A kind of anti-identity attack method and system in intelligent domestic system
Technical field
The present invention relates to the anti-identity attack method and system in a kind of intelligent domestic system, belong to intelligent domestic system
Security technology area.
Background technology
At present, the most basic target of smart home be for people provide one it is comfortable, conveniently, safely with efficient life cycle
Border.For smart home product, it is most important that using practicality as core, product is based on practicality, ease for use and hommization.
Smart home using house as platform, using comprehensive wiring technology, the network communications technology, security precautions technology, automatic control technology,
Audio frequency and video technology integrates the relevant facility of life staying idle at home, builds the management system of efficient housing facilities and family's schedule affairs
System, lifting house security, convenience, comfortableness, artistry, and realize the living environment of environmental protection and energy saving.Smart home can
Allowing user to have more easily, means manage household equipment, such as, by touch-screen, Digiplex, phone, internet or
Speech recognition controlled housed device;On the other hand, the various equipment in smart home can communicate each other, it is not necessary to which user refers to
Wave also can according to the interactive operation of different state, so as to user bring farthest it is efficient, convenient, comfortable with it is safe.
Cut-off 2013, in global range information technology innovation constantly accelerate, message area new product, new demand servicing are largely gushed
It is existing, new consumption demand is constantly excited, turns into the consumption hot spot become increasingly active.China market is in large scale, is in resident and disappears
Take upgrading and informationization, industrialization, urbanization, agricultural modernization are accelerated the stage of fusion development, information consumption has good hair
Exhibition basis and great potential.The Chinese government was also sent out on the 14th in order to promote information-based, intelligent city to develop in August in 2013
Table surveys the popularization of development broadband, broadband speed-raising, accelerates to promote letter energetically on promoting some opinions that information consumption is expanded domestic demand
Breath consumption sustainable growth, this all lays a solid foundation for the development of smart home, Internet of Things industry.
It is using comprehensive wiring technology, the network communications technology that smart home is integrated, security precautions technology, automatically controls skill
Art, audio frequency and video technology are by the relevant integration of equipments of life staying idle at home.The technical standard and the difference of agreement used due to smart home,
Most of intelligent domestic systems all use comprehensive wiring mode, but minority system may not use comprehensive wiring technology, such as electricity
Power carrier wave, no matter any situation, all necessarily there is the corresponding network communications technology to complete required signal transformation task, therefore
The network communications technology is one of integrated middle crucial technology of smart home.With the fast development of mobile Internet, smart home
Product uses wireless communication technology, such as wifi, zigbee, IrDA infrared technique, 3G/4G technologies, channel radio more and more
Letter technology biggest advantage is exactly flexibly convenient, can extend or reequip at any time according to demand.
Security precautions technology is technology essential in intelligent domestic system, in cell and indoor video intercom, family
The fields such as monitoring, home security alarm, the cell all-purpose card relevant with family are all widely used.Because smart home highly pastes
The various privacy informations of the life of persons of modern times, domestic environment and user's life by network transmission, and be stored in it is local or
High in the clouds, user controls also by network and manages household equipment, therefore the secure communication of smart home is most important.It is unsafe
Communication system will person under attack interference and fail or even controlled completely by attacker, cause the leakage of smart home data
The even collapse of whole system.
The content of the invention
(1) technical problems to be solved
The technical problem to be solved in the present invention is:Ensure between smart home central control management system and interaction controller
Communication security, resist the attack of identity-based.
(2) technical scheme
In order to solve the above technical problems, on the one hand, the invention provides the anti-identity attack in a kind of intelligent domestic system
Method, comprise the following steps:
Interaction controller is to central control management system registry;
Interaction controller sends control command to central control management system;
Central control management system validating identity identifier;
Central control management system verifies Dynamic Recognition code;
Central control management system is extracted control command and sent.
Wherein more preferably, the interaction controller further comprised to the step of central control management system registry:
Central control management system installs Dynamic Recognition code generator in interaction controller, and in central control management system
Blanket insurance deposits two tuples.
Wherein more preferably, the step of interaction controller sends control command to central control management system is further wrapped
Include:
Control command is produced in user's operating interactive controller;
The Dynamic Recognition code at interaction controller current time, and form control command point with identity and control command
Group;
Interaction controller after control command block encryption to sending to central control management system.
Wherein more preferably, the step of central control management system validating identity identifier further comprises:
The central control management system docking is received after control command is grouped to control command packet deciphering;
Identification in the extraction control command packet of central control management system identifies and in local search;
If the identification mark in being grouped without control command, abandons the packet;
Identification in being grouped if control command identifies, then verifies Dynamic Recognition code.
