CN105791272A - Method and device for secure communication in Internet of Things - Google Patents
Method and device for secure communication in Internet of Things Download PDFInfo
- Publication number
- CN105791272A CN105791272A CN201610098818.0A CN201610098818A CN105791272A CN 105791272 A CN105791272 A CN 105791272A CN 201610098818 A CN201610098818 A CN 201610098818A CN 105791272 A CN105791272 A CN 105791272A
- Authority
- CN
- China
- Prior art keywords
- equipment
- digital certificate
- legal
- internet
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a method and a device for secure communication in Internet of Things. For communication between devices of any two parties, namely a first device and a second device, in the Internet of Things with interconnected devices of three parties, namely a cloud platform, an intelligent device and a mobile terminal, the first device executes the following steps of carrying out identity validity judgement with the second device through a method for verifying a digital signature of a digital certificate; and communicating with the second device when the first device and the second device both successfully pass through the identity validity judgement. Through adopting the method for verifying the digital certificate to carry out identity authentication on various interconnected intelligent devices in the Internet of Things, and the security control of bidirectional authentication is realized in a process for communication between the intelligent devices, so that the security risks that the devices are counterfeit and the opposite terminal is forged are effectively prevented and the communication security of the intelligent device is guaranteed. After identity authentication, the encrypted communication is carried out, so that the hacking risk is effectively prevented and the communication security is more completely guaranteed.
Description
Technical field
The present invention relates to intelligent things technical field, particularly relate to the safety communicating method in a kind of Internet of Things and device.
Background technology
Smart machine (intelligentdevice) refers to any have the equipment of computing ability, apparatus or machine.When computer technology becomes increasingly advanced, time more and more cheap, it becomes possible to construct various types of equipment, except PC and palm PC, also have many smart machines, including medical device, geology equipment and home appliances etc..
Smart machine is generally configured with connecting the function of network, and the corresponding application program that can pass through to install on the mobile terminal such as smart mobile phone or panel computer carries out inquiring about, binds and management etc. operates.
Digital certificate is a kind of authoritative electronic document, the third-party institution just by authority, the certificate that namely CA (CertificateAuthority, certificate granting) center is signed and issued.The encryption technology being core with digital certificate, such as: the safe practices etc. such as encrypted transmission, digital signature, digital envelope, the information of transmission over networks can be encrypted and decrypted, digital signature and signature verification, it is ensured that the non repudiation of the online transmission confidentiality of information, integrity and transaction.Employ digital certificate, even if the information sent is intercepted and captured by other people on the net, even lost the information such as the account of individual and password, still can ensure that the safety of information system.
During existing technology realizes, smart machine is to cloud server and the mobile terminal being provided with application program, mainly through conventional authentication modes such as username and passwords, the access of equipment is verified and security control, verify the identity of smart machine end, thus the attack pattern for equipment personation class provides opportunity.At present, the binding between smart machine and the application program on mobile terminal lacks the controling mechanism of necessity, and smart machine does not have mechanism and the technological means of authentication, it is easy to counterfeiting thus causing the safety problem such as information leakage and unauthorized access.
Summary of the invention
The technical problem to be solved in the present invention is to provide the safety communicating method in a kind of Internet of Things and device, effectively prevents the security risks such as equipment personation.
The technical solution used in the present invention is, safety communicating method in described Internet of Things, in the Internet of Things comprising cloud platform, smart machine and mobile terminal tripartite's devices interconnect, for the communication carried out between any two method, apparatus, if any two method, apparatus are the first equipment and the second equipment, the step that the first equipment performs includes:
By verifying the mode of the digital signature of digital certificate, carry out mutually the validity judgement of identity with the second equipment;
When the first equipment and the second equipment all successfully pass identity legitimacy judge time, communicate with the second equipment.
Further, as the optional technical scheme of one, by verifying the mode of the digital signature of digital certificate, carry out mutually the validity judgement of identity with the second equipment, including:
With the second respective digital certificate of devices exchange, whether the digital signature for the digital certificate of second device authentication the first equipment is legal, and,
Whether the digital signature of the digital certificate of first device authentication the second equipment is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judges that the second equipment can not be judged by identity legitimacy.
Further, as the optional technical scheme of another kind, by verifying the mode of the digital signature of digital certificate, carry out mutually the validity judgement of identity with the second equipment, including:
With the second respective digital certificate of devices exchange, whether legal for the digital signature of digital certificate of second device authentication the first equipment and the attribute of digital certificate, and,
Whether the digital signature of the digital certificate of first device authentication the second equipment and the attribute of digital certificate be legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judges that the second equipment can not be judged by identity legitimacy.
Further, whether the digital signature of the digital certificate of first device authentication the second equipment is legal, including:
After first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in the data certificate of the second equipment is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
Further, communicate with the second equipment, including:
Adopt cipher mode set in advance or the cipher mode determined with the second equipment negotiation, communicate with the second equipment.
Further, consult to determine the process of cipher mode with the second equipment, including:
After the first equipment and the second equipment all successfully pass identity legitimacy judgement, consult to determine cipher mode with the second equipment;Wherein, adopting rivest, shamir, adelman to encrypt and decrypt message mutual in this negotiations process, the cipher mode consulting to determine includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
The present invention also provides for the secure communication device in a kind of Internet of Things, in the Internet of Things comprising cloud platform, smart machine and mobile terminal tripartite's devices interconnect, described device is arranged in either one equipment, for the communication carried out between any two method, apparatus, if any two method, apparatus are the first equipment and the second equipment, the described device in the first equipment includes:
Judge module, for the mode of the digital signature by verifying digital certificate, carries out mutually the validity judgement of identity with the second equipment;
Communication module, for when the first equipment and the second equipment all successfully pass identity legitimacy judge time, communicate with the second equipment.
