Anti-identity attack method and system in a kind of intelligent domestic system
Technical field
The present invention relates to anti-identity attack method and system in a kind of intelligent domestic system, belong to the safe practice field of intelligent domestic system.
Background technology
At present, the most basic target of Smart Home is to provide comfortable a, safety, convenience and living environment efficiently for people.Concerning Smart Home product, the most important thing is take that practicality is as core, product turns to master with practicality, ease for use and human nature.Smart Home be take house as platform, utilize comprehensive wiring technology, the network communications technology, security precautions technology, automatic control technology, audio frequency and video technology that the relevant facility of life staying idle at home is integrated, build the management system of efficient house facility and family's schedule affairs, promote house security, convenience, comfortableness, artistry, and realize the living environment of environmental protection and energy saving.Smart Home can allow user have means more easily to carry out managing family equipment, such as, by touch-screen, Digiplex, phone, the Internet or speech recognition controlled housed device; On the other hand, the various device in Smart Home each other can communication, and not needing user to command also can be according to the interactive operation of different states, thereby brings farthest efficient, convenient, comfortable and safety to user.
End 2013, the technological innovation of global range internal information is constantly accelerated, and message area new product, new service emerge in multitude, and constantly excite new consumption demand, become the consumption hot spot of becoming increasingly active.China market is in large scale, is in the stage of consumption of resident upgrading and informationization, industrialization, urbanization, agricultural modernization quickening fusion development, and information consumption has good development foundation and great potential.The Chinese government has also delivered the some suggestions about promoting that information consumption is expanded domestic demand in order to promote informationization, intelligent city development on August 14th, 2013, survey energetically that development broadband is universal, broadband speed-raising, accelerate to promote information consumption sustainable growth, this is all that the development of Smart Home, Internet of Things industry lays a solid foundation.
Smart Home is integrated is to utilize comprehensive wiring technology, the network communications technology, security precautions technology, automatic control technology, audio frequency and video technology by the relevant integration of equipments of life staying idle at home.The technical standard adopting due to Smart Home is different from agreement, most of intelligent domestic systems all adopt comprehensive wiring mode, but minority system may not adopt comprehensive wiring technology, as power carrier, no matter any situation, all necessarily have the corresponding network communications technology to complete required signal transformation task, so the network communications technology is one of technology of the integrated middle key of Smart Home.Fast development along with mobile Internet, Smart Home product is used wireless communication technology more and more, such as wifi, zigbee, IrDA infrared technique, 3G/4G technology, the advantage of wireless communication technology maximum is exactly convenient flexibly, can expand at any time according to demand or reequip.
Security precautions technology is requisite technology in intelligent domestic system, in community and the monitoring of indoor video intercom, family, home security are reported to the police, the fields such as community all-purpose card relevant with family is all widely used.The life of pressing close to people due to Smart Home height, the various privacy informations of domestic environment and user's life pass through Internet Transmission, and be stored in this locality or high in the clouds, user is also by network control and managing family equipment, so the secure communication of Smart Home is most important.Unsafe communication system will person under attack interference and the even victim that lost efficacy is controlled completely, cause the even collapse of whole system of leakage of Smart Home data.
Summary of the invention
(1) technical problem that will solve
The technical problem to be solved in the present invention is: ensure the communication security between Smart Home central control management system and interaction controller, the attack of opposing based on identity.
(2) technical scheme
For solving the problems of the technologies described above, on the one hand, the invention provides the anti-identity attack method in a kind of intelligent domestic system, comprise the steps:
Interaction controller is to central control management system registry;
Interaction controller sends control command to central control management system;
Central control management system verification identify label;
Central control management system verification Dynamic Recognition code;
Central control management system is extracted control command and is sent.
Wherein more preferably, described interaction controller further comprises to the step of central control management system registry:
Central control management system is installed Dynamic Recognition code generator in interaction controller, and preserves two tuples in central control management system.
Wherein more preferably, the step that described interaction controller sends control command to central control management system further comprises:
At user's operating interactive controller, produce control command;
The Dynamic Recognition code of interaction controller current time, and with identify label and control command formation control command packet;
Interaction controller is sent to central control management system after to control command block encryption.
Wherein more preferably, the step of described central control management system verification identify label further comprises:
Described central control management system docking is received after control command grouping control command packet deciphering;
Central control management system is extracted identification sign in control command grouping and at local search;
If the identification sign without in control command grouping, abandons this grouping;
If have the identification sign in control command grouping, verify Dynamic Recognition code.
Wherein more preferably, the step of described central control management system verification Dynamic Recognition code further comprises:
Central control management system is used;
The Dynamic Recognition code that central control management system is generated and the Dynamic Recognition code in control command;
If inconsistent, abandon grouping;
If unanimously, extract control command and send.
Wherein more preferably, the step of described central control management system extraction control command transmission also comprises the step that user control command is learnt and stored.
The present invention also provides a kind of intelligent domestic system of applying said method on the other hand, in comprising interaction controller, central control management system and domestic. applications subsystem;
Described interaction controller is connected with described central control management system communication by network with described domestic. applications subsystem;
The control command that described interaction controller sends is transmitted through the network to described central control management system, and described central control management system is sent to described domestic. applications subsystem after processing.
Wherein more preferably, described interaction controller can be remote controller or be arranged on the control terminal on IOS/Android.
Wherein more preferably, described domestic. applications subsystem is one or more in Household security system, electrical apparatus control system, home theater and multimedia system, environmental monitoring and control system.
(3) beneficial effect
Anti-identity attack method and system in a kind of intelligent domestic system provided by the invention, by Dynamic Recognition code generator, do not producing in the same time different Dynamic Recognition codes, and this Dynamic Recognition code only has interaction controller and central control management system to have, realized one-time pad, effectively prevented from illegally controlling and identity forgery attack.
Accompanying drawing explanation
Fig. 1 is the system configuration schematic diagram of the intelligent domestic system based on wireless network;
Fig. 2: the structural representation of Smart Home subsystem;
Fig. 3: the anti-identity attack method schematic flow sheet in intelligent domestic system.
Embodiment
Below in conjunction with drawings and Examples, the specific embodiment of the present invention is described in further detail.Following examples are used for illustrating the present invention, but are not used for limiting the scope of the invention.
Fig. 1 has shown the general structure of the intelligent domestic system based on wireless network, and it comprises the subsystems such as interaction controller, central control management system and Household security system.User is by interaction controller and central control management system communication, and interaction controller can be the remote controller based on technology such as IrDA infrared technique, Bluetooth technology, wifi, zigbee, can be also the remote control terminal based on 3G/4G network.The wireless communication technologys such as infrared, bluetooth, wifi, zigbee are suitable for household owner in indoor and central control management system communication (below these short-range communication technology being called to " indoor wireless communication technology "), also for communicating by letter between subsystems and central control management system; 3G/4G technology is suitable for household owner Long-distance Control central control management system out of doors.The form of interaction controller is varied, can be traditional remote controller, can be also the APP moving in IOS/Android system.User sends control command by interaction controller to central management control system, and the latter is the core of whole intelligent domestic system, and it receives user's control command and is communicated to subsystems, also can automation control subsystems.Central control management system is also responsible for storage data, subsystem in Smart Home sends to it by the data message gathering separately, user can check these data messages or start the self-learning function of central control management system, and this function can be from a large amount of data be adjusted to the most applicable owner's comfort conditions by machine learning and the data mining technology discovery favorite domestic environment of owner and by subsystems.Subsystem in intelligent domestic system comprises Household security system, electrical apparatus control system, home theater and multimedia system, environmental monitoring and control system etc., and wherein, Household security system is that " Smart Home " is indispensable, and other is all optional.Household security system is used the technology such as video monitoring, burglar alarm, electric lock gate inhibition, smog alarm to guarantee the material safety of house system; Environmental monitoring and control system are utilized sensor technology monitoring indoor environment index, and are adjusted to the state that the most applicable owner lives.
