CN102571338A - PKI (Public Key Infrastructure)-based method and system for certifying internet of things - Google Patents
PKI (Public Key Infrastructure)-based method and system for certifying internet of things Download PDFInfo
- Publication number
- CN102571338A CN102571338A CN2010106037105A CN201010603710A CN102571338A CN 102571338 A CN102571338 A CN 102571338A CN 2010106037105 A CN2010106037105 A CN 2010106037105A CN 201010603710 A CN201010603710 A CN 201010603710A CN 102571338 A CN102571338 A CN 102571338A
- Authority
- CN
- China
- Prior art keywords
- node
- certificate
- host computer
- authentication
- heartbeat data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a PKI (Public Key Infrastructure)-based method and system for certifying an internet of things. The method comprises the following steps: a sensor node sends heartbeat data encrypted by a public key of an upper computer to the upper computer according to a preset reporting cycle, wherein the heartbeat data comprises a node public key and a node certificate which is encrypted by a node private key; after the upper computer receives the heartbeat data, the private key of the upper computer is used for decrypting to obtain the node public key and the node certificate which is encrypted by the node private key; the node certificate which is encrypted by the node private key is decrypted by using the node public key to obtain the node certificate; a random number of the certification process is generated, and the random number and the node certificate are sent to a CA (Certification Authority); after receiving the node certificate and the random number, the CA certifies the node certificate and sends a certified result and the random number together to the upper computer; and the upper computer acquires the certified result of the sensor node which launches the certification according to the received certified result and random number.
Description
Technical field
The present invention relates to Internet of Things, relate in particular to a kind of Internet of Things authentication method and system.
Background technology
PKIX (Public Key Infrastructure is called for short PKI) is meant the security infrastructure with universality of implementing and provide security service with PKI notion and technology.
Complete PKI system must have authenticating authority mechanism (CA), digital certificate storehouse, key backup and recovery system, certificate calcellation system, application interface basic comprising parts such as (API), makes up PKI and also will set about making up round this five big systems.
The PKI technology is the core of information security technology, also is the key and the basic technology of ecommerce.The basic technology of PKI comprises encryption, digital signature, data integrity mechanism, digital envelope, dual digital signature etc.Typical case, complete, an effective PKI application system should have with the lower part at least: the backup of the issue of public key certificate management, blacklist and management, key and recovery, automatically more new key, manage historical key automatically, and support cross-certification.
Certification authority (CA): i.e. the application of digital certificate and issuing authority, CA must possess authoritative characteristic;
The digital certificate storehouse: be used to store digital certificate and the PKI signed and issued, the user can obtain other required users certificate and PKI thus;
Key backup and recovery system: if user loss be used for the key of data decryption, then data can't be deciphered, this will cause legal loss of data.For avoiding this situation, PKI provides backup and the mechanism of recovering key.But must notice that the backup of key must be accomplished by believable mechanism with recovery.And key backup can only be directed against decruption key with recovery, and signature private key can not back up for guaranteeing its uniqueness.
Certificate calcellation system: certificate calcellation treatment system is the assembly of the indispensability of PKI.The same with the various identity documents in the daily life, validity period of certificate cancelled with interior also possibly the needs, and reason possibly be that the key medium is lost or user identity change etc.For realizing this point, PKI must provide a series of mechanism of calcellation certificate.
Application interface (API): the value of PKI is to make the user can use security services such as encryption, digital signature easily; Therefore a complete PKI must provide good application interface system; Make that various application can be mutual with safety, unanimity, believable mode and PKI, guarantee the integrality and the ease for use of secure network environment.
As a rule, CA is the mechanism of signing and issuing of certificate, and it is the core of PKI.As everyone knows, the core content of structure cryptographic service system is how to realize key management.Public key system relates to pair of secret keys (being private key and PKI); Private key is only independently grasped by the user; Need not transmit on the net, PKI then is disclosed, needs to transmit on the net; So the key management of public key system mainly is the problem of management to PKI, solution is a digital certificate mechanism preferably at present.