Further, as the optional technical scheme of one, described judge module, it is used for:
With the second respective digital certificate of devices exchange, whether the digital signature for the digital certificate of the second device authentication local device is legal, and,
Verify that at the first equipment side whether the digital signature of the digital certificate of the second equipment is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judge that the second equipment can not be judged by identity legitimacy.
Further, as the optional technical scheme of another kind, described judge module, it is used for:
With the second respective digital certificate of devices exchange, whether legal for the digital signature of digital certificate of the second device authentication local device and the attribute of digital certificate, and,
Verify that at the first equipment side whether the attribute of the digital signature of the digital certificate of the second equipment and digital certificate is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judge that the second equipment can not be judged by identity legitimacy.
Further, described judge module, it is used for:
After the first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in the data certificate of the second equipment is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
Further, described communication module, it is used for:
Adopt cipher mode set in advance or the cipher mode determined with the second equipment negotiation, communicate with the second equipment.
Further, when adopting and the second equipment consults to determine that cipher mode and the second equipment communicate, described communication module, it is additionally operable to:
After the first equipment and the second equipment all successfully pass identity legitimacy judgement, consult to determine cipher mode with the second equipment;Wherein, adopting rivest, shamir, adelman to encrypt and decrypt message mutual in this negotiations process, the cipher mode consulting to determine includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
Adopting technique scheme, the present invention at least has the advantage that
Safety communicating method in Internet of Things of the present invention and device, by adopting the mode of checking digital certificate that the various smart machines of interconnection in Internet of Things are carried out authentication, communication process between smart machine realizes the security control of two-way authentication, effectively prevent that equipment is counterfeiting and the security risk such as opposite end forgery, it is ensured that the communications security of smart machine.By carrying out coded communication after authentication, effectively preventing eavesdropping risk, more perfect has ensured communication security.
Accompanying drawing explanation
Fig. 1 is the safety communicating method flow chart in the Internet of Things of first embodiment of the invention;
Fig. 2 is the secure communication device composition structural representation in the Internet of Things of fourth embodiment of the invention;
Fig. 3 is the connection schematic diagram of eighth embodiment of the invention smart machine and mobile terminal;
Fig. 4 is based on digital certificate and carries out the schematic diagram of bidirectional identity authentication when being and communicate between two in the smart machine of eighth embodiment of the invention, cloud server, mobile terminal.
Detailed description of the invention
For further setting forth that the present invention reaches technological means and effect that predetermined purpose is taked, below in conjunction with accompanying drawing and preferred embodiment, the present invention is described in detail as after.
First introduce the operation principle of the digital signature of checking digital certificate:
In embodiments of the present invention, smart machine, the digital certificate that cloud platform and the mobile terminal being provided with application A PP use all is signed and issued by same CA center, smart machine has digital certificate and the module certificate of a PKI and a smart machine, cloud platform possesses digital certificate and the server certificate of a PKI and a cloud platform, mobile terminal possesses digital certificate and the user certificate of a PKI and a mobile terminal, smart machine, cloud platform is all identical with the PKI possessed in mobile terminal, also referred to as enterprise's root certificate, it is all that same CA center is signed and issued and is set in advance in the said equipment.
Therefore, adopt the digital signature of digital certificate as checking foundation.nullDigital certificate comprises digital signature,Carried out asymmetric encryption by the CA center private key digital certificate to processing through hash algorithm to obtain digital signature and invest after this digital certificate,The digital certificate that CA center is each equipment making is configured in corresponding equipment,For smart machine、Communicating of cloud platform two kinds of equipment room any with in mobile terminal,If two kinds of equipment respectively device A and equipment B,When the digital certificate of oneself is sent to equipment B by device A,Equipment B is when verifying this digital certificate legitimacy,Enterprise's root certificate and PKI is used digital signature to be decrypted and obtains the first fingerprint value,Again the digital signature in data certificate is carried out hash algorithm process and obtain the second fingerprint value,First fingerprint value and the second fingerprint value are compared,If it is equal,Then think that the digital certificate that device A is sent is legal,Thus confirming the legitimacy of device A identity.
The public private key pair Shi You CA center that the preceding paragraph is mentioned generates when creating digital certificate.Private key only uses in the heart in CA, is used for generating digital signature, PKI and enterprise's root certificate and is then distributed in each smart machine, carries out asymmetric deciphering for the smart machine digital certificate to receiving.
Follow-up, after device A and equipment B both sides are each through the legitimate verification of identity, if determining a symmetrical AES and communication key through consultation, then can use the public private key pair of device A and the public private key pair of equipment B that the message related in negotiations process is encrypted and decrypted, to ensure the safety of communication.Now, the public private key pair of device A is identical with the usage of the public private key pair of equipment B, the message consulted is sent to equipment B for device A, the private key of device A device A is sent to equipment B after the message sent is encrypted, the message received is decrypted by the PKI of equipment B device A, and vice versa.And the PKI of the device A having in equipment B is to obtain from the digital certificate that device A is sent, the PKI of the equipment B having in device A is to obtain from the equipment B digital certificate sent.In a word, in rivest, shamir, adelman, only local terminal has the private key of local terminal, and the PKI of local terminal is distributed to opposite end.
The process that realizes of method and rivest, shamir, adelman itself owing to how to verify digital signature is techniques known, in the secure communication that the embodiment of the present invention is applied in Internet of Things between each equipment, but the method and rivest, shamir, adelman itself for verifying digital signature is not repeating.
First embodiment of the invention, a kind of safety communicating method in Internet of Things, in the Internet of Things comprising cloud platform, smart machine and mobile terminal tripartite's devices interconnect, as shown in Figure 1, for the communication carried out between any two method, apparatus, if any two method, apparatus are the first equipment and the second equipment, the step that the first equipment performs includes:
Step S101, by verifying the mode of the digital signature of digital certificate, carries out mutually the validity judgement of identity with the second equipment;Wherein, the digital certificate of described three method, apparatus and corresponding digital signature are all signed and issued by same CA center.
