CN104717225A - Internet of Things gateway access authentication method and system - Google Patents
Internet of Things gateway access authentication method and system Download PDFInfo
- Publication number
- CN104717225A CN104717225A CN201510145998.9A CN201510145998A CN104717225A CN 104717225 A CN104717225 A CN 104717225A CN 201510145998 A CN201510145998 A CN 201510145998A CN 104717225 A CN104717225 A CN 104717225A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- access
- equipment
- wireless channel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides an Internet of Things gateway access authentication method and system. The method includes the steps that S110, after being started, Internet of Things equipment scans wireless channels of the corresponding access mode according to an own wireless access mode, selects the wireless channel meeting a preset condition, generates an Internet of Things dedicated access password according to a preset rule to get access to the selected wireless channel, is connected with an Internet of Things gateway and uploads equipment description information; S120, after monitoring connection of the Internet of Things equipment, the Internet of Things gateway blocks communication from the Internet of Things equipment to other equipment or networks and carries out authentication according to the equipment description information uploaded by the Internet of Things equipment, if authentication is successful, the Internet of Things equipment is allowed to get access, and restriction on data communication between the Internet of Things equipment and the other equipment or the networks is lifted. Due to the Internet of Things gateway access authentication method and system, plug and play access authentication of the Internet of Things equipment can be achieved conveniently.
Description
Technical field
The present invention relates to Internet of Things field, be specifically related to a kind of things-internet gateway access authentication method and system.
Background technology
Along with the fast development of Internet of Things, may there is a large amount of internet of things equipments in future customer family.In order to promote Consumer's Experience, these internet of things equipments need to be linked in things-internet gateway easily to realize plug and play on the one hand, on the other hand things-internet gateway ensures that fail safe that internet of things equipment accesses prevents the access of illegality equipment again, therefore will carry out access authentication to internet of things equipment.
Research at present in internet of things equipment plug and play is relatively weak, and the plug and play of internet of things equipment mainly realizes based on the framework of similar UPnP (UPnP) agreement; After internet of things equipment start, configured the wireless channel accessing things-internet gateway and provide by user, the flow process then by carrying out service discovery and service request and response to things-internet gateway realizes access authentication and the discovery of this internet of things equipment.Service discovery mainly internet of things equipment monitors the serviced broadcast message of things-internet gateway, and internet of things equipment also can initiatively to the serviced broadcast information of periphery broadcast self simultaneously; Service request with respond mainly internet of things equipment and carry out service request to gateway, can carry the facility information of self in service request, gateway carries out certification to equipment and responds service request, for internet of things equipment provides gateway service.
Plug and play technique based on similar UPnP framework realizes the main existence two class problem of the access of internet of things equipment: 1) needing user in advance before access is internet of things equipment configuration wireless channel, just by the wireless channel that wireless access authentication access things-internet gateway provides, concerning user, there is use threshold in the authentication information manually arranging wireless access; If but authentication information were not set, then could reduce fail safe; 2) UPnP protocol is as a kind of peering structure agreement, and its agreement and adjoint verification process are for calculate and sensor class internet of things equipment that storage capacity is more weak it is too complicated.
Summary of the invention
The technical problem to be solved in the present invention how to be convenient to the access authentication that internet of things equipment realizes plug and play.
In order to solve the problem, the invention provides a kind of things-internet gateway access authentication method, comprising:
Scan the wireless channel of corresponding access way according to the wireless access way of self after the start of S110, internet of things equipment, select the wireless channel meeting predetermined condition, according to pre-defined rule product network special access pin access selected by wireless channel, attachment networking gateway, uploading device descriptor;
After S120, described things-internet gateway have monitored internet of things equipment connection, block the communication of this internet of things equipment to other equipment or network, certification is carried out according to the device descriptive information that this internet of things equipment is uploaded, as authentication success then allows this internet of things equipment to access, and the data communication of this internet of things equipment open and other equipment or network.
Alternatively, also comprise before described step S110:
Described things-internet gateway configures the wireless channel under the wireless access way supported, use the Internet of Things private radio access mark of predetermined format as the mark of described wireless channel, and be the access pin of described wireless channel according to pre-defined rule product special access pin of networking.
Alternatively, described predetermined condition comprises:
The form of the mark of wireless channel meets predetermined format;
Or the mark of wireless channel is identical with the mark prestored;
Describedly comprise following either type according to the network step of special access pin of pre-defined rule product:
Using presetting cipher corresponding to the form of the mark of described wireless channel as the special access pin of described Internet of Things;
Character on one or more positions predetermined in the mark of selected wireless channel is as the special access pin of described Internet of Things;
In a predefined manner the mark of selected wireless channel is processed, using result as the special access pin of described Internet of Things.