Certificate: certificate is Data Elements most important, the most basic among the PKI.The various services that PKI provides (confidentiality, integrality, non-deny or the like) all will realize through certificate.
Digital certificate generally comprises: content; Version, sequence number; The person of signing and issuing (Issuer); Certificate main body (Subject), i.e. subscriber; The term of validity; Subscriber's PKI; Algorithm sign and key; Person's's of signing and issuing (being CA) signature; Signature algorithm identifier; Signature result or the like specifically can be referring to certificate format X.509.
Internet of Things (Internet of Things) from narrow understanding, is exactly the sensing net, connects various transducers, forms a network.The bottom perception mainly is divided into four types: identity perception, state perception, image perception, location aware.And wireless sensor network is the network of a self-organizing, is fit to very much the collection of bottom perception data.
Internet of Things is that the Internet extends to bottom in fact.The formation of Internet of Things is divided into several levels: bottom is a data collection layer, and just sensing layer has four types of perception.Up be transport layer, the data of transmission perception, transmission means is divided into modes such as wired, wireless.The 3rd, transmission will be calculated data later on, data mining, and this part can use the cloud computing technology.Then, use the valid data support applications.Comprise types of applications such as municipal administration's management, security management and control, emergency disposal.
For avoiding overlapping investment, each department of government is all considering that carrying out the unified of Internet of Things builds.But how to utilize existing resources, realize the unified safety certification of Internet of Things node, it is the difficult problem that current government department considers that convenient, fast a, high-performance, high efficiency authentication mode are provided.
Summary of the invention
The technical problem that the present invention will solve is, a kind of Internet of Things authentication method and system based on the PKI technology is provided, and can carry out unified certification to the Internet of Things node, and is convenient, efficient.
In order to solve the problems of the technologies described above, the present invention proposes a kind of Internet of Things authentication method based on the PKI technology, comprising:
Sensor node sends the heartbeat data that uses the host computer public key encryption according to preset report cycle to host computer; Said heartbeat data comprises the node PKI and with the node certificate of node encrypted private key;
After host computer receives said heartbeat data, use the host computer private key to decipher, obtain the node PKI and with the node certificate of node encrypted private key; Use the said node certificate of said node PKI deciphering, obtain node certificate with the node encrypted private key; Generate the random number of this verification process, said random number is sent to the CA of certification authority with said node certificate;
After said CA receives node certificate and random number, said node certificate is carried out authentication, authentication result and said random number are sent to said host computer together;
Said host computer is known the authentication result of the sensor node of initiating authentication according to authentication result that receives and random number.
Further, said method also can have following characteristics:
Also comprise heartbeat effective time in the said heartbeat data;
Said host computer judges earlier whether the heartbeat in the heartbeat data that obtains is still effective effective time, if effectively, just decipher said node certificate with the node encrypted private key behind the deciphering heartbeat data.
Further, said method also can have following characteristics:
Said host computer is after knowing that the sensor node authentication of initiating authentication is passed through; Start timer; Timing is a preset interim term of validity, said timer then before, the heartbeat data of the sensor node that said authentication is not passed through is handled; To constantly, continuation is handled the heartbeat data of the sensor node that said authentication is passed through at said timer;
The said preset interim term of validity is greater than said preset report cycle.
Further, said method also can have following characteristics:
When said host computer uses the host computer private key to decipher, if alarming processing is then carried out in the deciphering failure; And/or
When said host computer is authentification failure in the authentication result of knowing the sensor node of initiating authentication, then carry out alarming processing.
Further, said method also can have following characteristics:
Said node certificate comprises: version number, sequence number, signature, issuer, the term of validity, main body and main body public key information.
