CN107493571B - Type-based uplink data encryption control method and device for Internet of things repeater - Google Patents

Type-based uplink data encryption control method and device for Internet of things repeater Download PDF

Info

Publication number
CN107493571B
CN107493571B CN201710593623.8A CN201710593623A CN107493571B CN 107493571 B CN107493571 B CN 107493571B CN 201710593623 A CN201710593623 A CN 201710593623A CN 107493571 B CN107493571 B CN 107493571B
Authority
CN
China
Prior art keywords
internet
things
data packet
encryption
type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710593623.8A
Other languages
Chinese (zh)
Other versions
CN107493571A (en
Inventor
杜光东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Shenglu IoT Communication Technology Co Ltd
Original Assignee
Shenzhen Shenglu IoT Communication Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Shenglu IoT Communication Technology Co Ltd filed Critical Shenzhen Shenglu IoT Communication Technology Co Ltd
Priority to CN201710593623.8A priority Critical patent/CN107493571B/en
Priority to PCT/CN2017/100751 priority patent/WO2019015038A1/en
Publication of CN107493571A publication Critical patent/CN107493571A/en
Application granted granted Critical
Publication of CN107493571B publication Critical patent/CN107493571B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The application discloses an uplink data encryption control method based on types for a repeater of the Internet of things, which comprises the following steps: the Internet of things repeater receives a data packet sent by the Internet of things terminal; the Internet of things repeater identifies the type of the Internet of things terminal, and a first encryption unit corresponding to the type is inquired in a pre-configured type and encryption unit mapping table according to the type; the Internet of things repeater calls the first encryption unit to encrypt the data packet; and the Internet of things repeater sends the encrypted data packet to the Internet of things access point. The method and the device have the advantage of high user experience.

Description

Type-based uplink data encryption control method and device for Internet of things repeater
Technical Field
The application relates to the field of communication, in particular to a type-based uplink data encryption control method and device for an Internet of things repeater.
Background
The Internet of things is an important component of a new generation of information technology and is also an important development stage of the 'informatization' era. Its english name is: "Internet of things (IoT)". As the name implies, the Internet of things is the Internet with connected objects. This has two layers: firstly, the core and the foundation of the internet of things are still the internet, and the internet is an extended and expanded network on the basis of the internet; and secondly, the user side extends and expands to any article to perform information exchange and communication, namely, the article information. The internet of things is widely applied to network fusion through communication perception technologies such as intelligent perception, identification technology and pervasive computing, and is also called as the third wave of development of the world information industry after computers and the internet. The internet of things is an application expansion of the internet, and is not a network, but a business and an application. Therefore, the application innovation is the core of the development of the internet of things, and the innovation 2.0 taking the user experience as the core is the soul of the development of the internet of things.
The internet of things solves the problems of interconnection among objects and data exchange among the objects, the existing internet of things access the internet by sending data to an internet of things Access Point (AP) based on an internet of things repeater when networking, and the internet of things has low data security, so that the user experience is low.
Disclosure of Invention
The application provides a type-based uplink data encryption control method for an Internet of things repeater. The safety of the data of the Internet of things can be improved, and the user experience is improved.
In a first aspect, a type-based uplink data encryption control method for an internet of things repeater is provided, where the method includes the following steps:
the Internet of things repeater receives a data packet sent by the Internet of things terminal;
the Internet of things repeater identifies the type of the Internet of things terminal, and a first encryption unit corresponding to the type is inquired in a pre-configured type and encryption unit mapping table according to the type;
the Internet of things repeater calls the first encryption unit to encrypt the data packet;
and the Internet of things repeater sends the encrypted data packet to the Internet of things access point.
Optionally, the identifying, by the internet of things repeater, the type of the internet of things terminal specifically includes:
the Internet of things repeater identifies the type of the Internet of things terminal through the identification of the Internet of things terminal; the types include: intelligent electric lamp, intelligent TV, intelligent cleaning equipment, intelligent sleep equipment or intelligent supervisory equipment.