Alternatively, also comprise after described step S120:
If certification is unsuccessful, then the things-internet gateway that the device description generated according to described device descriptive information is pushed to the user terminal bound with this things-internet gateway by described things-internet gateway is applied;
Described things-internet gateway receives described things-internet gateway and applies the configuration information returned according to user operation; If described configuration information instruction allows the access of described internet of things equipment, then the device description of this internet of things equipment is added in local device storehouse, and the data communication of this internet of things equipment open and other equipment or network; If described configuration information instruction does not allow described internet of things equipment to access, then close the connection of this internet of things equipment.
Alternatively, also access rights are comprised in described configuration information; Described access rights comprise the authority of other equipment or this internet of things equipment of access to netwoks, and/or this internet of things equipment accesses the authority of other equipment or network;
The step of the data communication of this internet of things equipment of described opening and other equipment or network comprises:
The data communication of this internet of things equipment and other equipment or network is opened according to the described access rights in described configuration information.
Present invention also offers a kind of things-internet gateway access authentication system, comprising:
Access module, be arranged in internet of things equipment, for scanning the wireless channel of corresponding access way after internet of things equipment start according to the wireless access way of self, select the wireless channel meeting predetermined condition, according to pre-defined rule product network special access pin access selected by wireless channel, attachment networking gateway, uploading device descriptor;
Authentication module, be arranged in described things-internet gateway, for having monitored after internet of things equipment connects described things-internet gateway, block the communication of this internet of things equipment to other equipment or network, certification is carried out according to the device descriptive information that this internet of things equipment is uploaded, as authentication success then allows this internet of things equipment to access, and the data communication of this internet of things equipment open and other equipment or network.
Alternatively, described system also comprises:
Configuration module, be arranged in described things-internet gateway, for configuring the wireless channel under supported wireless access way, use the Internet of Things private radio access mark of predetermined format as the mark of described wireless channel, and be the access pin of described wireless channel according to pre-defined rule product special access pin of networking.
Alternatively, described predetermined condition comprises:
The form of the mark of wireless channel meets predetermined format;
Or the mark of wireless channel is identical with the mark prestored;
Described access module refers to following either type according to pre-defined rule product special access pin of networking:
Described access module is using presetting cipher corresponding to the form of the mark of described wireless channel as the special access pin of described Internet of Things; :
Character on one or more positions that described access module is predetermined in the mark of selected wireless channel is as the special access pin of described Internet of Things;
Described access module processes the mark of selected wireless channel in a predefined manner, using result as the special access pin of described Internet of Things.
Alternatively, described system also comprises:
Control module, for when certification is unsuccessful, the things-internet gateway device description generated according to described device descriptive information being pushed to the user terminal bound with this things-internet gateway is applied; Receive described things-internet gateway and apply the configuration information returned according to user operation; If described configuration information instruction allows the access of described internet of things equipment, then the device description of this internet of things equipment is added in local device storehouse, and the data communication of this internet of things equipment open and other equipment or network; If described configuration information instruction does not allow described internet of things equipment to access, then close the connection of this internet of things equipment.
Alternatively, also access rights are comprised in described configuration information; Described access rights comprise the authority of other equipment or this internet of things equipment of access to netwoks, and/or this internet of things equipment accesses the authority of other equipment or network;
The data communication of described control module this internet of things equipment open and other equipment or network refers to:
Described control module opens the data communication of this internet of things equipment and other equipment or network according to the described access rights in described configuration information.
The solution of the present invention conveniently can realize the access authentication of internet of things equipment plug and play.Use special Internet of Things wireless access mark to facilitate internet of things equipment automatically to carry out wireless access in the program on the one hand, participate in without the need to user; Things-internet gateway intercepts the device descriptive information that internet of things equipment is uploaded on special channeling port on the other hand, the gateway application be pushed to after the device descriptive information intercepted being extracted on user terminal is confirmed the access authentication of the equipment that realizes by user, and by things-internet gateway, the internet of things equipment authenticated is registered according to its facility information and managed, make internet of things equipment only need memory device descriptor, and the management of most of class UPnP protocol can be acted on behalf of by things-internet gateway.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the things-internet gateway access authentication method of embodiment one;
Fig. 2 is the schematic flow sheet in the example of embodiment one.
Embodiment
Below in conjunction with drawings and Examples, technical scheme of the present invention is described in detail.
It should be noted that, if do not conflicted, each feature in the embodiment of the present invention and embodiment can be combined with each other, all within protection scope of the present invention.In addition, although show logical order in flow charts, in some cases, can be different from the step shown or described by order execution herein.