In order to solve the problems of the technologies described above, the present invention also proposes a kind of Internet of Things Verification System based on the PKI technology, comprising:
Sensor node sends the heartbeat data that uses the host computer public key encryption according to preset report cycle; Said heartbeat data comprises the node PKI and with the node certificate of node encrypted private key;
Host computer receives said heartbeat data, uses the host computer private key that it is deciphered, and obtains the node PKI and with the node certificate of node encrypted private key; Use the said node certificate of said node PKI deciphering, obtain node certificate with the node encrypted private key; Generate the random number of this verification process, said random number is sent with said node certificate; And receive authentication result and random number, know the authentication result of the sensor node of initiating authentication according to this;
The CA of certification authority receives said node certificate and said random number, and said node certificate is carried out authentication, and authentication result and said random number are sent together.
Further, said system also can have following characteristics:
Also comprise heartbeat effective time in the said heartbeat data;
Said host computer behind the deciphering heartbeat data, judges earlier whether the heartbeat in the heartbeat data that obtains is still effective effective time, if effectively, just decipher said node certificate with the node encrypted private key.
Further, said system also can have following characteristics:
Said host computer; Also after knowing that the sensor node authentication of initiating authentication is passed through, start timer, timing is a preset interim term of validity; Said timer then before; The heartbeat data of the sensor node that said authentication is not passed through is handled, and to constantly, the heartbeat data of the sensor node that continues said authentication is passed through is handled at said timer;
The said preset interim term of validity is greater than said preset report cycle.
Further, said system also can have following characteristics:
Said host computer is when position machine private key is deciphered in the use, if alarming processing is also carried out in the deciphering failure; And/or
Said host computer when the authentication result of knowing the sensor node of initiating authentication is authentification failure, also carries out alarming processing.
Further, said system also can have following characteristics:
Said node certificate comprises: version number, sequence number, signature, issuer, the term of validity, main body and main body public key information.
A kind of Internet of Things authentication method and system based on the PKI technology provided by the invention can carry out unified certification to the Internet of Things node, and be convenient, efficient.
Description of drawings
Fig. 1 is a kind of Internet of Things Verification System block diagram based on the PKI technology of the embodiment of the invention;
Fig. 2 is a kind of Internet of Things authentication method flow chart based on the PKI technology of the embodiment of the invention.
Embodiment
To combine accompanying drawing to specify embodiment of the present invention below.
Referring to Fig. 1, the figure shows a kind of Internet of Things Verification System of the embodiment of the invention based on the PKI technology, comprise one or more sensor node, host computer and the CA of certification authority, wherein:
Said sensor node sends the heartbeat data that uses the host computer public key encryption according to preset report cycle; Said heartbeat data comprises the node PKI and with the node certificate of node encrypted private key.
Said host computer receives said heartbeat data, uses the host computer private key that it is deciphered, and obtains the node PKI and with the node certificate of node encrypted private key; Use the said node certificate of said node PKI deciphering, obtain node certificate with the node encrypted private key; Generate the random number of this verification process, said random number is sent to said CA with said node certificate; And receive authentication result and the random number that said CA returns, know the authentication result of the sensor node of initiating authentication according to this.
Said CA receives node certificate and random number that said host computer sends, and said node certificate is carried out authentication, and authentication result and said random number are sent to said host computer together.
Wherein, each sensor node has the certificate of oneself, and said certificate can be signed and issued by CA.Specifically can sign and issue according to area type, perhaps sign and issue according to industry type, the present invention does not limit at this.
Said host computer can carry out data processing according to authentication result after knowing the authentication result of sensor node, for example, can receive only the data of the sensor node that authentication passes through, thereby guarantees the reliability of data.The embodiment of the invention is sent authentication request through sensor node to host computer dexterously, i.e. heartbeat data, and between host computer and sensor node, increase key protection mechanism; Host computer reports CA with it again after the correctness of confirming heartbeat data, carry out authentication; And the return authentication result gives host computer; Thereby to the characteristics of Internet of Things, Using P KI technology is set up the Internet of Things authentication system dexterously, guarantees the reliability of Internet of Things data.