Optionally, the identifying, by the internet of things repeater, the type of the internet of things terminal specifically includes:
the Internet of things repeater sends an Internet of things terminal type table to the Internet of things terminal,
and the Internet of things repeater receives the basis sent by the Internet of things terminal and searches for the Internet of things terminal type matched with the Internet of things repeater according to the Internet of things terminal type table.
Optionally, the invoking, by the internet of things repeater, the first encryption unit to encrypt the data packet specifically includes:
the internet of things repeater calls the first encryption unit to encrypt the data packet, if the encryption is successful, the subsequent steps are carried out, if the encryption is unsuccessful, the internet of things repeater calls the standby encryption unit of the first encryption unit to encrypt the data packet, and the identifier of the standby encryption unit is added to a packet header extension field of the encrypted data packet.
Optionally, the invoking, by the internet of things repeater, the first encryption unit to encrypt the data packet specifically includes:
if the signal modulation mode of the data packet obtained by analyzing the data packet by the repeater of the internet of things is Quadrature Phase Shift Keying (QPSK), phase numbers with energy in the QPSK are obtained, values obtained by sequencing the phase numbers in sequence are used as keys, and the keys are adopted to call the encryption unit to encrypt the data packet.
Optionally, the method further includes:
the IOT repeater generates a key pair, the key pair comprising: the internet of things repeater encrypts the data packet through the first encryption unit by adopting the public key, transmits the encrypted data packet through the first path, and transmits the private key through the second path.
In a second aspect, an internet of things repeater type-based uplink data encryption control device is provided, where the device includes:
the receiving unit is used for receiving a data packet sent by the terminal of the Internet of things;
the identification unit is used for identifying the type of the terminal of the Internet of things;
the searching unit is used for searching a first encryption unit corresponding to the type in a preset type and encryption unit mapping table according to the type;
the encryption unit is used for calling the first encryption unit to encrypt the data packet;
and the sending unit is used for sending the encrypted data packet to the access point of the Internet of things.
Optionally, the identification unit is specifically configured to identify a type of the terminal of the internet of things through an identifier of the terminal of the internet of things; the types include: intelligent electric lamp, intelligent TV, intelligent cleaning equipment, intelligent sleep equipment or intelligent supervisory equipment.
Optionally, the identification unit is specifically configured to send an internet of things terminal type table to the internet of things terminal, and receive a basis sent by the internet of things terminal to find out the internet of things terminal type matched with the identification unit.
Optionally, the encryption unit is specifically configured to invoke the first encryption unit to encrypt the data packet, and if the encryption is successful, perform subsequent steps, if the encryption is unsuccessful, invoke the standby encryption unit of the first encryption unit to encrypt the data packet, and add the identifier of the standby encryption unit to the header extension field of the encrypted data packet.
Optionally, the encryption unit is specifically configured to, if the signal modulation mode of the data packet obtained by analyzing the data packet is quadrature phase shift keying QPSK, obtain a phase number with energy in the QPSK, use a value obtained by sequentially ordering the phase numbers as a key, and call the encryption unit to perform encryption processing on the data packet by using the key.
Optionally, the encryption unit is specifically configured to generate a key pair, where the key pair includes: the sending unit is used for sending the data packet after encryption processing through a first path and sending the private key through a second path.
In a third aspect, a computer storage medium is provided, where the computer storage medium may store a program, and the program includes, when executed, some or all of the steps of any one of the above-mentioned internet-of-things repeater type-based uplink data encryption control methods.
In a fourth aspect, an access point device is provided, the access point device comprising: one or more processors, a memory, a bus system, a transceiver, and one or more programs, the processors, the memory, and the transceiver being connected by the bus system; wherein the one or more programs are stored in the memory, the one or more programs comprising instructions which, when executed by the access point, cause the access point to perform any of the methods provided by the first aspect and all possible designs of the first aspect described above.