Embodiment one, a kind of things-internet gateway access authentication method, as shown in Figure 1, comprising:
Scan the wireless channel of corresponding access way according to the wireless access way of self after the start of S110, internet of things equipment, select the wireless channel meeting predetermined condition, according to pre-defined rule product network special access pin access selected by wireless channel, attachment networking gateway, uploading device descriptor;
After S120, described things-internet gateway have monitored internet of things equipment connection, block the communication of this internet of things equipment to other equipment or network, certification is carried out according to the device descriptive information that this internet of things equipment is uploaded, as authentication success then allows this internet of things equipment to access, and the data communication of this internet of things equipment open and other equipment or network.
The present embodiment can, under the prerequisite of retention networking gateway access authentication, allow internet of things equipment automatically access things-internet gateway, avoids the operation of user; There particularly do not have the internet of things equipment of input equipment (as keyboard), output equipment (as screen) for some to be especially convenient.
In an embodiment of the present embodiment, described predetermined condition comprises:
The form of the mark of wireless channel meets predetermined format;
Or the mark of wireless channel is identical with the mark prestored;
Describedly comprise following either type according to the network step of special access pin of pre-defined rule product:
Using presetting cipher corresponding to the form of the mark of described wireless channel as the special access pin of described Internet of Things; That is: preset fixed password is adopted according to sign format;
Character on one or more positions predetermined in the mark of selected wireless channel is as the special access pin of described Internet of Things; Such as using mark last 6 as the special access pin of Internet of Things;
In a predefined manner the mark of selected wireless channel is processed, using result as the special access pin of described Internet of Things; Such as by mark in each character conversion be binary number, using transformation result as the special access pin of Internet of Things.
Certainly, also special for described Internet of Things access pin can be pre-stored in internet of things equipment.
When exist multiple meet the wireless network of predetermined condition time, one that can select that wherein signal is the strongest.
In an embodiment of the present embodiment, can also comprise before described step S110:
Described things-internet gateway configures the wireless channel under the wireless access way supported, use the Internet of Things private radio access mark of predetermined format as the mark of described wireless channel, and be the access pin of described wireless channel according to pre-defined rule product special access pin of networking.
The network pre-defined rule of special access pin of things-internet gateway product is identical with the pre-defined rule that described internet of things equipment uses.
Above-mentioned wireless channel can be set to specialize in internet of things equipment and use, hereinafter also referred to as Internet of Things dedicated wireless channel.
In an embodiment of the present embodiment, the step that the described device descriptive information uploaded according to this internet of things equipment carries out certification comprises:
Device description is parsed according to the device descriptive information that this internet of things equipment is uploaded; Described device description comprises the manufacturer of described internet of things equipment, device name and device type;
Described device description is mated with the device description in local device storehouse, if the match is successful for energy, then this internet of things equipment authentication success.
In present embodiment, can also comprise after described step S120:
If certification is unsuccessful, then the things-internet gateway that the device description generated according to described device descriptive information is pushed to the user terminal bound with this things-internet gateway by described things-internet gateway is applied;
Described things-internet gateway receives described things-internet gateway and applies the configuration information returned according to user operation; If described configuration information instruction allows the access of described internet of things equipment, then the device description of this internet of things equipment is added in local device storehouse, and the data communication of this internet of things equipment open and other equipment or network; If described configuration information instruction does not allow described internet of things equipment to access, then close the connection of this internet of things equipment.
In present embodiment, in described configuration information, access rights can also be comprised; Described access rights comprise the authority of other equipment or this internet of things equipment of access to netwoks, and/or this internet of things equipment accesses the authority of other equipment or network;
The step of the data communication of this internet of things equipment of described opening and other equipment or network comprises:
The data communication of this internet of things equipment and other equipment or network is opened according to the described access rights in described configuration information.
Provide the concrete example of a things-internet gateway access authentication below, as shown in Figure 2, process comprises step 201 ~ 208:
201, the wireless access way supported according to himself of things-internet gateway, configure the Internet of Things dedicated wireless channel under the wireless access way supported, the Internet of Things private radio access mark using respective wireless access way corresponding is as the mark of described Internet of Things dedicated wireless channel, and the special access pin of Internet of Things of use correspondence is the access pin of described Internet of Things dedicated wireless channel.
The form of described Internet of Things private radio access mark and the create-rule of the special access pin of Internet of Things can be predetermined, and sign format corresponding to different radio access way, password create-rule can be different, also can be identical.
Then things-internet gateway just can wait for that internet of things equipment connects.
202, after internet of things equipment start, according to the wireless access way of self, what the corresponding signal strength signal intensity of active scan was the highest has the wireless channel (i.e. described Internet of Things dedicated wireless channel) that Internet of Things private radio accesses mark, and use the special access pin of the Internet of Things of respective wireless access way to access this wireless channel, described internet of things equipment and attachment networking gateway after access.
203, after internet of things equipment connects upper things-internet gateway, uploading device descriptor.