Preferably, in order effectively to practice thrift the resource of host computer, can also comprise heartbeat effective time in the said heartbeat data.Said host computer is behind the deciphering heartbeat data; Also can obtain the heartbeat effective time of said heartbeat data; Before said node certificate with the node encrypted private key is deciphered; Earlier judge whether said heartbeat is still effective effective time, if effectively, just decipher said node certificate with the node encrypted private key.If invalid, think that then said heartbeat data is expired, no longer accurate, can abandon, need not to carry out again decryption step to node certificate.
Preferably, in order to practice thrift the resource of host computer, said host computer can also be after knowing that the sensor node authentication of initiating authentication is passed through; Start timer; Timing is a preset interim term of validity, said timer then before, the heartbeat data of the sensor node that said authentication is not passed through is handled; To constantly, continuation is handled the heartbeat data of the sensor node that said authentication is passed through at said timer.The said preset interim term of validity is greater than said preset report cycle.
Preferably, the present invention is based on the technological Internet of Things Verification System of PKI and can also increase alarm mechanism.Specifically, can be that said host computer is when a position machine private key is deciphered in the use, if alarming processing is carried out in the deciphering failure.Can also be when said host computer is authentification failure in the authentication result of knowing the sensor node of initiating authentication, to carry out alarming processing.
The transmittability of considering sensor node is lower, and transmission speed is lower, and preferably, the embodiment of the invention is carried out cutting to the information in the certificate X.509, keeps key message wherein, thereby reduces data amount transmitted, makes it more to be applicable to the Internet of Things characteristics.The embodiment of the invention provides a kind of node certificate at this, and it can comprise version number, sequence number, signature, issuer, the term of validity, main body and main body public key information.Wherein:
Said version number is used for the version (version 1, version 2 or version 3) of identity certificate.
Said sequence number is the unique identification by this certificate of certificate authority person distribution.
Said signature is a signature algorithm identifier symbol, adds that by object identifier relevant parameter forms, and is used to the Digital Signature Algorithm of explaining that this certificate is used.For example, the object identifier of SHA-1 and RSA just is used for explaining that this digital signature is to utilize RSA that the SHA-1 hash is encrypted.
Said issuer, the person's that is the certificate authority distinguished name (DN).
The said term of validity is the time period of validity period of certificate.Its field can be made up of " Not Before " and " NotAfter " two, and they are respectively by UTC time or general time representation (detailed time representation rule is arranged in RFC2459).
Said main body is certificate owner's a distinguished name, and this field is a non-NULL, only if another name is arranged in certificate extension.
Said main body public key information is the PKI (and algorithm identifier) of main body.
Preferably, a kind of Internet of Things Verification System based on PKI technology of embodiment of the invention cert is neatly managed, further to guarantee authenticating safety.For example, the certificate update function can be provided, when concrete the realization, can be host computer after each verification process, promptly receive authentication result after, the prompting user certificate that upgrades in time.Also can be according to the different requirement cancellation of doucment.Can also use the mode of for example OCSP online query to realize the issue of certificate revocation list.Or the like.
The embodiment of the invention also provides a kind of method of utilizing said system to realize the Internet of Things authentication, and is as shown in Figure 2, comprises step:
Step S201: sensor node sends the heartbeat data that uses the host computer public key encryption according to preset report cycle to host computer; Said heartbeat data comprises the node PKI and with the node certificate of node encrypted private key;
Step S202: after host computer receives said heartbeat data, use the host computer private key to decipher, obtain the node PKI and with the node certificate of node encrypted private key; Use the said node certificate of said node PKI deciphering, obtain node certificate with the node encrypted private key; Generate the random number of this verification process, said random number is sent to the CA of certification authority with said node certificate;
Step S203: after said CA receives node certificate and random number, said node certificate is carried out authentication, authentication result and said random number are sent to said host computer together;
Step S204: said host computer is known the authentication result of the sensor node of initiating authentication according to authentication result that receives and random number.