After the internet of things terminal sends the data packet to the internet of things repeater, the internet of things repeater inquires out the encryption unit corresponding to the type according to the type of the internet of things terminal, and encrypts the data through the encryption unit, for the internet of things, the internet of things terminal does not need to configure the encryption, all encryption settings are arranged on the internet of things repeater, the cost of the internet of things terminal can be effectively reduced, for the whole internet of things, as a plurality of internet of things terminals can be connected below one internet of things repeater, the cost of the whole internet of things can be reduced only by configuring the internet of things repeater, in addition, the computing capability of the internet of things repeater is generally stronger than that of the internet of things terminal, the time delay of data sending can be reduced when the encryption unit is operated, and the time delay of a network can be reduced, the user experience is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic flow diagram of a repeater-based data routing method;
fig. 2 is a transmission flow chart of a terminal of the internet of things sending a data packet to a gateway;
FIG. 3 is a transmission flow chart of a gateway sending a data packet to a terminal of the Internet of things
FIG. 4 is a flowchart illustrating a method for automatic routing of data based on a repeater according to an embodiment of the present application;
FIG. 5 is a schematic diagram of an implementation scenario according to an embodiment of the present application;
FIG. 6 is a schematic flow chart diagram illustrating a method for repeater-based automatic routing of data according to another embodiment of the present application;
fig. 7 is a schematic structural diagram of a data automatic routing device based on a repeater according to the present application;
fig. 8 is a schematic structural diagram of an internet of things repeater device provided in the present application;
fig. 9 is a schematic diagram of a hardware structure of an internet of things repeater provided in the present application.
Detailed Description
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel, concurrently, or simultaneously. In addition, the order of the operations may be re-arranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
The term "computer device" or "computer" in this context refers to an intelligent electronic device that can execute predetermined processes such as numerical calculation and/or logic calculation by running predetermined programs or instructions, and may include a processor and a memory, wherein the processor executes a pre-stored instruction stored in the memory to execute the predetermined processes, or the predetermined processes are executed by hardware such as ASIC, FPGA, DSP, or a combination thereof. Computer devices include, but are not limited to, servers, personal computers, laptops, tablets, smart phones, and the like.
The methods discussed below, some of which are illustrated by flow diagrams, may be implemented by hardware, software, firmware, middleware, microcode, hardware description languages, or any combination thereof. When implemented in software, firmware, middleware or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine or computer readable medium such as a storage medium. The processor(s) may perform the necessary tasks.
Specific structural and functional details disclosed herein are merely representative and are provided for purposes of describing example embodiments of the present invention. The present invention may, however, be embodied in many alternate forms and should not be construed as limited to only the embodiments set forth herein.
It will be understood that, although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element may be termed a second element, and, similarly, a second element may be termed a first element, without departing from the scope of example embodiments. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used herein, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be noted that, in some alternative implementations, the functions/acts noted may occur out of the order noted in the figures. For example, two figures shown in succession may, in fact, be executed substantially concurrently, or the figures may sometimes be executed in the reverse order, depending upon the functionality/acts involved.
The present invention is described in further detail below with reference to the attached drawing figures.
According to one aspect of the invention, an uplink data sending method of an AP of the Internet of things is provided. The method is applied to an internet of things network shown in fig. 1, and as shown in fig. 1, the internet of things network includes: the internet of things terminal 10, the internet of things access point AP20, the internet of things repeater 40, and the wireless access controller 30 may have different expression forms according to different situations, for example, the internet of things terminal may specifically be: the mobile phone, the tablet computer, the computer, and the like may also include other devices with networking functions, such as a smart television, a smart air conditioner, a smart water bottle, or some smart devices of the internet of things, the terminal 10 of the internet of things is connected with the AP20 in a wireless manner, and the AP20 is connected with the gateway 12 in another manner (i.e., a connection manner different from the wireless manner) to access the internet, where the wireless manner includes but is not limited to: bluetooth, WIFI, etc., and the other mode may be LTE or wired mode. Fig. 1 is a wired example, and for convenience of representation, only one solid line is shown here.
The radio access controller 30 may be a Personal Computer (PC) according to the size of the internet of things, and may also be multiple PCs or servers in practical applications.
Referring to fig. 2, fig. 2 is a transmission flow chart of uplink data transmission of the internet of things repeater, as shown in fig. 2, the flow includes:
step S201, the Internet of things terminal 10 sends a data packet to be sent to an Internet of things repeater in a wireless mode;
step S202, the Internet of things repeater sends the data packet to the AP 20;
step S203, AP20 forwards the data packet to radio access controller 30.