204, things-internet gateway has monitored after internet of things equipment connected by Internet of Things dedicated wireless channel, blocks the communication of this internet of things equipment to other equipment or network, and the device descriptive information that monitors networked devices is uploaded.
205, the device descriptive information forming device that things-internet gateway is uploaded according to internet of things equipment describes, by information matches in device description and local device storehouse, as there is match information, this internet of things equipment is then allowed to access, and the data communication of this internet of things equipment open and other equipment or network, otherwise carry out step 206;
206, device description is pushed to the user terminal things-internet gateway bound with this things-internet gateway and applies by things-internet gateway;
207, the propelling movement prompting that user applies according to user terminal things-internet gateway determines whether to allow this internet of things equipment to access, and can arrange the authority of other equipment or this internet of things equipment of access to netwoks, and/or this internet of things equipment accesses the authority of other equipment or network; The selection of user is returned to things-internet gateway by application.
If 208 users allow access, then this internet of things equipment adds in local device storehouse according to device descriptive information by things-internet gateway, carry out facility registration, collocating accessing authority is set according to user, and the data communication of this internet of things equipment open and other equipment or network;
If user does not allow access, then things-internet gateway closes the connection of this internet of things equipment.
The present embodiment is further illustrated below with the example in two embody rule scenes.
(1) WIFI wireless scene
Things-internet gateway A opens WIFI network, and predetermined Internet of Things private radio access mark IoT_WIFI is configured to the SSID (service set) of described WIFI network, in order to safety can hide this SSID.The access pin arranging described WIFI network is the predetermined special access pin of Internet of Things (as IoT_access).
Internet of things equipment B scans WIFI network after starting shooting, and request access SSID is the WIFI network of IoT_WIFI, and the special access pin IoT_access of the Internet of Things utilizing WIFI corresponding is linked in network, things-internet gateway A in connection.
After internet of things equipment B connects, upload its device descriptive information to things-internet gateway A, as XML device description file:
<DeviceDescription>
<DeviceType> temperature sensor </DeviceType>
<DeviceManufactor>XXX</DeviceManufactor>
<DeviceID>12345678</DeviceID>
<DeviceModel>H-113</DeviceModel>
</DeviceDescription>
Internet of things equipment B can upload by realizing device description file to the designated port transmission packet of WIFI gateway ip address.
Things-internet gateway A monitors after internet of things equipment B connects, and obturator networked devices B is to the communication of other non-gateways IP address, and the device descriptive information uploaded of monitors networked devices B on designated ports.The device descriptive information of internet of things equipment B is mated with the facility information in local device storehouse by things-internet gateway A, find the information not having to mate, things-internet gateway A pushes prompting that new equipment accesses and according to the information applying form and push new equipment to the application C bound with this things-internet gateway, as:
" the temperature sensor access that existing producer XXX produces, type is H-113, access? "
After application C on user terminal receives prompting, user puts and confirms to allow this internet of things equipment B (i.e. temperature sensor) to access, and configures air-conditioning type equipment and can access this internet of things equipment B.After things-internet gateway A receives the confirmation of application C, add the information of internet of things equipment B to local device storehouse, and internet of things equipment B is registered (as internet of things equipment B added in the internet of things equipment resource pool of this things-internet gateway management), collocating accessing authority is that air-conditioning type equipment may have access to, and allows internet of things equipment B and other IP address communications.
(2) blue teeth wireless scene
Things-internet gateway A opens bluetooth, and predetermined Internet of Things private radio access mark IoT_Bluetooth_GW is configured to the title of this things-internet gateway, and arranging the adaptive code of access is the predetermined special access pin of Internet of Things (as 123).
After internet of things equipment B starts shooting, scanning bluetooth connects, and finds that name is called the equipment of IoT_Bluetooth_GW, utilizes the special access pin of predetermined Internet of Things 123 to be linked in network as adaptive code, things-internet gateway A in connection.
After internet of things equipment B connects, upload its device descriptive information to things-internet gateway A, as XML device description file:
<DeviceDescription>
<DeviceType> temperature sensor </DeviceType>
<DeviceManufactor>XXX</DeviceManufactor>
<DeviceID>12345678</DeviceID>
<DeviceModel>H-113</DeviceModel>
</DeviceDescription>
Internet of things equipment B can upload by realizing device description file to appointment bluetooth port transmission packet.