Wherein, each sensor node has the certificate of oneself, and said certificate can be signed and issued by CA.Specifically can sign and issue according to area type, perhaps sign and issue according to industry type, the present invention does not limit at this.
Said host computer can carry out data processing according to authentication result after knowing the authentication result of sensor node, for example, can receive only the data of the sensor node that authentication passes through, thereby guarantees the reliability of data.The embodiment of the invention is sent authentication request through sensor node to host computer dexterously, i.e. heartbeat data, and between host computer and sensor node, increase key protection mechanism; Host computer reports CA with it again after the correctness of confirming heartbeat data, carry out authentication; And the return authentication result gives host computer; Thereby to the characteristics of Internet of Things, Using P KI technology is set up the Internet of Things authentication system dexterously, thereby guarantees the reliability of Internet of Things data.。
When execution in step S201, can also comprise heartbeat effective time in the heartbeat data that said sensor node reports.Correspondingly, when execution in step S202, said host computer also can obtain heartbeat effective time behind the heartbeat data in deciphering.Said host computer judges whether said heartbeat is still effective effective time earlier before said node certificate with the node encrypted private key is deciphered, if effectively, just decipher said node certificate with the node encrypted private key.If invalid, think that then said heartbeat data is expired, no longer accurate, can abandon, need not to carry out decryption step again, thereby effectively practice thrift the resource of host computer node certificate.
When execution in step S204, said host computer can also start timer after knowing that the sensor node authentication of initiating authentication is passed through; Timing is a preset interim term of validity; Said timer then before, the heartbeat data of the sensor node that said authentication is not passed through is handled, at said timer to constantly; Continuation is handled the heartbeat data of the sensor node that said authentication is passed through, thereby effectively practices thrift the resource of host computer.Wherein, the said preset interim term of validity is greater than said preset report cycle.
Preferably, can also increase alarm mechanism.For example, when execution in step S202, when said host computer uses the host computer private key to decipher, if the deciphering failure then can be carried out alarming processing.Again for example, when execution in step S204, when said host computer is authentification failure in the authentication result of knowing the sensor node of initiating authentication, then can carry out alarming processing.
The transmittability of considering sensor node is lower, and transmission speed is lower, and preferably, the embodiment of the invention is carried out cutting to the information in the certificate X.509, keeps key message wherein, thereby reduces data amount transmitted, makes it more to be applicable to the Internet of Things characteristics.The embodiment of the invention provides a kind of node certificate at this, and it can comprise version number, sequence number, signature, issuer, the term of validity, main body and main body public key information.Wherein:
Said version number is used for the version (version 1, version 2 or version 3) of identity certificate.
Said sequence number is the unique identification by this certificate of certificate authority person distribution.
Said signature is a signature algorithm identifier symbol, adds that by object identifier relevant parameter forms, and is used to the Digital Signature Algorithm of explaining that this certificate is used.For example, the object identifier of SHA-1 and RSA just is used for explaining that this digital signature is to utilize RSA that the SHA-1 hash is encrypted.
Said issuer, the person's that is the certificate authority distinguished name (DN).
The said term of validity is the time period of validity period of certificate.Its field can be made up of " Not Before " and " NotAfter " two, and they are respectively by UTC time or general time representation (detailed time representation rule is arranged in RFC2459).
Said main body is certificate owner's a distinguished name, and this field is a non-NULL, only if another name is arranged in certificate extension.
Said main body public key information is the PKI (and algorithm identifier) of main body.
Preferably, embodiment of the invention cert is neatly managed, further to guarantee authenticating safety.For example, the certificate update function can be provided, when concrete the realization, can be host computer after each verification process, promptly receive authentication result after, the prompting user certificate that upgrades in time.Also can be according to the different requirement cancellation of doucment.Can also use the mode of for example OCSP online query to realize the issue of certificate revocation list.Or the like.