Concrete, step S101, including:
With the second respective digital certificate of devices exchange, whether the digital signature for the digital certificate of second device authentication the first equipment is legal, and,
Whether the digital signature of the digital certificate of first device authentication the second equipment is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judges that the second equipment can not be judged by identity legitimacy.
Further, whether the digital signature of the digital certificate of described first device authentication the second equipment is legal, including:
After first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in data certificate is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
Step S102, when the first equipment and the second equipment all successfully pass identity legitimacy judge time, communicate with the second equipment.
Concrete, in step s 102, communicate with the second equipment, including:
Cipher mode set in advance and the second equipment is adopted to communicate.Cipher mode set in advance includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
" first " and " second " mentioned in the embodiment of the present invention is served only for distinguishing different types of equipment, in the above-mentioned technical scheme described with the angle of the first equipment, second equipment except carry out with the first equipment corresponding mutual except, second equipment also possesses the function identical with the first equipment under same demand, interact accordingly it is also possible to the angle of the second equipment describes technique scheme with the first equipment.
Second embodiment of the invention, the safety communicating method in a kind of Internet of Things, described in the present embodiment, method is roughly the same with first embodiment, is distinctive in that, the step S101 of the present embodiment specifically includes:
With the second respective digital certificate of devices exchange, whether legal for the digital signature of digital certificate of second device authentication the first equipment and the attribute of digital certificate, and,
Whether the digital signature of the digital certificate of first device authentication the second equipment and the attribute of digital certificate be legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judges that the second equipment can not be judged by identity legitimacy.
Further, whether the digital signature of the digital certificate of described first device authentication the second equipment is legal, including:
After first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in data certificate is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
The attribute of this digital certificate can be domain name, tissue, country, PKI etc., and whether whether the attribute of checking digital certificate is legal can be check the form of above-mentioned attribute legal.
Third embodiment of the invention, the safety communicating method in a kind of Internet of Things, described in the present embodiment, method is roughly the same with first embodiment, is distinctive in that, the described method of the present embodiment in step s 102, communicates with counterpart device, including:
Adopt the cipher mode determined with the second equipment negotiation, communicate with the second equipment.
Concrete, consult to determine the process of cipher mode with the second equipment, including:
After the first equipment and the second equipment all successfully pass identity legitimacy judgement, consult to determine cipher mode with the second equipment;Wherein, adopting rivest, shamir, adelman to encrypt and decrypt message mutual in this negotiations process, the cipher mode consulting to determine includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
Further, rivest, shamir, adelman is adopted to encrypt and decrypt message mutual in this negotiations process, including:
First equipment is sent to the second equipment after the message sent being encrypted with the private key of the second equipment, and the message received is decrypted by the second equipment PKI of the first equipment, and vice versa.And the PKI of the first equipment having in the second equipment is to obtain from the digital certificate that the first equipment is sent, the PKI of the second equipment having in the first equipment is to obtain from the digital certificate that the second equipment is sent.
Fourth embodiment of the invention, corresponding with first embodiment, the present embodiment introduces the secure communication device in a kind of Internet of Things, in the Internet of Things comprising cloud platform, smart machine and mobile terminal tripartite's devices interconnect, described device is arranged in either one equipment, as in figure 2 it is shown, for the communication carried out between any two method, apparatus, if any two method, apparatus are the first equipment and the second equipment, the described device in the first equipment includes consisting of part:
1) judge module 201, for the mode of the digital signature by verifying digital certificate, carry out mutually the validity judgement of identity with the second equipment;Wherein, the digital certificate of described three method, apparatus and corresponding digital signature are all signed and issued by same CA center.
Concrete, it is judged that module 201 is used for:
With the second respective digital certificate of devices exchange, whether the digital signature for the digital certificate of the second device authentication local device is legal, and,
Verify that at the first equipment side whether the digital signature of the digital certificate of the second equipment is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judge that the second equipment can not be judged by identity legitimacy.
Further, it is judged that module 201, it is used for:
After the first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in data certificate is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
2) communication module 202, for when the first equipment and the second equipment all successfully pass identity legitimacy judge time, communicate with the second equipment.
Concrete, communication module 202 is used for:
Adopt cipher mode set in advance, communicate with the second equipment.Cipher mode set in advance includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
Fifth embodiment of the invention, the secure communication device introduced in a kind of Internet of Things corresponding with the second embodiment, device described in the present embodiment and the 4th embodiment are roughly the same, are distinctive in that, it is judged that module 202 specifically for:
With the second respective digital certificate of devices exchange, whether legal for the digital signature of digital certificate of the second device authentication local device and the attribute of digital certificate, and,
Verify that at the first equipment side whether the attribute of the digital signature of the digital certificate of the second equipment and digital certificate is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judge that the second equipment can not be judged by identity legitimacy.
Further, it is judged that module 201, it is used for:
After the first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in data certificate is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
Further, the attribute of this digital certificate can be domain name, tissue, country, PKI etc., and whether whether the attribute of checking digital certificate is legal can be check the form of above-mentioned attribute legal.
Sixth embodiment of the invention, the secure communication device introduced in a kind of Internet of Things corresponding with the 3rd embodiment, method described in the present embodiment is roughly the same with the 4th embodiment, it is distinctive in that, communication module 202 in the described device of the present embodiment, when adopting and the second equipment consults to determine that cipher mode and the second equipment communicate, communication module 202, it is additionally operable to:
After the first equipment and the second equipment all successfully pass identity legitimacy judgement, consult to determine cipher mode with the second equipment;Wherein, adopting rivest, shamir, adelman to encrypt and decrypt message mutual in this negotiations process, the cipher mode consulting to determine includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
Seventh embodiment of the invention, a kind of equipment, can understanding as entity apparatus, described equipment is one of any in cloud platform, smart machine and mobile terminal, and described equipment includes the secure communication device in the Internet of Things described in the 3rd embodiment or the 4th embodiment.