After things-internet gateway A monitors internet of things equipment B connection, obturator networked devices B to the communication of other equipment, and is specifying the device descriptive information that in bluetooth port, monitors networked devices B uploads.The device descriptive information of internet of things equipment B is mated with the facility information in local device storehouse by things-internet gateway A, find the information not having to mate, things-internet gateway A pushes prompting that new equipment accesses and according to the information applying form and push new equipment to the application C bound with this things-internet gateway, as:
" the temperature sensor access that existing producer XXX produces, type is H-113, access? "
After application C on user terminal receives prompting, user puts and confirms to allow this internet of things equipment B (i.e. temperature sensor) access.After things-internet gateway A receives the confirmation of application C, add the information of internet of things equipment B to local device storehouse, and internet of things equipment B is registered, as equipment B is added to connection internet of things equipment resource pool in open to related application, and allow internet of things equipment B to communicate.
Embodiment two, a kind of things-internet gateway access authentication system, comprising:
Access module, be arranged in internet of things equipment, for scanning the wireless channel of corresponding access way after internet of things equipment start according to the wireless access way of self, select the wireless channel meeting predetermined condition, according to pre-defined rule product network special access pin access selected by wireless channel, attachment networking gateway, uploading device descriptor;
Authentication module, be arranged in described things-internet gateway, for having monitored after internet of things equipment connects described things-internet gateway, block the communication of this internet of things equipment to other equipment or network, certification is carried out according to the device descriptive information that this internet of things equipment is uploaded, as authentication success then allows this internet of things equipment to access, and the data communication of this internet of things equipment open and other equipment or network.
In an embodiment of the present embodiment, described system can also comprise:
Configuration module, be arranged in described things-internet gateway, for configuring the wireless channel under supported wireless access way, use the Internet of Things private radio access mark of predetermined format as the mark of described wireless channel, and be the access pin of described wireless channel according to pre-defined rule product special access pin of networking.
In an embodiment of the present embodiment, described predetermined condition can comprise:
The form of the mark of wireless channel meets predetermined format;
Or the mark of wireless channel is identical with the mark prestored;
Described access module refers to following either type according to pre-defined rule product special access pin of networking:
Described access module is using presetting cipher corresponding to the form of the mark of described wireless channel as the special access pin of described Internet of Things; :
Character on one or more positions that described access module is predetermined in the mark of selected wireless channel is as the special access pin of described Internet of Things;
Described access module processes the mark of selected wireless channel in a predefined manner, using result as the special access pin of described Internet of Things.
In an embodiment of the present embodiment, described system can also comprise:
Control module, for when certification is unsuccessful, the things-internet gateway device description generated according to described device descriptive information being pushed to the user terminal bound with this things-internet gateway is applied; Receive described things-internet gateway and apply the configuration information returned according to user operation; If described configuration information instruction allows the access of described internet of things equipment, then the device description of this internet of things equipment is added in local device storehouse, and the data communication of this internet of things equipment open and other equipment or network; If described configuration information instruction does not allow described internet of things equipment to access, then close the connection of this internet of things equipment.
In present embodiment, in described configuration information, access rights can also be comprised; Described access rights can comprise the authority of other equipment or this internet of things equipment of access to netwoks, and/or this internet of things equipment accesses the authority of other equipment or network;
The data communication of described control module this internet of things equipment open and other equipment or network specifically can refer to:
Described control module opens the data communication of this internet of things equipment and other equipment or network according to the described access rights in described configuration information.
The all or part of step that one of ordinary skill in the art will appreciate that in said method is carried out instruction related hardware by program and is completed, and described program can be stored in computer-readable recording medium, as read-only memory, disk or CD etc.Alternatively, all or part of step of above-described embodiment also can use one or more integrated circuit to realize.Correspondingly, each module/unit in above-described embodiment can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.The present invention is not restricted to the combination of the hardware and software of any particular form.
Certainly; the present invention also can have other various embodiments; when not deviating from the present invention's spirit and essence thereof; those of ordinary skill in the art are when making various corresponding change and distortion according to the present invention, but these change accordingly and are out of shape the protection range that all should belong to claim of the present invention.
Claims (10)
1. a things-internet gateway access authentication method, comprising:
Scan the wireless channel of corresponding access way according to the wireless access way of self after the start of S110, internet of things equipment, select the wireless channel meeting predetermined condition, according to pre-defined rule product network special access pin access selected by wireless channel, attachment networking gateway, uploading device descriptor;
After S120, described things-internet gateway have monitored internet of things equipment connection, block the communication of this internet of things equipment to other equipment or network, certification is carried out according to the device descriptive information that this internet of things equipment is uploaded, as authentication success then allows this internet of things equipment to access, and the data communication of this internet of things equipment open and other equipment or network.
2. the method for claim 1, is characterized in that, also comprises before described step S110:
Described things-internet gateway configures the wireless channel under the wireless access way supported, use the Internet of Things private radio access mark of predetermined format as the mark of described wireless channel, and be the access pin of described wireless channel according to pre-defined rule product special access pin of networking.