Through the above representations of fig. 1 and fig. 2, in the actual transmission of the data packet, if a secret leakage occurs between the internet of things repeater and the radio access controller 30, the transmitted data packet is not subjected to the corresponding encryption processing, so that data leakage is easily caused, and a security problem is easily caused.
Referring to fig. 3, fig. 3 is a type-based uplink data encryption control method for an internet of things repeater, which is implemented under a network architecture shown in fig. 4, and as shown in fig. 4, one AP20 may be connected to multiple internet of things terminals, where the AP may specifically be a relay station, and certainly in practical applications, the method may also be a router or other network devices with wireless connection and data forwarding functions, such as a mobile phone that opens a hot spot, a personal computer that provides wireless connection, and the like, and as shown in fig. 3, the method includes the following steps:
step S301, the Internet of things terminal sends a data packet to the Internet of things repeater;
the internet of things terminal in step S301 may specifically be: the mobile phone, the tablet computer, the computer and the like can also include other devices with networking functions, such as a smart television, a smart air conditioner, a smart water bottle, a smart lamp, a smart switch or some smart devices of the internet of things.
In the step S301, the data packet may be sent by the internet of things terminal to the internet of things repeater in a wireless connection manner, where the wireless connection manner includes, but is not limited to: wireless modes such as bluetooth, wireless fidelity (WIFI) and Zigbee, wherein the WIFI needs to comply with the standard of ieee802.11b.
It should be noted that the internet of things and the internet of things repeater are only for the wireless internet of things repeater, because the number of devices accessed to the internet of things is large, for the internet of things repeater, if the internet of things repeater is connected by a wire, the number of the accessed internet of things repeater is limited, and for the home, the internet of things repeater is connected by the wire, which is not imaginable for the wiring of the home user, and in addition, the cost of the wire is very high, so the connection between the terminal of the internet of things and the internet of things repeater in the technical scheme of the present invention is only a wireless connection.
Step S302, the Internet of things repeater identifies the type of the Internet of things terminal, and inquires a first encryption unit corresponding to the type in a preset type and encryption unit mapping table according to the type.
Each manufacturer of the type of the internet of things terminal in the step S302 may set according to its own condition, for example, the type of the internet of things terminal may specifically include: intelligent electric light, intelligent TV, intelligent cleaning equipment, intelligent sleep equipment, intelligent supervisory equipment etc. the form of its performance can be various, for intelligent electric light for example, this intelligent electric light includes but not limited to: intelligence desk lamp, intelligence ceiling lamp, equipment such as intelligence wall lamp, for example to intelligent television, it can be three stars brand intelligent television, of course it also can be sharp brand intelligent television, for example to intelligent cleaning equipment, it can be, intelligence robot of sweeping the floor, of course it can also include equipment such as intelligent dust catcher, intelligent garbage disposer, for example to intelligent sleep equipment, it can be: the present invention is not limited to the specific type and the number or the type of the internet of things terminal described above.
The type and encryption unit mapping table in the above step is shown in fig. 5, and the mapping may be a one-to-one mapping, or may be a one-to-many mapping.
The encryption unit in step S302 may be a hardware encryption unit disposed in the internet of things repeater, and includes an encryption algorithm preset by a manufacturer, and in practical application, the encryption unit may also be a software encryption unit configured in the internet of things repeater.
The above encryption algorithms include, but are not limited to: triple data encryption Algorithm block cipher (3 DES), Message Digest Algorithm (MD 5), RSA (Rivest, Shamir, Adleman), and the like, but the present invention is not limited to a specific encryption Algorithm. For example, 3DES is a generic term for triple data encryption algorithm block ciphers. It is equivalent to applying the DES encryption algorithm three times per block. Because of the enhancement of the computing power of the computer, the key length of the original DES password becomes easy to be cracked violently; 3DES is designed to provide a relatively simple method of avoiding similar attacks by increasing the key length of DES.