Certainly; The present invention also can have other various embodiments; Under the situation that does not deviate from spirit of the present invention and essence thereof; Those skilled in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (10)
1. the Internet of Things authentication method based on the PKI technology is characterized in that, comprising:
Sensor node sends the heartbeat data that uses the host computer public key encryption according to preset report cycle to host computer; Said heartbeat data comprises the node PKI and with the node certificate of node encrypted private key;
After host computer receives said heartbeat data, use the host computer private key to decipher, obtain the node PKI and with the node certificate of node encrypted private key; Use the said node certificate of said node PKI deciphering, obtain node certificate with the node encrypted private key; Generate the random number of this verification process, said random number is sent to the CA of certification authority with said node certificate;
After said CA receives node certificate and random number, said node certificate is carried out authentication, authentication result and said random number are sent to said host computer together;
Said host computer is known the authentication result of the sensor node of initiating authentication according to authentication result that receives and random number.
2. the method for claim 1 is characterized in that:
Also comprise heartbeat effective time in the said heartbeat data;
Said host computer judges earlier whether the heartbeat in the heartbeat data that obtains is still effective effective time, if effectively, just decipher said node certificate with the node encrypted private key behind the deciphering heartbeat data.
3. according to claim 1 or claim 2 method is characterized in that, also comprises:
Said host computer is after knowing that the sensor node authentication of initiating authentication is passed through; Start timer; Timing is a preset interim term of validity, said timer then before, the heartbeat data of the sensor node that said authentication is not passed through is handled; To constantly, continuation is handled the heartbeat data of the sensor node that said authentication is passed through at said timer;
The said preset interim term of validity is greater than said preset report cycle.
4. the method for claim 1 is characterized in that, also comprises:
When said host computer uses the host computer private key to decipher, if alarming processing is then carried out in the deciphering failure; And/or
When said host computer is authentification failure in the authentication result of knowing the sensor node of initiating authentication, then carry out alarming processing.
5. the method for claim 1 is characterized in that:
Said node certificate comprises: version number, sequence number, signature, issuer, the term of validity, main body and main body public key information.
6. the Internet of Things Verification System based on the PKI technology is characterized in that, comprising:
Sensor node sends the heartbeat data that uses the host computer public key encryption according to preset report cycle; Said heartbeat data comprises the node PKI and with the node certificate of node encrypted private key;
Host computer receives said heartbeat data, uses the host computer private key that it is deciphered, and obtains the node PKI and with the node certificate of node encrypted private key; Use the said node certificate of said node PKI deciphering, obtain node certificate with the node encrypted private key; Generate the random number of this verification process, said random number is sent with said node certificate; And receive authentication result and random number, know the authentication result of the sensor node of initiating authentication according to this;
The CA of certification authority receives said node certificate and said random number, and said node certificate is carried out authentication, and authentication result and said random number are sent together.
7. system as claimed in claim 6 is characterized in that:
Also comprise heartbeat effective time in the said heartbeat data;
Said host computer behind the deciphering heartbeat data, judges earlier whether the heartbeat in the heartbeat data that obtains is still effective effective time, if effectively, just decipher said node certificate with the node encrypted private key.
8. like claim 6 or 7 described systems, it is characterized in that:
Said host computer; Also after knowing that the sensor node authentication of initiating authentication is passed through, start timer, timing is a preset interim term of validity; Said timer then before; The heartbeat data of the sensor node that said authentication is not passed through is handled, and to constantly, the heartbeat data of the sensor node that continues said authentication is passed through is handled at said timer;
The said preset interim term of validity is greater than said preset report cycle.
9. system as claimed in claim 6 is characterized in that:
Said host computer is when position machine private key is deciphered in the use, if alarming processing is also carried out in the deciphering failure; And/or
Said host computer when the authentication result of knowing the sensor node of initiating authentication is authentification failure, also carries out alarming processing.