3. method as claimed in claim 1 or 2, it is characterized in that, described predetermined condition comprises:
The form of the mark of wireless channel meets predetermined format;
Or the mark of wireless channel is identical with the mark prestored;
Describedly comprise following either type according to the network step of special access pin of pre-defined rule product:
Using presetting cipher corresponding to the form of the mark of described wireless channel as the special access pin of described Internet of Things;
Character on one or more positions predetermined in the mark of selected wireless channel is as the special access pin of described Internet of Things;
In a predefined manner the mark of selected wireless channel is processed, using result as the special access pin of described Internet of Things.
4. the method for claim 1, is characterized in that, also comprises after described step S120:
If certification is unsuccessful, then the things-internet gateway that the device description generated according to described device descriptive information is pushed to the user terminal bound with this things-internet gateway by described things-internet gateway is applied;
Described things-internet gateway receives described things-internet gateway and applies the configuration information returned according to user operation; If described configuration information instruction allows the access of described internet of things equipment, then the device description of this internet of things equipment is added in local device storehouse, and the data communication of this internet of things equipment open and other equipment or network; If described configuration information instruction does not allow described internet of things equipment to access, then close the connection of this internet of things equipment.
5. method as claimed in claim 4, is characterized in that, also comprise access rights in described configuration information; Described access rights comprise the authority of other equipment or this internet of things equipment of access to netwoks, and/or this internet of things equipment accesses the authority of other equipment or network;
The step of the data communication of this internet of things equipment of described opening and other equipment or network comprises:
The data communication of this internet of things equipment and other equipment or network is opened according to the described access rights in described configuration information.
6. a things-internet gateway access authentication system, is characterized in that, comprising:
Access module, be arranged in internet of things equipment, for scanning the wireless channel of corresponding access way after internet of things equipment start according to the wireless access way of self, select the wireless channel meeting predetermined condition, according to pre-defined rule product network special access pin access selected by wireless channel, attachment networking gateway, uploading device descriptor;
Authentication module, be arranged in described things-internet gateway, for having monitored after internet of things equipment connects described things-internet gateway, block the communication of this internet of things equipment to other equipment or network, certification is carried out according to the device descriptive information that this internet of things equipment is uploaded, as authentication success then allows this internet of things equipment to access, and the data communication of this internet of things equipment open and other equipment or network.
7. system as claimed in claim 6, is characterized in that, also comprise:
Configuration module, be arranged in described things-internet gateway, for configuring the wireless channel under supported wireless access way, use the Internet of Things private radio access mark of predetermined format as the mark of described wireless channel, and be the access pin of described wireless channel according to pre-defined rule product special access pin of networking.
8. system as claimed in claims 6 or 7, it is characterized in that, described predetermined condition comprises:
The form of the mark of wireless channel meets predetermined format;
Or the mark of wireless channel is identical with the mark prestored;
Described access module refers to following either type according to pre-defined rule product special access pin of networking:
Described access module is using presetting cipher corresponding to the form of the mark of described wireless channel as the special access pin of described Internet of Things; :
Character on one or more positions that described access module is predetermined in the mark of selected wireless channel is as the special access pin of described Internet of Things;
Described access module processes the mark of selected wireless channel in a predefined manner, using result as the special access pin of described Internet of Things.
9. system as claimed in claim 6, is characterized in that, also comprise:
Control module, for when certification is unsuccessful, the things-internet gateway device description generated according to described device descriptive information being pushed to the user terminal bound with this things-internet gateway is applied; Receive described things-internet gateway and apply the configuration information returned according to user operation; If described configuration information instruction allows the access of described internet of things equipment, then the device description of this internet of things equipment is added in local device storehouse, and the data communication of this internet of things equipment open and other equipment or network; If described configuration information instruction does not allow described internet of things equipment to access, then close the connection of this internet of things equipment.