Fig. 2 has shown the general structure of Smart Home subsystem.Smart Home subsystem comprises communication module, control module and sampling module.Communication module be responsible for central control management system between communicate by letter, it sends to central control management system by the data message of sampling module collection and receives the control signal of its transmission.Control module is responsible for processing control signals and this signal is converted into corresponding action.The illumination control subsystem of take is example, user sends the control signal of " changing Light Color " by interaction controller, first this signal sends central control management system to by wireless communication technology, send again the communication module of illumination control subsystem to, be finally communicated to the control module of illumination control subsystem.After the control signal of control module identification " changing Light Color ", be translated into the behavior of subsystem: be about to light color and change certain color user's appointment or random into.Sampling module can be collected light color and the corresponding relation of time on date, and this information is delivered to the preservation of central control management system, like this, when user does not send control command, illumination control subsystem can be adjusted light color automatically for the favorite color of this period user.
As shown in Figure 3, the anti-identity attack method in intelligent domestic system provided by the invention, specifically comprises the steps: that interaction controller is to central control management system registry; Interaction controller sends control command to central control management system; Central control management system verification identify label; Central control management system verification Dynamic Recognition code; Central control management system is extracted control command and is sent.The present invention is launched to detailed explanation below.
First, interaction controller is to the step of central control management system registry.
Interaction controller is to central control management system registry, and described interaction controller can be that remote controller also can be mounted in the control terminal on IOS/Android.Each interaction controller has unique identify label, and different interaction controllers has different identify labels.Interaction controller (before can be used in transmission control command) before coming into force need to and be installed corresponding Dynamic Recognition code generator to central control management system registry.When controller is to central control management system registry mutually, central control management system is installed Dynamic Recognition code generator in interaction controller, and in local two tuples (identify label, Dynamic Recognition code generator) of preserving of central control management system.Its Dynamic Recognition code generator is the same with the Dynamic Recognition code generator having on the interaction controller of this identify label, every predetermined time, synchronously produces identical Dynamic Recognition code.The identify label of each interaction controller is different, and the Dynamic Recognition code generator that they use is also different.After registration, interaction controller just can have been used.
Secondly, introduce interaction controller and to central control management system, send the step of control command.
Interaction controller sends control command to central control management system.Interaction controller produces control command under user's operation.This order can be that simple coding can be also complicated binary data.The Dynamic Recognition code generator of interaction controller generates the Dynamic Recognition code in this moment, and it is formation control command packet together with identify label, control command.Interaction controller sends to central control management system by wireless network after to control command block encryption.If control command grouping sends with form expressly, assailant is easy to be obtained these packets and therefrom identified relevant order by eavesdropping shared channel, further learn out the corresponding control behavior of order, so needed it to be encrypted before sending control command grouping.But the packet after encryption is not safe, because assailant is by sending identical 0-1 sequence to central control management system, just can realize identical control behavior.So interaction controller must be used Dynamic Recognition code technology.Dynamic Recognition code is in the same time not different, and this Dynamic Recognition code only has interaction controller and central control management system to have, therefore same interaction controller is all different in the control command not sending in the same time, this is just equivalent to realize one-time pad, has effectively prevented from illegally controlling and identity forgery attack.
Again, introduce the step of central control management system verification identify label.
Central control management system verification identify label.Central control management system receives after control command grouping, and first to control command, grouping is decrypted.Central control management system is extracted identify label in control command grouping and at local search, if in all (identify labels, Dynamic Recognition code generator) in record, do not find the identify label in control command grouping, abandon control command grouping, otherwise central control management system verification Dynamic Recognition code.First central control management system is decrypted data after receiving order, then carries out authentication (comprising identify label checking and the checking of Dynamic Recognition code), by the control command of authentication, just can be performed.
The 4th, introduce the step of central control management system verification Dynamic Recognition code.
Central control management system verification Dynamic Recognition code.Central control management system is used Dynamic Recognition code generator in (identify label, Dynamic Recognition code generator) record to generate corresponding Dynamic Recognition code.Dynamic Recognition code in the Dynamic Recognition code that central control management system generates oneself and control command grouping is compared, if inconsistent, abandons grouping, otherwise central control management system is extracted control command and sent.
Finally, introduce the step that central control management system is extracted control command and sent.
Central control management system is extracted the control command in control command grouping, and sends to correlation subsystem to carry out it.
In sum, the present invention is not producing different Dynamic Recognition codes in the same time by Dynamic Recognition code generator, and this Dynamic Recognition code only has interaction controller and central control management system to have, and has realized one-time pad, has effectively prevented from illegally controlling and identity forgery attack.
Above execution mode is only for illustrating the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; without departing from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.