Eighth embodiment of the invention, the present embodiment is on the basis of above-described embodiment, for the communication between smart machine and mobile terminal, introduces the application example of a present invention in conjunction with accompanying drawing 3~4.
The connection of the mobile terminal of application program and smart machine is installed as shown in Figure 3, set up between mobile terminal with smart machine and need to intercourse respective digital certificate before communicating, next step communication just can be carried out after each using the identity legitimacy of built-in enterprise root certification authentication the other side respectively, if authentication failed, terminating session at once, concrete interaction flow is as follows:
Step 1, mobile terminal sends a connection request to smart machine;Authentication and the function of communication in the present embodiment are actually the function in the application program in mobile terminal.
Step 2, the module certificate of oneself and the digital signature of correspondence are sent to mobile terminal based on this connection request by smart machine;
Step 3, the digital signature of module certificate is verified by mobile terminal, if by verifying, then performs step 4, otherwise terminates accessing;
Concrete, mobile terminal with smart machine is provided with identical enterprise's root certificate that same CA center is signed and issued, this enterprise's root certificate is similar to the effect of PKI, for verifying the digital signature that the other side sends.
Step 4, the form of the attributes such as the PKI of the domain name of the mobile terminal in module certificate and mobile terminal is tested by mobile terminal, if by checking, then judges that the identity of this smart machine is legal, smart machine carries out response, otherwise terminate accessing;
Step 5, the digital signature of the smart machine user certificate to acquisition for mobile terminal mobile terminal and correspondence, the digital signature of user certificate and the attribute of user certificate are verified by smart machine, if by verifying, from user certificate, then obtain the PKI of mobile terminal, otherwise refuse to connect;
Step 6, the title of all communication symmetric cryptography schemes that oneself be can be supported by by mobile terminal informs that these titles can be sent to intelligent terminal after being encrypted with the PKI of the smart machine that mobile terminal obtains from module certificate to smart machine;
Step 7, the private key of intelligent terminal's local terminal obtains the title of all communication symmetric cryptography schemes that dynamic terminal can be supported by after the data received are decrypted, and therefrom select the cryptography scheme that a kind of level of encryption is the highest, after the public key encryption of the title mobile terminal of selected cryptography scheme, it is sent to mobile terminal;
Step 8, mobile terminal selects a communication key for this selected cryptography scheme, by this communication key with being sent to intelligent terminal after the public key encryption of intelligent terminal;
Step 9, the private key of intelligent terminal's data acquisition local terminal to receiving obtains this communication key after being decrypted;
Step 10, between intelligent terminal and mobile terminal, the message involved by ensuing communication all adopts this selected cryptography scheme and this communication key to interact.
Based on the embodiment of the present invention, it is seen that technical scheme comprises following technical essential:
1, mobile terminal and smart machine must do bidirectional identity authentication before communicating work.
2, the digital certificate of both sides is signed and issued by same CA center, confirms that the other side's identity is legal particular by the digital signature in checking digital certificate, if finding, namely illegal request terminates communication process.
3, such scheme is extended, for comprising the Internet of Things of cloud server (i.e. cloud platform in preceding embodiment), it is required for carrying out the bidirectional identity authentication based on digital certificate when smart machine and cloud server communication, smart machine and communication of mobile terminal and cloud server and communication of mobile terminal, as shown in Figure 4.
4, after bidirectional identity authentication passes through, both sides communicate the negotiation of cryptography scheme by the mode of asymmetric encryption.
Safety communicating method in the described Internet of Things of the embodiment of the present invention, device and equipment, by adopting the mode of checking digital certificate that the various smart machines of interconnection in Internet of Things are carried out authentication, communication process between smart machine realizes the security control of two-way authentication, effectively prevent that equipment is counterfeiting and the security risk such as opposite end forgery, it is ensured that the communications security of smart machine.By carrying out coded communication after authentication, effectively preventing eavesdropping risk, more perfect has ensured communication security.
By the explanation of detailed description of the invention, it should can be reach technological means that predetermined purpose takes and effect is able to more deeply and concrete understanding to the present invention, however appended diagram be only to provide with reference to and purposes of discussion, be not used for the present invention is any limitation as.
Claims (12)
1. the safety communicating method in an Internet of Things, it is characterized in that, in the Internet of Things comprising cloud platform, smart machine and mobile terminal tripartite's devices interconnect, for the communication carried out between any two method, apparatus, if any two method, apparatus are the first equipment and the second equipment, the step that the first equipment performs includes:
By verifying the mode of the digital signature of digital certificate, carry out mutually the validity judgement of identity with the second equipment;
When the first equipment and the second equipment all successfully pass identity legitimacy judge time, communicate with the second equipment.
2. the safety communicating method in Internet of Things according to claim 1, it is characterised in that by verifying the mode of the digital signature of digital certificate, carry out mutually the validity judgement of identity with the second equipment, including:
With the second respective digital certificate of devices exchange, whether the digital signature for the digital certificate of second device authentication the first equipment is legal, and,
Whether the digital signature of the digital certificate of first device authentication the second equipment is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judges that the second equipment can not be judged by identity legitimacy.