10. system as claimed in claim 9, is characterized in that, also comprise access rights in described configuration information; Described access rights comprise the authority of other equipment or this internet of things equipment of access to netwoks, and/or this internet of things equipment accesses the authority of other equipment or network;
The data communication of described control module this internet of things equipment open and other equipment or network refers to:
Described control module opens the data communication of this internet of things equipment and other equipment or network according to the described access rights in described configuration information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510145998.9A CN104717225B (en) | 2015-03-30 | 2015-03-30 | A kind of things-internet gateway access authentication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510145998.9A CN104717225B (en) | 2015-03-30 | 2015-03-30 | A kind of things-internet gateway access authentication method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104717225A true CN104717225A (en) | 2015-06-17 |
| CN104717225B CN104717225B (en) | 2018-04-27 |
Family
ID=53416186
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510145998.9A Active CN104717225B (en) | 2015-03-30 | 2015-03-30 | A kind of things-internet gateway access authentication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104717225B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105451301A (en) * | 2015-11-11 | 2016-03-30 | 中国联合网络通信集团有限公司 | Wearable device gateway networking method and gateway management platform |
| CN105578470A (en) * | 2016-02-29 | 2016-05-11 | 华为技术有限公司 | Method for accessing to network by device of internet of things, device and system |
| CN105812380A (en) * | 2016-04-26 | 2016-07-27 | 北京小米移动软件有限公司 | Verification method and device |
| CN106790569A (en) * | 2016-12-27 | 2017-05-31 | 安徽微慧公用通卡运营管理有限公司 | A kind of implementation method of the terminal device plug and play based on platform of internet of things |
| CN108234405A (en) * | 2016-12-15 | 2018-06-29 | 上海仪电(集团)有限公司中央研究院 | A kind of terminal device automatic identification authentication method based on intelligent gateway |
| CN109040261A (en) * | 2018-08-10 | 2018-12-18 | 南京熊猫电子制造有限公司 | A kind of the Internet of Things management platform and management method of intelligent refrigerator |
| CN109040035A (en) * | 2018-07-19 | 2018-12-18 | 江苏亨通智能物联系统有限公司 | Quantum converged communication gateway |
| CN110474995A (en) * | 2019-09-17 | 2019-11-19 | 广东腾宇光讯网络科技有限公司 | A kind of Intelligent internet of things gateway based on IPV6 |
| CN111869252A (en) * | 2018-03-22 | 2020-10-30 | 西门子瑞士有限公司 | Method and system for authorizing communication of network nodes |
| CN111865592A (en) * | 2020-09-21 | 2020-10-30 | 四川科锐得电力通信技术有限公司 | Internet of things equipment fast access method and device, Internet of things platform and storage medium |
| CN112543457A (en) * | 2020-11-23 | 2021-03-23 | 广州技象科技有限公司 | Gateway switching binding method and device for terminal of Internet of things |
| CN112769768A (en) * | 2020-12-23 | 2021-05-07 | 广州技象科技有限公司 | Internet of things terminal authentication method, device, equipment and storage medium |
| US11695740B2 (en) | 2018-04-11 | 2023-07-04 | Huawei Cloud Computing Technologies Co., Ltd. | Anonymization method and apparatus, device, and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102325322A (en) * | 2011-05-18 | 2012-01-18 | 西安电子科技大学 | Multi-way access gateway device supporting wireless network and certification method |
| CN102883320A (en) * | 2012-09-18 | 2013-01-16 | 东莞宇龙通信科技有限公司 | WiFi (Wireless Fidelity) authentication method and system thereof |
| WO2013178174A1 (en) * | 2012-11-12 | 2013-12-05 | 中兴通讯股份有限公司 | Capability open platform, method and gateway for achieving terminal device plug and play management |
| CN103987042A (en) * | 2014-05-08 | 2014-08-13 | 中国联合网络通信集团有限公司 | Access authentication method of terminals and access gateway |
| CN104144522A (en) * | 2013-05-09 | 2014-11-12 | 杭州古北电子科技有限公司 | Method for directly connecting WIFI devices with WIFI router without configuration |
-
2015
- 2015-03-30 CN CN201510145998.9A patent/CN104717225B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102325322A (en) * | 2011-05-18 | 2012-01-18 | 西安电子科技大学 | Multi-way access gateway device supporting wireless network and certification method |
| CN102883320A (en) * | 2012-09-18 | 2013-01-16 | 东莞宇龙通信科技有限公司 | WiFi (Wireless Fidelity) authentication method and system thereof |
| WO2013178174A1 (en) * | 2012-11-12 | 2013-12-05 | 中兴通讯股份有限公司 | Capability open platform, method and gateway for achieving terminal device plug and play management |
| CN104144522A (en) * | 2013-05-09 | 2014-11-12 | 杭州古北电子科技有限公司 | Method for directly connecting WIFI devices with WIFI router without configuration |
| CN103987042A (en) * | 2014-05-08 | 2014-08-13 | 中国联合网络通信集团有限公司 | Access authentication method of terminals and access gateway |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105451301B (en) * | 2015-11-11 | 2019-03-19 | 中国联合网络通信集团有限公司 | Wearable device gateway networking method and gateway management platform |