Step S303, the Internet of things repeater calls a first encryption unit to encrypt the data packet;
the implementation method of the step S303 may specifically be:
for example, the first encryption unit is a 3DES encryption unit, and the internet of things repeater calls the 3DES encryption unit to perform 3DES encryption processing on the data packet. For example, if the first encryption unit is an RAS encryption unit, the internet of things repeater calls the RAS encryption unit to perform RAS encryption processing on the data packet. For example, the first encryption unit is an MD5 encryption unit, the internet of things repeater calls an MD5 encryption unit to perform MD5 encryption processing on the data packet.
The specific manner of the encryption process can be referred to in the related description of 3DES, RSA and MD5, and will not be described herein.
The implementation method of the step S303 may specifically be:
and the internet-of-things repeater calls the first encryption unit to encrypt the data packet, if the encryption is successful, the subsequent step S304 is carried out, if the encryption is unsuccessful, the spare encryption unit of the first encryption unit is called to encrypt the data packet, and the identifier of the spare encryption unit is added to the packet header extension field of the encrypted data packet.
And S304, the Internet of things repeater sends the encrypted data packet to the wireless access controller.
The implementation method of the step S304 may be:
the data packets subjected to encryption processing are sent to the wireless access controller in another way, for example, the terminal of the internet of things is connected with the AP through WIFI, then the AP20 may send the data packets to the wireless access controller in a wired way, and certainly in practical application, the AP20 may also send the data packets subjected to encryption processing to the wireless access controller through Long Term Evolution (LTE). Of course, the LTE or limited manner and the manner in which the terminal of the internet of things is connected with the AP through WIFI are only for illustration, and the present invention is not limited to the specific manner of the connection.
Optionally, the invoking, by the internet of things repeater, the first encryption unit to encrypt the data packet specifically includes:
if the signal modulation mode of the data packet obtained by analyzing the data packet by the internet-of-things repeater is Quadrature Phase Shift Keying (QPSK), acquiring a Phase number with energy in the QPSK, sequencing the Phase number in sequence to obtain a value serving as a secret key, and calling the encryption unit by using the secret key to encrypt the data packet.
The phase number with energy refers to energy of a QPSK subcarrier, that is, the subcarrier carries a number 1, and the corresponding phase number may specifically be a sequence of its phase, for example, the first phase sequence is 1, the second phase sequence is 2, and the 15 th phase sequence is 15.
According to the method provided by the figure 3, after the internet of things terminal sends the data packet to the internet of things repeater, the internet of things repeater inquires out the encryption unit corresponding to the type according to the type of the internet of things terminal, and encrypts the data through the encryption unit, for the internet of things, the internet of things terminal does not need to configure the encryption, and all encryption settings are arranged in the internet of things repeater, so that the cost of the internet of things terminal can be effectively reduced, for the whole internet of things, as a plurality of internet of things terminals can be connected below one internet of things repeater, the cost of the whole internet of things can be reduced only by configuring the internet of things repeater, in addition, the computing capability of the internet of things repeater is generally stronger than that of the internet of things terminal, the data sending delay can be reduced when the encryption unit is operated, and the network delay can be reduced, the user experience is improved.
Referring to fig. 6, fig. 6 shows a type-based uplink data encryption control method for an internet of things repeater, where the method is implemented in a network architecture as shown in fig. 4, a plurality of internet of things terminals may be connected to one internet of things repeater, the internet of things repeater may specifically be a relay station, and certainly in practical applications, the internet of things repeater may also be a router or other network devices with wireless connection and data forwarding functions, such as a mobile phone that opens a hot spot, and a personal computer that provides wireless connection, and the method includes the following steps as shown in fig. 6:
step S601, the Internet of things terminal sends a data packet to the Internet of things repeater;
the internet of things terminal in step S601 may specifically be: the mobile phone, the tablet computer, the computer and the like can also include other devices with networking functions, such as a smart television, a smart air conditioner, a smart water bottle, a smart lamp, a smart switch or some smart devices of the internet of things.
In the step S601, the data packet may be sent by the internet of things terminal to the internet of things repeater in a wireless connection manner, where the wireless connection manner includes but is not limited to: wireless modes such as bluetooth, wireless fidelity (WIFI) and Zigbee, wherein the WIFI needs to comply with the standard of ieee802.11b.