3. the safety communicating method in Internet of Things according to claim 1, it is characterised in that by verifying the mode of the digital signature of digital certificate, carry out mutually the validity judgement of identity with the second equipment, including:
With the second respective digital certificate of devices exchange, whether legal for the digital signature of digital certificate of second device authentication the first equipment and the attribute of digital certificate, and,
Whether the digital signature of the digital certificate of first device authentication the second equipment and the attribute of digital certificate be legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judges that the second equipment can not be judged by identity legitimacy.
4. the safety communicating method in the Internet of Things according to Claims 2 or 3, it is characterised in that whether the digital signature of the digital certificate of first device authentication the second equipment is legal, including:
After first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in the data certificate of the second equipment is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
5. the safety communicating method in Internet of Things according to claim 1, it is characterised in that communicate with the second equipment, including:
Adopt cipher mode set in advance or the cipher mode determined with the second equipment negotiation, communicate with the second equipment.
6. the safety communicating method in Internet of Things according to claim 5, it is characterised in that consult to determine the process of cipher mode with the second equipment, including:
After the first equipment and the second equipment all successfully pass identity legitimacy judgement, consult to determine cipher mode with the second equipment;Wherein, adopting rivest, shamir, adelman to encrypt and decrypt message mutual in this negotiations process, the cipher mode consulting to determine includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
7. the secure communication device in an Internet of Things, it is characterized in that, in the Internet of Things comprising cloud platform, smart machine and mobile terminal tripartite's devices interconnect, described device is arranged in either one equipment, for the communication carried out between any two method, apparatus, if any two method, apparatus are the first equipment and the second equipment, the described device in the first equipment includes:
Judge module, for the mode of the digital signature by verifying digital certificate, carries out mutually the validity judgement of identity with the second equipment;
Communication module, for when the first equipment and the second equipment all successfully pass identity legitimacy judge time, communicate with the second equipment.
8. the secure communication device in Internet of Things according to claim 7, it is characterised in that described judge module, is used for:
With the second respective digital certificate of devices exchange, whether the digital signature for the digital certificate of the second device authentication local device is legal, and,
Verify that at the first equipment side whether the digital signature of the digital certificate of the second equipment is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judge that the second equipment can not be judged by identity legitimacy.
9. the secure communication device in Internet of Things according to claim 7, it is characterised in that described judge module, is used for:
With the second respective digital certificate of devices exchange, whether legal for the digital signature of digital certificate of the second device authentication local device and the attribute of digital certificate, and,
Verify that at the first equipment side whether the attribute of the digital signature of the digital certificate of the second equipment and digital certificate is legal, if legal, then judge that the second equipment successfully passes identity legitimacy and judges, otherwise judge that the second equipment can not be judged by identity legitimacy.
10. the safety communicating method in Internet of Things according to claim 8 or claim 9, it is characterised in that described judge module, is used for:
After the first equipment receives the digital certificate of the second equipment, adopt enterprise's root certificate that the digital signature of the digital certificate of the second equipment is decrypted and obtain the first fingerprint value, again the digital signature in the data certificate of the second equipment is carried out hash algorithm process and obtain the second fingerprint value, first fingerprint value and the second fingerprint value are compared, if it is equal, then think that the digital certificate of the second equipment is legal, if unequal, then it is assumed that the digital certificate of the second equipment would not be legal.
11. the secure communication device in Internet of Things according to claim 7, it is characterised in that described communication module, it is used for:
Adopt cipher mode set in advance or the cipher mode determined with the second equipment negotiation, communicate with the second equipment.
12. the secure communication device in Internet of Things according to claim 11, it is characterised in that when adopting and the second equipment consults to determine that cipher mode and the second equipment communicate, described communication module, it is additionally operable to:
After the first equipment and the second equipment all successfully pass identity legitimacy judgement, consult to determine cipher mode with the second equipment;Wherein, adopting rivest, shamir, adelman to encrypt and decrypt message mutual in this negotiations process, the cipher mode consulting to determine includes: a symmetric encipherment algorithm that the first equipment and the second equipment are all supported and a communication key of correspondence thereof.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610098818.0A CN105791272A (en) | 2016-02-23 | 2016-02-23 | Method and device for secure communication in Internet of Things |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610098818.0A CN105791272A (en) | 2016-02-23 | 2016-02-23 | Method and device for secure communication in Internet of Things |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105791272A true CN105791272A (en) | 2016-07-20 |