Wherein more preferably, the step of central control management system checking Dynamic Recognition code further comprises:
Central control management system uses;
The Dynamic Recognition code that central control management system is generated and the Dynamic Recognition code in control command;
Packet is abandoned if inconsistent;
Control command is extracted if consistent and is sent.
Wherein more preferably, the step of central control management system is extracted control command and sent also includes controlling user
The step of system order learns and stored.
On the other hand the present invention a kind of intelligent domestic system using the above method is also provided, in including interaction controller,
Central control management system and domestic. applications subsystem;
The interaction controller and the domestic. applications subsystem are communicated by network with the central control management system
Connection;
The control command that the interaction controller is sent is transmitted through the network to the central control management system, in described
Sent after entreating Control management system processing to the domestic. applications subsystem.
Wherein more preferably, the interaction controller can be remote control or the control terminal on IOS/Android.
Wherein more preferably, the domestic. applications subsystem be Household security system, electrical apparatus control system, home theater with it is more
One or more in media system, environmental monitoring and control system.
(3) beneficial effect
Anti- identity attack method and system in a kind of intelligent domestic system provided by the invention, are given birth to by Dynamic Recognition code
Grow up to be a useful person and producing different Dynamic Recognition codes at different moments, and the Dynamic Recognition code only has interaction controller and central control management
System possesses, and realizes one-time pad, effectively prevent illegal manipulation and identity forgery attack.
Brief description of the drawings
Fig. 1 is the system structure diagram of the intelligent domestic system based on wireless network;
Fig. 2:The structural representation of smart home subsystem;
Fig. 3:Anti- identity attack method flow schematic diagram in intelligent domestic system.
Embodiment
With reference to the accompanying drawings and examples, the embodiment of the present invention is described in further detail.Implement below
Example is used to illustrate the present invention, but is not limited to the scope of the present invention.
Fig. 1 shows the general structure of the intelligent domestic system based on wireless network, and it includes interaction controller, center
The subsystem such as Control management system and Household security system.User is led to by interaction controller and central control management system
Letter, interaction controller can be the remote control based on the technology such as IrDA infrared techniques, Bluetooth technology, wifi, zigbee, can also
It is the remote control terminal based on 3G/4G networks.The wireless communication technology such as infrared, bluetooth, wifi, zigbee is suitable for household master
People communicates with central control management system (these short-range communication technologies are referred to as into " indoor wireless communication technology " below) indoors,
The communication being also used between subsystems and central control management system;It is remote out of doors that 3G/4G technologies are suitable for home owner
Process control central control management system.The form of interaction controller is varied, can be traditional remote control or
The APP run in IOS/Android systems.User sends control command by interaction controller to central management control system,
And the latter is then the core of whole intelligent domestic system, it receives the control command of user and is communicated to subsystems, also may be used
With Automated condtrol subsystems.Central control management system is also responsible for data storage, and the subsystem in smart home will be each
It is sent to from the data message of collection, user can check these data messages or start the self-study of central control management system
Function is practised, this functionality can find the favorite family of owner from substantial amounts of data by machine learning and data mining technology
Habitat environment and the comfort conditions that subsystems are adjusted to be best suitable for owner.Subsystem in intelligent domestic system includes family
Safety-protection system, electrical apparatus control system, home theater and multimedia system, environmental monitoring and control system etc., wherein, household safety-protection
System is " smart home " indispensability, and other is all optional.Household security system uses video monitoring, burglar alarm, electric lock
The technologies such as gate inhibition, smog alarm ensure the physical security of house system;Environmental monitoring then utilizes sensor technology with control system
Indoor environment index is monitored, and is adjusted to the state of most suitable owner lives.
Fig. 2 shows the general structure of smart home subsystem.Smart home subsystem includes communication module, control mould
Block and sampling module.Communication module is responsible for the communication between central control management system, the data that it collects sampling module
Information is sent to central control management system and receives the control signal of its transmission.Control module is then responsible for processing control signal simultaneously
The signal is converted into corresponding action.By taking Illumination Control Subsystem as an example, user is sent by interaction controller " changes light
The control signal of color ", the signal send central control management system to by wireless communication technology first, then send illumination to
The communication module of control subsystem, finally it is communicated to the control module of Illumination Control Subsystem.Control module identification " changes light
The behavior of subsystem is translated into after the control signal of color ":Light color is changed into that user specifies or random
Certain color.Sampling module can then collect the corresponding relation of light color and date-time, and by the information transmission in
Control management system is entreated to preserve, so, when user does not send control command, Illumination Control Subsystem can be adjusted automatically
Whole light color is the period favorite color of user.