10. system as claimed in claim 6 is characterized in that:
Said node certificate comprises: version number, sequence number, signature, issuer, the term of validity, main body and main body public key information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010603710.5A CN102571338B (en) | 2010-12-23 | 2010-12-23 | A kind of Internet of Things authentication method based on PKI technology and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010603710.5A CN102571338B (en) | 2010-12-23 | 2010-12-23 | A kind of Internet of Things authentication method based on PKI technology and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102571338A true CN102571338A (en) | 2012-07-11 |
| CN102571338B CN102571338B (en) | 2015-09-23 |
Family
ID=46415880
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010603710.5A Active CN102571338B (en) | 2010-12-23 | 2010-12-23 | A kind of Internet of Things authentication method based on PKI technology and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102571338B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105120066A (en) * | 2015-07-16 | 2015-12-02 | 福建联迪商用设备有限公司 | Method and system for safely switching terminal product mode and development mode |
| CN105117665A (en) * | 2015-07-16 | 2015-12-02 | 福建联迪商用设备有限公司 | Method and system for safely switching between terminal product mode and development mode |
| CN107688300A (en) * | 2017-09-08 | 2018-02-13 | 深圳市盛路物联通讯技术有限公司 | The control method and associated server of a kind of equipment |
| CN110192197A (en) * | 2017-01-12 | 2019-08-30 | 霍尼韦尔国际公司 | Identity is established by using certificate and trusts the technology to realize the guarantee of certified products equipment |
| CN113992450A (en) * | 2021-12-28 | 2022-01-28 | 威晟汽车科技(宁波)有限公司 | High-reliability data transmission method based on LIN bus |
| CN114070649A (en) * | 2021-12-15 | 2022-02-18 | 武汉天喻信息产业股份有限公司 | Method and system for secure communication between devices |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929380A (en) * | 2006-09-23 | 2007-03-14 | 西安西电捷通无线网络通信有限公司 | Public key certificate state obtaining and verification method |
| CN101500146A (en) * | 2009-02-18 | 2009-08-05 | 北京永新视博数字电视技术有限公司 | Digital television receiving control method and apparatus based on bi-directional network |
| CN101867530A (en) * | 2010-05-31 | 2010-10-20 | 西安电子科技大学 | Things-internet gateway system based on virtual machine and data interactive method |
| CN101888295A (en) * | 2009-05-15 | 2010-11-17 | 南京理工大学 | Distributed multi-term safety certification method |
| CN202103686U (en) * | 2010-12-23 | 2012-01-04 | 北京时代凌宇科技有限公司 | Public key infrastructure (PKI) technology-based internet-of-things authentication system |
-
2010
- 2010-12-23 CN CN201010603710.5A patent/CN102571338B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1929380A (en) * | 2006-09-23 | 2007-03-14 | 西安西电捷通无线网络通信有限公司 | Public key certificate state obtaining and verification method |
| CN101500146A (en) * | 2009-02-18 | 2009-08-05 | 北京永新视博数字电视技术有限公司 | Digital television receiving control method and apparatus based on bi-directional network |
| CN101888295A (en) * | 2009-05-15 | 2010-11-17 | 南京理工大学 | Distributed multi-term safety certification method |
| CN101867530A (en) * | 2010-05-31 | 2010-10-20 | 西安电子科技大学 | Things-internet gateway system based on virtual machine and data interactive method |
| CN202103686U (en) * | 2010-12-23 | 2012-01-04 | 北京时代凌宇科技有限公司 | Public key infrastructure (PKI) technology-based internet-of-things authentication system |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105120066A (en) * | 2015-07-16 | 2015-12-02 | 福建联迪商用设备有限公司 | Method and system for safely switching terminal product mode and development mode |
| CN105117665A (en) * | 2015-07-16 | 2015-12-02 | 福建联迪商用设备有限公司 | Method and system for safely switching between terminal product mode and development mode |
| WO2017008730A1 (en) * | 2015-07-16 | 2017-01-19 | 福建联迪商用设备有限公司 | Method and system for securely switching terminal between product mode and development mode |
| CN105117665B (en) * | 2015-07-16 | 2017-10-31 | 福建联迪商用设备有限公司 | A kind of end product pattern and the method and system of development mode handoff-security |
| CN105120066B (en) * | 2015-07-16 | 2017-12-08 | 福建联迪商用设备有限公司 | A kind of end product pattern and the method and system of development mode handoff-security |
| CN110192197A (en) * | 2017-01-12 | 2019-08-30 | 霍尼韦尔国际公司 | Identity is established by using certificate and trusts the technology to realize the guarantee of certified products equipment |
| CN110192197B (en) * | 2017-01-12 | 2023-10-27 | 霍尼韦尔国际公司 | Technique for implementing genuine equipment assurance by establishing identity and trust using certificates |
| CN107688300A (en) * | 2017-09-08 | 2018-02-13 | 深圳市盛路物联通讯技术有限公司 | The control method and associated server of a kind of equipment |
| CN114070649A (en) * | 2021-12-15 | 2022-02-18 | 武汉天喻信息产业股份有限公司 | Method and system for secure communication between devices |
| CN113992450A (en) * | 2021-12-28 | 2022-01-28 | 威晟汽车科技(宁波)有限公司 | High-reliability data transmission method based on LIN bus |
| CN113992450B (en) * | 2021-12-28 | 2022-05-13 | 威晟汽车科技(宁波)有限公司 | High-reliability data transmission method based on LIN bus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102571338B (en) | 2015-09-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20060206433A1 (en) | Secure and authenticated delivery of data from an automated meter reading system | |
| GB2392590A (en) | Establishing a chain of secure communication links for delegation | |
| KR102325725B1 (en) | Digital certificate management method and device | |
| CN109104271B (en) | Digital signature method, device and system | |
| CN101720071A (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| CN103186720B (en) | A kind of digital copyright management method, equipment and system | |
| CN102571338B (en) | A kind of Internet of Things authentication method based on PKI technology and system | |
| KR20060133403A (en) | System and method for detecting the exposure of ocsp responder's session private key | |
| CN104424446A (en) | Safety verification and transmission method and system | |
| CN111934884B (en) | Certificate management method and device | |
| JP2022521525A (en) | Cryptographic method for validating data | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
| EP4229536A1 (en) | Constructing a multiple-entity root certificate data block chain | |
| CN102447705A (en) | Digital certificate revocation method and equipment | |
| CN101984626B (en) | Method and system for safely exchanging files | |
| Hassinen | Java based public key infrastructure for sms messaging | |
| GB2543359A (en) | Methods and apparatus for secure communication | |
| CN109495257B (en) | Data acquisition unit encryption method based on improved SM2 cryptographic algorithm | |
| CN115174277B (en) | Data communication and file exchange method based on block chain | |
| KR20140033824A (en) | Encryption systems and methods using hash value as symmetric key in the smart device | |
| CN111131311A (en) | Data transmission method based on block chain and block chain link point | |
| CN202103686U (en) | Public key infrastructure (PKI) technology-based internet-of-things authentication system | |
| Senthil Kumari et al. | Key derivation policy for data security and data integrity in cloud computing | |
| Xingliang et al. | A new authentication scheme for wireless ad hoc network | |
| KR20100002424A (en) | Method for generating secure key using certificateless public key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100096 Beijing City, Haidian District Xisanqi building materials City Road No. 18 building 4 layer Bestpower Patentee after: Beijing times Polytron Technologies Inc Address before: 100096 Beijing City, Haidian District Xisanqi building materials City Road No. 18 building 4 layer Bestpower Patentee before: Beijing LOIT Technology Co., Ltd. |