Family
ID=56403517
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610098818.0A Pending CN105791272A (en) | 2016-02-23 | 2016-02-23 | Method and device for secure communication in Internet of Things |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105791272A (en) |
Cited By (34)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101147A (en) * | 2016-08-12 | 2016-11-09 | 北京同余科技有限公司 | A kind of method and system realizing smart machine and remote terminal dynamic encryption communication |
| CN106686015A (en) * | 2017-03-16 | 2017-05-17 | 北京方研矩行科技有限公司 | Method for dynamically verifying safety networking for intelligent device |
| CN106888087A (en) * | 2017-03-15 | 2017-06-23 | 腾讯科技(深圳)有限公司 | A kind of method and apparatus for managing certificate |
| US9716595B1 (en) * | 2010-04-30 | 2017-07-25 | T-Central, Inc. | System and method for internet of things (IOT) security and management |
| US20170324717A1 (en) * | 2010-04-30 | 2017-11-09 | T-Central, Inc. | System and Method to Enable PKI- and PMI- Based Distributed Locking of Content and Distributed Unlocking of Protected Content and/or Scoring of Users and/or Scoring of End-Entity Access Means-Added |
| CN107370597A (en) * | 2017-07-11 | 2017-11-21 | 深圳市雪球科技有限公司 | Safety certifying method and security certification system based on Internet of Things |
| US9832026B2 (en) * | 2010-04-30 | 2017-11-28 | T-Central, Inc. | System and method from Internet of Things (IoT) security and management |
| US9843450B2 (en) * | 2010-04-30 | 2017-12-12 | T-Central, Inc. | System and method to use a cloud-based platform supported by an API to authenticate remote users and to provide PKI- and PMI- based distributed locking of content and distributed unlocking of protected content |
| CN107682363A (en) * | 2017-11-02 | 2018-02-09 | 苏州国芯科技有限公司 | The smart home product safety means of communication, system and computer-readable recording medium |
| CN107948213A (en) * | 2018-01-17 | 2018-04-20 | 深圳中电国际信息科技有限公司 | A kind of encryption and authentication method, system, device and computer-readable recording medium |
| CN107959686A (en) * | 2017-12-13 | 2018-04-24 | 恒宝股份有限公司 | A kind of Internet of Things security certification system and authentication method |
| CN108900530A (en) * | 2018-07-30 | 2018-11-27 | 郑州信大捷安信息技术股份有限公司 | A kind of safe communication system and method |
| US10153908B2 (en) | 2010-04-30 | 2018-12-11 | T-Central, Inc. | Secure communication of IOT devices for vehicles |
| CN109765825A (en) * | 2019-01-30 | 2019-05-17 | 山西天科信息安全科技有限公司 | A kind of Internet of Things multilink security control terminal and method of controlling security |
| CN109803255A (en) * | 2018-12-18 | 2019-05-24 | 武汉华工赛百数据系统有限公司 | For digitizing the mobile data information secure communications system and method in workshop |
| CN110210199A (en) * | 2019-05-30 | 2019-09-06 | 上海应用技术大学 | Internet of things equipment identity identifying method based on fingerprint collecting and identification |
| CN110336788A (en) * | 2019-05-27 | 2019-10-15 | 北京折叠未来科技有限公司 | A kind of data safety exchange method of internet of things equipment and mobile terminal |
| CN110519760A (en) * | 2019-07-24 | 2019-11-29 | 华为技术有限公司 | Method for network access, device, equipment and storage medium |
| CN110855442A (en) * | 2019-10-10 | 2020-02-28 | 北京握奇智能科技有限公司 | PKI (public key infrastructure) technology-based inter-device certificate verification method |
| US10652031B2 (en) | 2010-04-30 | 2020-05-12 | T-Central, Inc. | Using PKI for security and authentication of control devices and their data |
| CN111181723A (en) * | 2019-09-09 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Method and device for offline security authentication between Internet of things devices |
| CN111541642A (en) * | 2020-03-17 | 2020-08-14 | 广州亚美智造科技有限公司 | Bluetooth encryption communication method and device based on dynamic secret key and computer equipment |
| CN111585939A (en) * | 2019-02-18 | 2020-08-25 | 深圳市致趣科技有限公司 | Method and system for end-to-end identity authentication and communication encryption between Internet of things devices |
| CN112039922A (en) * | 2020-09-18 | 2020-12-04 | 广东乐心医疗电子股份有限公司 | Encryption communication method and device |
| CN112184150A (en) * | 2020-09-17 | 2021-01-05 | 杭州安恒信息技术股份有限公司 | Multi-party approval method, device and system in data sharing exchange and electronic device |
| CN112769765A (en) * | 2020-12-23 | 2021-05-07 | 上海商米科技集团股份有限公司 | IoT equipment interoperation instruction authority management method based on digital certificate |
| CN112788042A (en) * | 2021-01-18 | 2021-05-11 | 亚信科技(成都)有限公司 | Method for determining equipment identifier of Internet of things and Internet of things equipment |
| CN113093560A (en) * | 2021-02-23 | 2021-07-09 | 美的集团股份有限公司 | Man-machine interaction method and device for household appliance |
| CN113242249A (en) * | 2021-05-18 | 2021-08-10 | 中铁信(北京)网络技术研究院有限公司 | Session control method and device |
| CN113542194A (en) * | 2020-04-16 | 2021-10-22 | 中国联合网络通信集团有限公司 | User behavior tracing method, device, equipment and storage medium |
| CN113556738A (en) * | 2021-07-23 | 2021-10-26 | 广州鲁邦通物联网科技有限公司 | Key negotiation method between DTU (data transfer unit) equipment and node equipment, DTU equipment, node equipment and key negotiation system |
| CN114598473A (en) * | 2020-11-19 | 2022-06-07 | 上海铠射信息科技有限公司 | Novel network connection equipment authentication method and device |
| US11456882B2 (en) | 2010-04-30 | 2022-09-27 | T-Central, Inc. | Using PKI for security and authentication of control devices and their data |
| US11743057B2 (en) | 2010-04-30 | 2023-08-29 | T-Central, Inc. | Using PKI for security and authentication of control devices and their data |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102780698A (en) * | 2012-07-24 | 2012-11-14 | 南京邮电大学 | User terminal safety communication method in platform of Internet of Things |
| CN103716794A (en) * | 2013-12-25 | 2014-04-09 | 北京握奇数据系统有限公司 | Two-way safety verification method and system based on portable device |
| CN104639327A (en) * | 2015-01-29 | 2015-05-20 | 杭州晟元芯片技术有限公司 | Method for identifying and correlating equipment by digital certificate |
| US20150358924A1 (en) * | 2014-06-05 | 2015-12-10 | Samsung Electronics Co., Ltd. | Power control for transmission of uplink control information on two cells in carrier aggregation |
| CN105262773A (en) * | 2015-11-09 | 2016-01-20 | 北京世纪龙脉科技有限公司 | A verification method and apparatus for an IOT system |
-
2016
- 2016-02-23 CN CN201610098818.0A patent/CN105791272A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102780698A (en) * | 2012-07-24 | 2012-11-14 | 南京邮电大学 | User terminal safety communication method in platform of Internet of Things |
| CN103716794A (en) * | 2013-12-25 | 2014-04-09 | 北京握奇数据系统有限公司 | Two-way safety verification method and system based on portable device |
| US20150358924A1 (en) * | 2014-06-05 | 2015-12-10 | Samsung Electronics Co., Ltd. | Power control for transmission of uplink control information on two cells in carrier aggregation |
| CN104639327A (en) * | 2015-01-29 | 2015-05-20 | 杭州晟元芯片技术有限公司 | Method for identifying and correlating equipment by digital certificate |
| CN105262773A (en) * | 2015-11-09 | 2016-01-20 | 北京世纪龙脉科技有限公司 | A verification method and apparatus for an IOT system |
Non-Patent Citations (1)
| Title |
|---|
| 胡玫艳等: "《电子商务教程》", 31 August 2003 * |
Cited By (50)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11456882B2 (en) | 2010-04-30 | 2022-09-27 | T-Central, Inc. | Using PKI for security and authentication of control devices and their data |
| US9843450B2 (en) * | 2010-04-30 | 2017-12-12 | T-Central, Inc. | System and method to use a cloud-based platform supported by an API to authenticate remote users and to provide PKI- and PMI- based distributed locking of content and distributed unlocking of protected content |
| US10333720B2 (en) | 2010-04-30 | 2019-06-25 | T-Central, Inc. | Secure communication of IOT devices for vehicles |
| US9716595B1 (en) * | 2010-04-30 | 2017-07-25 | T-Central, Inc. | System and method for internet of things (IOT) security and management |
| US20170324717A1 (en) * | 2010-04-30 | 2017-11-09 | T-Central, Inc. | System and Method to Enable PKI- and PMI- Based Distributed Locking of Content and Distributed Unlocking of Protected Content and/or Scoring of Users and/or Scoring of End-Entity Access Means-Added |
| US11743057B2 (en) | 2010-04-30 | 2023-08-29 | T-Central, Inc. | Using PKI for security and authentication of control devices and their data |
| US9832026B2 (en) * | 2010-04-30 | 2017-11-28 | T-Central, Inc. | System and method from Internet of Things (IoT) security and management |
| US10567361B2 (en) * | 2010-04-30 | 2020-02-18 | T-Central, Inc. | System and method to enable PKI- and PMI-based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means-added |
| US10153908B2 (en) | 2010-04-30 | 2018-12-11 | T-Central, Inc. | Secure communication of IOT devices for vehicles |
| US10644891B2 (en) | 2010-04-30 | 2020-05-05 | T-Central, Inc. | Secure communication of IoT devices for vehicles |
| US10038678B2 (en) * | 2010-04-30 | 2018-07-31 | T-Central, Inc. | System and method to enable PKI- and PMI- based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means-added |
| US10652031B2 (en) | 2010-04-30 | 2020-05-12 | T-Central, Inc. | Using PKI for security and authentication of control devices and their data |
| US20180332014A1 (en) * | 2010-04-30 | 2018-11-15 | T-Central, Inc. | System and method to enable pki- and pmi-based distributed locking of content and distributed unlocking of protected content and/or scoring of users and/or scoring of end-entity access means - added |
| CN106101147A (en) * | 2016-08-12 | 2016-11-09 | 北京同余科技有限公司 | A kind of method and system realizing smart machine and remote terminal dynamic encryption communication |
| CN106888087B (en) * | 2017-03-15 | 2018-09-04 | 腾讯科技(深圳)有限公司 | A kind of method and apparatus of management certificate |
| CN106888087A (en) * | 2017-03-15 | 2017-06-23 | 腾讯科技(深圳)有限公司 | A kind of method and apparatus for managing certificate |
| CN106686015B (en) * | 2017-03-16 | 2019-10-22 | 北京方研矩行科技有限公司 | A kind of safe networking dynamic confirming method for smart machine |
| CN106686015A (en) * | 2017-03-16 | 2017-05-17 | 北京方研矩行科技有限公司 | Method for dynamically verifying safety networking for intelligent device |
| CN107370597A (en) * | 2017-07-11 | 2017-11-21 | 深圳市雪球科技有限公司 | Safety certifying method and security certification system based on Internet of Things |
| CN107682363A (en) * | 2017-11-02 | 2018-02-09 | 苏州国芯科技有限公司 | The smart home product safety means of communication, system and computer-readable recording medium |
| CN107682363B (en) * | 2017-11-02 | 2021-02-02 | 苏州国芯科技股份有限公司 | Intelligent household product safety communication method, system and computer readable storage medium |
| CN107959686B (en) * | 2017-12-13 | 2019-06-07 | 恒宝股份有限公司 | A kind of Internet of Things security certification system and authentication method |
| CN107959686A (en) * | 2017-12-13 | 2018-04-24 | 恒宝股份有限公司 | A kind of Internet of Things security certification system and authentication method |
| CN107948213A (en) * | 2018-01-17 | 2018-04-20 | 深圳中电国际信息科技有限公司 | A kind of encryption and authentication method, system, device and computer-readable recording medium |
| CN108900530A (en) * | 2018-07-30 | 2018-11-27 | 郑州信大捷安信息技术股份有限公司 | A kind of safe communication system and method |
| CN109803255A (en) * | 2018-12-18 | 2019-05-24 | 武汉华工赛百数据系统有限公司 | For digitizing the mobile data information secure communications system and method in workshop |
| CN109803255B (en) * | 2018-12-18 | 2022-04-08 | 武汉华工赛百数据系统有限公司 | Mobile data information safety communication system and method for digital workshop |
| CN109765825B (en) * | 2019-01-30 | 2023-09-29 | 山西天科信息安全科技有限公司 | Internet of things multilink safety control terminal and safety control method |
| CN109765825A (en) * | 2019-01-30 | 2019-05-17 | 山西天科信息安全科技有限公司 | A kind of Internet of Things multilink security control terminal and method of controlling security |
| CN111585939B (en) * | 2019-02-18 | 2023-04-14 | 深圳市致趣科技有限公司 | End-to-end identity authentication and communication encryption method and system between Internet of things devices |
| CN111585939A (en) * | 2019-02-18 | 2020-08-25 | 深圳市致趣科技有限公司 | Method and system for end-to-end identity authentication and communication encryption between Internet of things devices |
| CN110336788B (en) * | 2019-05-27 | 2021-11-30 | 北京折叠未来科技有限公司 | Data security interaction method for Internet of things equipment and mobile terminal |
| CN110336788A (en) * | 2019-05-27 | 2019-10-15 | 北京折叠未来科技有限公司 | A kind of data safety exchange method of internet of things equipment and mobile terminal |
| CN110210199A (en) * | 2019-05-30 | 2019-09-06 | 上海应用技术大学 | Internet of things equipment identity identifying method based on fingerprint collecting and identification |
| CN110210199B (en) * | 2019-05-30 | 2022-07-15 | 上海应用技术大学 | Internet of things equipment identity authentication method based on fingerprint acquisition and identification |
| CN110519760A (en) * | 2019-07-24 | 2019-11-29 | 华为技术有限公司 | Method for network access, device, equipment and storage medium |
| CN111181723B (en) * | 2019-09-09 | 2021-10-15 | 腾讯科技(深圳)有限公司 | Method and device for offline security authentication between Internet of things devices |
| CN111181723A (en) * | 2019-09-09 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Method and device for offline security authentication between Internet of things devices |
| CN110855442A (en) * | 2019-10-10 | 2020-02-28 | 北京握奇智能科技有限公司 | PKI (public key infrastructure) technology-based inter-device certificate verification method |
| CN111541642A (en) * | 2020-03-17 | 2020-08-14 | 广州亚美智造科技有限公司 | Bluetooth encryption communication method and device based on dynamic secret key and computer equipment |
| CN113542194A (en) * | 2020-04-16 | 2021-10-22 | 中国联合网络通信集团有限公司 | User behavior tracing method, device, equipment and storage medium |
| CN112184150A (en) * | 2020-09-17 | 2021-01-05 | 杭州安恒信息技术股份有限公司 | Multi-party approval method, device and system in data sharing exchange and electronic device |
| CN112039922A (en) * | 2020-09-18 | 2020-12-04 | 广东乐心医疗电子股份有限公司 | Encryption communication method and device |
| CN114598473A (en) * | 2020-11-19 | 2022-06-07 | 上海铠射信息科技有限公司 | Novel network connection equipment authentication method and device |
| CN112769765A (en) * | 2020-12-23 | 2021-05-07 | 上海商米科技集团股份有限公司 | IoT equipment interoperation instruction authority management method based on digital certificate |
| CN112788042A (en) * | 2021-01-18 | 2021-05-11 | 亚信科技(成都)有限公司 | Method for determining equipment identifier of Internet of things and Internet of things equipment |
| CN113093560A (en) * | 2021-02-23 | 2021-07-09 | 美的集团股份有限公司 | Man-machine interaction method and device for household appliance |
| CN113242249B (en) * | 2021-05-18 | 2022-03-08 | 中铁信(北京)网络技术研究院有限公司 | Session control method and device |
| CN113242249A (en) * | 2021-05-18 | 2021-08-10 | 中铁信(北京)网络技术研究院有限公司 | Session control method and device |
| CN113556738A (en) * | 2021-07-23 | 2021-10-26 | 广州鲁邦通物联网科技有限公司 | Key negotiation method between DTU (data transfer unit) equipment and node equipment, DTU equipment, node equipment and key negotiation system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105791272A (en) | Method and device for secure communication in Internet of Things | |
| CN108270571B (en) | Internet of Things identity authorization system and its method based on block chain | |
| US10567370B2 (en) | Certificate authority | |
| EP2639997B1 (en) | Method and system for secure access of a first computer to a second computer | |
| CN101951603B (en) | Access control method and system for wireless local area network | |
| CN108123795B (en) | Quantum key chip issuing method, application method, issuing platform and system | |
| CN104767731B (en) | A kind of Restful move transactions system identity certification means of defence | |
| CN105141425B (en) | A kind of mutual authentication method for protecting identity based on chaotic maps | |
| KR101634158B1 (en) | Method for authenticating identity and generating share key | |
| CN103229452A (en) | Mobile handset identification and communication authentication | |
| CN106452782A (en) | Method and system for producing a secure communication channel for terminals | |
| CN103856478A (en) | Certificate signing and issuing method of trusted network, attestation method of trusted network and corresponding devices | |
| US20150281958A1 (en) | Method and Apparatus for Securing a Connection in a Communications Network | |
| CN102404347A (en) | Mobile internet access authentication method based on public key infrastructure | |
| CA2531533A1 (en) | Session-based public key infrastructure | |
| CN101686127A (en) | Novel USBKey secure calling method and USBKey device | |
| WO2015158172A1 (en) | User identity identification card | |
| CN101547095A (en) | Application service management system and management method based on digital certificate | |
| CN101686128A (en) | Novel usbkey external authentication method and Usbkey device | |
| CN114765534B (en) | Private key distribution system and method based on national secret identification cryptographic algorithm | |
| CN110378152B (en) | Contract signing management system and method based on PKICA authentication and block chain technology | |
| CN106936588A (en) | A kind of trustship method, the apparatus and system of hardware controls lock | |
| CN106713236A (en) | End-to-end identity authentication and encryption method based on CPK identifier authentication | |
| CN108965342A (en) | The method for authenticating and system of request of data side's access data source | |
| CN105554018A (en) | Network real name verification method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160720 |
|
| RJ01 | Rejection of invention patent application after publication |