| CN105451301A (en) * | 2015-11-11 | 2016-03-30 | 中国联合网络通信集团有限公司 | Wearable device gateway networking method and gateway management platform |
| CN105578470A (en) * | 2016-02-29 | 2016-05-11 | 华为技术有限公司 | Method for accessing to network by device of internet of things, device and system |
| US10785216B2 (en) | 2016-02-29 | 2020-09-22 | Huawei Technologies Co., Ltd. | Method for accessing network by internet of things device, apparatus, and system |
| WO2017148308A1 (en) * | 2016-02-29 | 2017-09-08 | 华为技术有限公司 | Method, apparatus and system for accessing network by internet-of-things device |
| CN105812380A (en) * | 2016-04-26 | 2016-07-27 | 北京小米移动软件有限公司 | Verification method and device |
| CN108234405A (en) * | 2016-12-15 | 2018-06-29 | 上海仪电(集团)有限公司中央研究院 | A kind of terminal device automatic identification authentication method based on intelligent gateway |
| CN106790569A (en) * | 2016-12-27 | 2017-05-31 | 安徽微慧公用通卡运营管理有限公司 | A kind of implementation method of the terminal device plug and play based on platform of internet of things |
| CN106790569B (en) * | 2016-12-27 | 2019-12-13 | 安徽微慧公用通卡运营管理有限公司 | method for realizing plug and play of terminal equipment based on Internet of things platform |
| CN111869252A (en) * | 2018-03-22 | 2020-10-30 | 西门子瑞士有限公司 | Method and system for authorizing communication of network nodes |
| US12028708B2 (en) | 2018-03-22 | 2024-07-02 | Siemens Schweiz Ag | Method and system for authorizing the communication of a network node |
| US11695740B2 (en) | 2018-04-11 | 2023-07-04 | Huawei Cloud Computing Technologies Co., Ltd. | Anonymization method and apparatus, device, and storage medium |
| CN109040035B (en) * | 2018-07-19 | 2019-03-15 | 江苏亨通智能物联系统有限公司 | Quantum converged communication gateway |
| CN109040035A (en) * | 2018-07-19 | 2018-12-18 | 江苏亨通智能物联系统有限公司 | Quantum converged communication gateway |
| CN109040261A (en) * | 2018-08-10 | 2018-12-18 | 南京熊猫电子制造有限公司 | A kind of the Internet of Things management platform and management method of intelligent refrigerator |
| CN110474995A (en) * | 2019-09-17 | 2019-11-19 | 广东腾宇光讯网络科技有限公司 | A kind of Intelligent internet of things gateway based on IPV6 |
| CN111865592A (en) * | 2020-09-21 | 2020-10-30 | 四川科锐得电力通信技术有限公司 | Internet of things equipment fast access method and device, Internet of things platform and storage medium |
| CN112543457B (en) * | 2020-11-23 | 2021-09-03 | 广州技象科技有限公司 | Gateway switching binding method and device for terminal of Internet of things |
| CN112543457A (en) * | 2020-11-23 | 2021-03-23 | 广州技象科技有限公司 | Gateway switching binding method and device for terminal of Internet of things |
| CN112769768A (en) * | 2020-12-23 | 2021-05-07 | 广州技象科技有限公司 | Internet of things terminal authentication method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104717225B (en) | 2018-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104717225A (en) | Internet of Things gateway access authentication method and system | |
| US10749749B2 (en) | Automatic configuration of a wireless residential access network | |
| JP5040087B2 (en) | Wireless communication network security setting method, security setting program, and wireless communication network system | |
| CN102137395B (en) | Method, device and system for configuring access device | |
| US9351158B2 (en) | Method for wireless easy connect | |
| US8261341B2 (en) | UPnP VPN gateway configuration service | |
| CN110050454B (en) | Wireless network device, wireless device, method, server, and storage medium | |
| EP2406975B1 (en) | Setup and configuration of relay nodes | |
| WO2020098253A1 (en) | Network access method and apparatus, related devices, and storage medium | |
| US8036183B2 (en) | Method and system for transporting configuration protocol messages across a distribution system (DS) in a wireless local area network (WLAN) | |
| CN106656547B (en) | Method and device for updating network configuration of household electrical appliance | |
| KR20050116820A (en) | Automatic configuration of client terminal in public hot spot | |
| EP2291017B1 (en) | Method for network connection | |
| EP2387264A1 (en) | Wireless Range Extender | |
| CN104105096B (en) | A kind of radio switch-in method of IPC equipment | |
| CN110650070A (en) | Household appliance network configuration method and WiFi module | |
| CN104144463A (en) | Wi-fi network access method and system | |
| US9032051B2 (en) | Automatic differentiation of setup type in router setup application | |
| US11818575B2 (en) | Systems and methods for virtual personal Wi-Fi network | |
| US8312151B2 (en) | Communication systems and methods for dynamic and secure simplification of equipment networking | |
| CN108601093B (en) | Wireless communication method and system | |
| CN108023780B (en) | Gateway setting method and system of convergence terminal and convergence terminal | |
| US20240008117A1 (en) | Dual-connection device enabling service advertisement and discovery of services between networks, user device and system | |
| US11075881B2 (en) | Proxy between wireless local area network infrastructures | |
| CN108834141A (en) | A kind of novel things-internet gateway access authentication method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |