 20-3) granted access to virtual devices (eg, 11-1 and 11-2) having a security level of 1 causes the processor 41 to It is possible to request the processor 41 to generate encryption keys for all levels as well as level encryption keys. For example, a client (eg, 20-1, 20-2, or 20-3) granted access to a virtual device (eg, 11-1 and 11-2) having a security level of 1 is transferred to the processor 41. The processor 41 is requested to generate a first-class encryption key. After a first-class encryption key is generated at the request of a client (eg, 20-1, 20-2, or 20-3), the processor 41 may be requested to generate a second-class encryption key ( _KG ² ). . The processor 41 connects the resultant value of the hash function (H( )) of the ID (eg, _{DEV_12346} ) of the IoT device (eg, 10-2) and the hash function (H) for the first-class encryption key (KG ¹ ). Performs XOR operation on the result of ( )). The processor 41 may generate an encryption key ( _KG ² ) when the security level is level 2 by applying the HMAC function (HMAC( )) to the resultant value of the XOR operation and the shared secret key ( _KG ). In addition, a client (eg, 20-1, 20-2, or 20-3) granted access to virtual devices (eg, 11-1 and 11-2) having a security level of 1 is transferred to the processor 41. It requests the processor 41 to generate a 3-level encryption key (K _G ³ ). After the second-level encryption key is generated at the request of the client (eg, 20-1, 20-2, or 20-3), the processor 41 may be requested to generate a third-level encryption key ( _KG ³ ). . The processor 41 connects the resultant value of the hash function (H( )) of the ID (eg, _{DEV_12347} ) of the IoT device (eg, 10-3), and the hash function (H for the second-class encryption key (KG ² )). Performs XOR operation on the result of ( )). The processor 41 may generate an encryption key ( _KG ³ ) when the security level is level 3 by applying the HMAC function (HMAC( )) to the XOR operation result value and the shared secret key ( _KG ). That is, the client with the highest access authority (eg, 20-1, 20-2, or 20-3) has the advantage that it is possible without additional information to generate an encryption key of a low security level (eg, 2 to 6 levels). have.

Different encryption keys of the plurality of virtual devices 11-1 to 11-M are sequentially generated from the smallest number of applied security levels. That is, different encryption keys of the plurality of virtual devices 11-1 to 11-M are sequentially generated in order of security level. For example, after a first-class encryption key of the virtual device 11-1 having a security level of 1 is generated, a second-class encryption key of the virtual device 11-2 having a security level of 2 is generated. After a level 2 encryption key of the virtual device 11-2 having a security level of 2 is generated, a level 3 encryption key of the virtual device 11-3 having a security level of 3 is generated.

On the other hand, clients (eg, 20-4 to 20-7) granted access to virtual devices (eg, 11-3 to 11-7) whose security level is lower than level 1 (eg, level 2) are processors. (41) may request the processor 41 to generate an encryption key of a level equal to or lower than its level (eg, level 2), but its own level (eg, level 2). .

The processor 41 transmits the generated encryption key to the client 20-1, 20-2, ... or 20-N (S90). For example, when a first-class encryption key of the virtual device 11-1 having a first-class security level is generated, the processor 41 operates clients 20-1 to 20-1 that can access the first-class virtual device 11-1. 20-3) transmits the first-class encryption key. The clients 20-1, 20-2, ... or 20-N receive the generated encryption key from the processor 41 (S100). All authorized clients (eg, 20-1, 20-2, or 20-3) receive the first-class encryption key generated by the processor 41.

Clients 20-1, 20-2,..., or 20-N connect to virtual devices 11-1, 11-2,..., or 11-M that match the class according to the received encryption key. Approach (S110). The processor 41 receives an encryption key from the client 20-1, 20-2, ..., or 20-N and uses the corresponding virtual device 11-1, 11-2, ..., or 11 -M) to allow access. For example, the processor 41 receives a first-class encryption key from the client 20-1, 20-2, or 20-3 and accesses a virtual device (eg, 11-1 or 11-2) suitable for the first class. allow The client 20-1, 20-2, or 20-3 accesses the virtual device (eg, 11-1 or 11-2) and the IoT device corresponding to the virtual device 11-1 or 11-2. (10-1 or 10-2) can be controlled. That is, the client 20-1, 20-2, or 20-3 accesses the virtual device (eg, 11-1 or 11-2) to drive the IoT device 10-1 or 10-2; It is possible to perform an operation such as interworking with another IoT device or updating a new function of the IoT device 10-1 or 10-2.

5 is a block diagram for explaining operations of creating a virtual device and setting a security level according to an embodiment of the present invention.

Referring to FIG. 1 , a cloud service 30 is provided through a plurality of physical servers 40 , 50 , and 60 . A plurality of physical servers 40, 50, and 60 may be divided into a plurality of groups. In FIG. 1, the plurality of physical servers 40, 50, and 60 are shown as being divided into three groups, but are not necessarily limited thereto. Each of the first plurality of physical servers 40, the second plurality of physical servers 50, and the third plurality of physical servers 60 is implemented as a plurality of physical servers. The first plurality of physical servers 40 , the second plurality of physical servers 50 , and the third plurality of physical servers 60 may be managed by different entities. For example, a company managing a first plurality of physical servers 40, a company managing a second plurality of physical servers 50, and a company managing a third plurality of physical servers 60 are different from each other. could be a company. The company managing the second plurality of physical servers 50 may be a company commissioned by the company managing the first plurality of physical servers 40 . In addition, the company managing the third plurality of physical servers 60 is entrusted from the company managing the second plurality of physical servers 50, or the company managing the first plurality of physical servers 40 It may be a company commissioned by a company.

Referring to FIGS. 1 and 5 , a processor 41 of one of a plurality of first physical servers 40 uses profile information to control a plurality of IoT devices 10-1, 10-2, ... , and 10-K), a plurality of virtual devices 11-1 to 11-M corresponding to each are created.

The processor 41 of any one of the first plurality of physical servers 40 is configured to assign a plurality of virtual devices 11-1 to 11-M according to the importance of the plurality of virtual devices 11-1 to 11-M. ) apply different security levels to each.

The processor 41 of any one of the plurality of first physical servers 40 uses the received profile information to control the plurality of IoT devices 10-1, 10-2, ..., and 10- K) A plurality of virtual devices 11-1 to 11-M corresponding to each are created.

Any one of the processors 41 of the first plurality of physical servers 40 generates different encryption keys according to the applied security level for some of the plurality of virtual devices 11-1 to 11-M. encrypt For example, the processor 41 of any one of the first plurality of physical servers 40 is a virtual device 11-1 having a security level of 1 among the plurality of virtual devices 11-1 to 11-M, or 11-2), a first-class encryption key is obtained using the highest secret key (K _T ), and the first-class encryption key is obtained for a virtual device (11-3, 11-4, or 11-5) having a security level of 2. A second-class encryption key is generated using the encryption key and the shared secret key (K _P ). Similarly, the processor 41 of any one of the first plurality of physical servers 40 is a virtual device 11-6 having a security level of 3 among the plurality of virtual devices 11-1 to 11-M, or 11-7), the level 3 encryption key is obtained using the level 2 encryption key and the shared secret key (K _P ). Using the level 3 encryption key and the shared secret key (K _P ), the level 4 encryption key is shared with the level 4 encryption key for the virtual device (11-10 or 11-11) whose security level is level 5. A 5-level encryption key is generated using the secret key (K _P ).

The first plurality of physical servers 40 may entrust some of the virtual devices 11-1 to 11-M without generating encryption keys. That is, the first plurality of physical servers 40 are virtual devices (eg, 11-12) excluding some (11-1 to 11-11) of the plurality of virtual devices (11-1 to 11-M). ~ 11-M), the second plurality of physical servers 50 or the third plurality of physical servers 60 may be consigned to generate encryption keys suitable for each level. At this time, any one processor 41 of the first plurality of physical servers 40 is any one processor 51 of the second plurality of physical servers 50, and the plurality of virtual devices 11-1 to 11-M), an entrustment request signal may be transmitted to generate an encryption key for the remaining virtual devices (eg, 11-12 to 11-M) except for some (11-1 to 11-11). Any one processor 41 of the first plurality of physical servers 40 transfers the profile information for the remaining virtual devices (eg, 11-12 to 11-M) to the second plurality of physical servers 50. Can be transmitted to any one processor 51 of. The profile information includes type information, location information, ID, or operation information of the IoT devices 10-1, 10-2, ..., or 10-K. The ID included in the profile information is used to generate an encryption key. Each of the plurality of IoT devices 10-1 to 10-K transmits profile information to any one processor 41 of the first plurality of physical servers 40 through the network 101. send.

In addition, the processor 41 of any one of the plurality of first physical servers 40 is responsible for the rest of the virtual devices (eg, 11-12 to 11-M) to be created by the plurality of second physical servers 50 . An encryption key (eg, level 2) of one level higher than the highest security level (eg, level 3) and a shared secret key (K _P ) are transferred to any one processor of the second plurality of physical servers 50. Send to (51).

The processor 51 of any one of the second plurality of physical servers 50 transmits the assignment request signal from the processor 41 of any one of the first plurality of physical servers 40, the remaining virtual devices (eg , 11-12 to 11-M), the highest security level among the remaining virtual devices (eg, 11-12 to 11-M) to be created by the second plurality of physical servers 50 (eg, 11-12 to 11-M). , 3 levels), an encryption key of one level higher (eg, level 2) and a shared secret key (K _P ) can be received from any one processor 41 of the first plurality of physical servers 40. have.

Any one processor 51 of the second plurality of physical servers 50 receives the shared secret key (K _P ), and uses another encryption method (eg, adds another character) for the shared secret key (K _P ). , or change of character position, etc.) to generate a new shared secret key (K _P ') different from the shared secret key (K _P ). The other encryption method is also known to the first plurality of physical servers 40 .

The processor 51 of any one of the second plurality of physical servers 50 generates different encryption keys according to the applied security level, and the remaining virtual devices 11-1 to 11-M among the plurality of virtual devices 11-1 to 11-M. Encrypts for fields (eg, 11-12 to 11-M). For example, the processor 51 of any one of the second plurality of physical servers 50 is a virtual device 11-12 having a security level of 3 among the remaining virtual devices (eg, 11-12 to 11-M). Or, for 11-13), the remaining virtual devices (eg, 11 -12 ~ 11-M) to obtain a level 3 encryption key using an encryption key of one level higher (eg, level 2) than the highest security level (eg, level 3) and a new shared secret key (K _P '). For the virtual devices 11-14 or 11-15 having a security level of level 4, a level 4 encryption key is generated using the level 3 encryption key and a new shared secret key (K _P '). Similarly, the processor 51 of any one of the second plurality of physical servers 50 includes virtual devices 11-16 having a security level of 5 among the remaining virtual devices (eg, 11-12 to 11-M), Alternatively, for 11-17), a 5-level encryption key is generated using the 4-level encryption key and a new shared secret key (K _P ').

At this time, the clients (eg, 20-4, 20-5, 20-6, or 20-7) that can access the virtual devices 11-3 to 11-5 of a specific level (eg, level 2) are specific It is possible to access the encrypted virtual devices 11-1 to 11-11 using encryption keys generated by the first physical servers 50 of a level (eg, level 2) or lower. In addition, clients (eg, 20-4, 20-5, 20-6, or 20-7) that can access the virtual devices 11-3 to 11-5 of a specific level (eg, level 2) It is possible to access the virtual devices 11-12 to 11-17 encrypted by the encryption keys generated by the second physical servers 50 of a level (eg, level 2) or lower. However, clients (eg, 20-4, 20-5, 20-6, or 20-7) that can access the virtual devices 11-3 to 11-5 of a specific level (eg, level 2) A virtual device (eg, 11-1 or 11-2) of a higher level (eg, level 1) than a specific level (eg, level 2) cannot be accessed.

In addition, clients (eg, 20-10 or 20-11) that can access virtual devices 11-8 to 11-9 of a specific level (eg, level 4) are lower than or equal to a specific level (eg, level 4). It is possible to access the encrypted virtual devices 11-8 to 1-9 using encryption keys generated by the first physical servers 40 of the virtual devices 11-8 to 1-9. In addition, clients (eg, 20-12, or 20-13) that can access virtual devices 11-14 to 11-15 of a specific level (eg, level 4) are lower than or equal to a specific level (eg, level 4). It is possible to access the encrypted virtual devices 11-14 to 11-15 by the encryption keys generated by the second physical servers 50 of the . However, clients (eg, 20-12, or 20-13) that can access virtual devices 11-14 to 11-15 of a specific level (eg, level 4) are lower than or equal to a specific level (eg, level 4). It is impossible to access the virtual devices 11-8 to 1-9 encrypted by the encryption keys generated by the first physical servers 40 of the virtual devices 11-8 to 1-9. This is because the shared secret key (K _P ) and the new shared secret key (K _P ′) are different from each other, and thus generated encryption keys are also different.

The second plurality of physical servers 50 may not generate encryption keys for all of the remaining virtual devices 11-12 to 11-M and may re-entrust some of them. That is, the first plurality of physical servers 40 are virtual devices (eg, 11-12) excluding some (11-1 to 11-11) of the plurality of virtual devices (11-1 to 11-M). ~ 11-M), the second plurality of physical servers 50 or the third plurality of physical servers 60 may be consigned to generate encryption keys suitable for each level. At this time, any one processor 51 of the second plurality of physical servers 50 is used as any one processor 61 of the third plurality of physical servers 60, and the rest of the virtual devices (eg, 11- For virtual devices (eg, 11-18 to 11-19) excluding some (11-12 to 11-17) of 12 to 11-M), a re-entrustment request signal may be transmitted to generate an encryption key. Any one processor 51 of the second plurality of physical servers 50 transfers the profile information for the remaining virtual devices (eg, 11-18 to 11-19) to the third plurality of physical servers 60. Can be transmitted to any one processor 61 of.

In addition, the processor 51 of any one of the second plurality of physical servers 50 may generate the remaining virtual devices (eg, 11-18 to 11-19) to be created by the third plurality of physical servers 60 . Among them, an encryption key (eg, level 4) of one level higher than the highest security level (eg, level 5) and a new shared secret key (K _P ') are transferred to any one of the third plurality of physical servers 60 to the processor 61 of

Any one processor 61 of the third plurality of physical servers 60 transmits the assignment request signal from any one processor 51 of the second plurality of physical servers 50, the remaining virtual devices (e.g. , 11-18 to 11-19), the highest security level (eg, 11-18 to 11-19) among the remaining virtual devices (eg, 11-18 to 11-19) to be created by the third plurality of physical servers 60. Receive an encryption key of one level higher (eg, level 4) than the level 5) and a new shared secret key (K _P ') from any one processor 51 of the second plurality of physical servers 50 can do.

Any one processor 61 of the third plurality of physical servers 60 receives the new shared secret key (K _P ' ₎ , and another encryption method (eg, , adding another character, changing a character position, etc.) to generate a second new shared secret key (K _P '') different from the new shared secret key (K _P '). The other encryption method is also known to the second plurality of physical servers 50 .

Any one processor 61 of the third plurality of physical servers 60 generates different encryption keys according to the applied security level and encrypts the remaining virtual devices (eg, 11-18 to 11-19). do. For example, the processor 61 of any one of the third plurality of physical servers 60 includes virtual devices 11-18 having a security level of 5 among the remaining virtual devices (eg, 11-18 to 11-19). Or, for 11-19), the remaining virtual devices (eg, 11 -18, 11-19) of the highest security level (eg, 5th grade) using an encryption key of one level higher (eg, 4th grade) and a second new shared secret key (K _P '') Generate an encryption key.

By entrusting the first plurality of physical servers 40 to the second plurality of physical servers 50 and recommissioning the second plurality of physical servers 50 to the third plurality of physical servers 60 Load concentration on each of the plurality of physical servers 40, 50, or 60 may be distributed. In addition, the virtual devices 11-1 to 11-11 encrypted using the encryption key generated by the physical servers 40 using the encryption key generated by the physical servers 50 or 60 Security can be strengthened by preventing access.

Clients (eg, 20-18, or 20-19) that can access virtual devices 11-18 to 11-19 of a specific level (eg, level 5) are assigned to virtual devices below a specific level (eg, level 5). 3 It is possible to access the encrypted virtual devices 11-12 to 11-17 by encryption keys generated by the physical servers 60. However, clients (eg, 20-18 or 20-19) that can access virtual devices 11-18 to 11-19 of a specific level (eg, level 5) are lower than or equal to a specific level (eg, level 5). It is impossible to access the virtual devices 11-16 to 1-17 encrypted by the encryption keys generated by the second physical servers 50 of the . This is because the new shared secret key (K _P ') and the second new shared secret key (K _P '') are different from each other.

Although the present invention has been described with reference to an embodiment shown in the drawings, this is only exemplary, and those skilled in the art will understand that various modifications and equivalent other embodiments are possible therefrom. Therefore, the true technical protection scope of the present invention should be determined by the technical spirit of the attached claims.

100: cloud-based IoT device control system;
10-1, 10-2, ..., or 10-K: IoT devices;
20-1, 20-2, ..., or 20-N: client;
30: cloud service;
101: network;
40, 50, or 60: physical server;
11-1, 11-2, ..., or 11-M: virtual device;

Claims (5)

In order to control a plurality of IoT devices, a cloud service is provided through a plurality of physical servers, and each of the plurality of physical servers includes a processor and a memory. In the cloud-based IoT device control method,
Receiving, by the processor, profile information from each of a plurality of IoT devices;
generating, by the processor, a plurality of virtual devices corresponding to each of the plurality of IoT devices by using the received profile information;
connecting, by the processor, a plurality of clients and the plurality of virtual devices according to configuration signals of the plurality of clients;
applying, by the processor, different security levels to each of the plurality of virtual devices according to the importance of the plurality of virtual devices; and
The processor includes encrypting each of the plurality of virtual devices by generating different encryption keys according to the applied security level,
Wherein the profile information includes type information, location information, ID, or operation information of the plurality of IoT devices. The method of claim 1, wherein the smaller the number of the applied security levels, the stronger the security of the plurality of virtual devices,
The cloud-based IoT device control method of claim 1 , wherein different encryption keys of the plurality of virtual devices are sequentially generated from a lower number of the applied security level. The method of claim 2, wherein when a security level applied to any one of the plurality of virtual devices is level 1, the processor allows only clients that can access the virtual device of the first level to which the level 1 is applied. A first-class encryption key is generated using the hash function result of the shared top secret key and the hash function result of the ID of the virtual device to which the first level is applied,
When the security level applied to another one of the plurality of virtual devices is level n, the processor performs a hash function of an encryption key of level (n-1) for the virtual device to which level n (n is a natural number of 2 or more) is applied. A cloud-based IoT device control method for generating an n-level encryption key using the resultant value and the hash function result value of the ID of the virtual device to which the n-level is applied. 4. The method of claim 3, wherein a client capable of accessing the first-class virtual device can access virtual devices of a lower class than the first-class virtual device,
A client capable of accessing a virtual device of level 2 can access virtual devices of a level lower than the level 2, but cannot access a virtual device of level 1, which is a virtual device of a level higher than the level 2, Cloud-based IoT device control Way. a processor that executes instructions; and
a memory for storing the instructions;
These commands are
Each profile information is received from each of a plurality of IoT devices, a plurality of virtual devices corresponding to each of the plurality of IoT devices are created using the received profile information, and configuration signals of a plurality of clients are generated. According to the method, the plurality of clients and the plurality of virtual devices are connected to each other, and different security levels are applied to each of the plurality of virtual devices according to the importance of the plurality of virtual devices. It is implemented to encrypt each of the plurality of virtual devices by generating different encryption keys,
The processor and the memory are implemented in a physical server,
Cloud services are provided through the physical server,
Wherein the profile information includes type information, location information, ID, or operation information of the plurality of IoT devices.

Images