As shown in figure 3, the anti-identity attack method in intelligent domestic system provided by the invention, specifically includes following step
Suddenly:Interaction controller is to central control management system registry;Interaction controller sends control command to central control management system;
Central control management system validating identity identifier;Central control management system verifies Dynamic Recognition code;Central control management system
Extraction control command is simultaneously sent.Below to present invention expansion detailed description.
First, the step of interaction controller is to central control management system registry.
For interaction controller to central control management system registry, the interaction controller can be that remote control can also be peace
Control terminal on IOS/Android.Each interaction controller has unique identity, and different interactive controllings
Utensil has different identity.Interaction controller is being needed in before coming into force (before can be used in sending control command)
Centre Control management system is registered and installs corresponding Dynamic Recognition code generator.Mutual controller is to central control management system registry
When, central control management system installs Dynamic Recognition code generator in interaction controller, and in central control management system sheet
Ground preserves two tuples (identity, Dynamic Recognition code generator).Its Dynamic Recognition code generator is with having the identity
Interaction controller on Dynamic Recognition code generator it is the same, it is synchronous at every predetermined time to produce identical Dynamic Recognition code.
The identity of each interaction controller is different, and the Dynamic Recognition code generator that they are used is also different.After registration,
Interaction controller can uses.
Secondly, the step of interaction controller is to central control management system transmission control command is introduced.
Interaction controller sends control command to central control management system.Interaction controller produces under the operation of user
Control command.The order can be that simple coding can also be complicated binary data.The Dynamic Recognition of interaction controller
Code generator generates the Dynamic Recognition code at the moment, and it forms control command packet together with identity, control command.Interaction
Controller by wireless network after control command block encryption to being sent to central control management system.If control command is grouped
Sent in the form of plaintext, then attacker is easy to obtain these packets by eavesdropping shared channel and therefrom identified
Related order, further learns the controlling behavior corresponding to order, so being needed before control command packet is sent pair
It is encrypted.But the packet after encryption be not it is safe because attacker by send identical 0-1 sequences to
Central control management system, it is possible to realize identical controlling behavior.So interaction controller must use Dynamic Recognition code skill
Art.Dynamic Recognition code at different moments is different, and the Dynamic Recognition code only has interaction controller and central control management system
Possess, therefore same interaction controller is all different in the control command sent at different moments, this is equivalent to realize
One-time pad, it effectively prevent illegal manipulation and identity forgery attack.
Again, the step of introducing central control management system validating identity identifier.
Central control management system validating identity identifier.It is first after central control management system receives control command packet
First control command packet is decrypted.Central control management system extracts the identity in control command packet and in local
Inquiry, if the body in not finding control command packet in all (identity, Dynamic Recognition code generator) records
Part mark, then control command packet is abandoned, otherwise central control management system checking Dynamic Recognition code.Central control management system
Data are decrypted first after receiving order, then carry out authentication (including identity checking and Dynamic Recognition code
Checking), it can be just performed by the control command of authentication.
4th, introduce the step of central control management system verifies Dynamic Recognition code.
Central control management system verifies Dynamic Recognition code.Central control management system uses (identity, Dynamic Recognition
Code generator) Dynamic Recognition code generator generates corresponding Dynamic Recognition code in record.Central control management system gives birth to oneself
Into Dynamic Recognition code and control command be grouped in Dynamic Recognition code compare, if inconsistent, abandon packet, otherwise center control
Management system processed is extracted control command and sent.
Finally, the step of introducing central control management system extraction control command and sending.
Control command in the extraction control command packet of central control management system, and send it to correlation subsystem and hold
OK.
In summary, the present invention is producing different Dynamic Recognition codes at different moments by Dynamic Recognition code generator, and
The Dynamic Recognition code only has interaction controller and central control management system to possess, and realizes one-time pad, effectively prevent
Illegal manipulation and identity forgery attack.
Embodiment of above is merely to illustrate the present invention, and not limitation of the present invention, about the common of technical field
Technical staff, without departing from the spirit and scope of the present invention, it can also make a variety of changes and modification, thus it is all
Equivalent technical scheme falls within scope of the invention, and scope of patent protection of the invention should be defined by the claims.