It should be noted that the internet of things and the internet of things repeater are only for the wireless AP, because the number of devices accessed to the internet of things is large, for the internet of things repeater, if wired connection is used, the number of the accessed internet of things repeater is limited, for a home, wired connection is used, which is not imaginable for wiring of a home user, and in addition, the cost of the wired connection is very high, so the connection between the terminal of the internet of things and the internet of things repeater in the technical scheme of the present invention is only limited to wireless connection.
Step S602, the Internet of things repeater identifies the type of the Internet of things terminal, and inquires a first encryption unit corresponding to the type in a preset type and encryption unit mapping table according to the type;
each manufacturer of the type of the internet of things terminal in the step S602 may set according to its own condition, for example, the type of the internet of things terminal may specifically include: intelligent electric light, intelligent TV, intelligent cleaning equipment, intelligent sleep equipment, intelligent supervisory equipment etc. the form of its performance can be various, for intelligent electric light for example, this intelligent electric light includes but not limited to: intelligence desk lamp, intelligence ceiling lamp, equipment such as intelligence wall lamp, for example to intelligent television, it can be three stars brand intelligent television, of course it also can be sharp brand intelligent television, for example to intelligent cleaning equipment, it can be, intelligence robot of sweeping the floor, of course it can also include equipment such as intelligent dust catcher, intelligent garbage disposer, for example to intelligent sleep equipment, it can be: the present invention is not limited to the specific type and the number or the type of the internet of things terminal described above.
The specific implementation method for the internet of things repeater to identify the type of the internet of things terminal in the step S602 may be as follows:
the internet of things repeater identifies the type of the internet of things terminal through the identification of the internet of things terminal, wherein the identification includes but is not limited to: media Access Control (MAC), IP address or name of the terminal of the internet of things, etc., however, in practical application, the type of the terminal of the internet of things may also be determined by information interaction between the AP20 and the terminal of the internet of things, as shown in fig. 7, the flow of the information interaction may specifically be:
step S701, the terminal of the Internet of things sends a connection request to the repeater of the Internet of things,
step S702, the Internet of things repeater returns a connection response to the Internet of things terminal and establishes wireless connection with the Internet of things terminal;
step S703, the Internet of things repeater issues an Internet of things terminal type table in the Internet of things repeater to the Internet of things terminal through the wireless connection;
step S704, the Internet of things terminal finds out the Internet of things terminal type matched with the Internet of things terminal type from the Internet of things terminal type table;
step S705, the terminal of the Internet of things reports the type of the terminal of the Internet of things to the repeater of the Internet of things.
The type and encryption unit mapping table in the above step is shown in fig. 5, and the mapping may be a one-to-one mapping, or may be a one-to-many mapping.
The encryption unit in step S602 may be a hardware encryption unit disposed in the internet of things repeater, and includes an encryption algorithm preset by a manufacturer, and in practical application, the encryption unit may also be a software encryption unit configured in the internet of things repeater.
The above encryption algorithms include, but are not limited to: 3DES, MD5, RSA, etc., although the invention is not limited to a particular encryption algorithm.
Step S603, the Internet of things repeater generates a key pair, the key pair comprises a private key and a public key, and the Internet of things repeater encrypts the data packet by adopting the public key according to the first encryption unit;
the implementation method of the step S603 may specifically be:
for example, the first encryption unit is a 3DES encryption unit, and the internet of things repeater calls the 3DES encryption unit to perform 3DES encryption processing on the data packet. For example, the first encryption unit is an RAS encryption unit, the AP20 calls the RAS encryption unit to perform RAS encryption processing on the data packet. For example, the first encryption unit is an MD5 encryption unit, the internet of things repeater calls an MD5 encryption unit to perform MD5 encryption processing on the data packet.
The specific manner of the encryption process can be referred to in the related description of 3DES, RSA and MD5, and will not be described herein.
And S604, the Internet of things repeater sends the encrypted data packet to the wireless access controller through a first path, and the Internet of things repeater sends the private key to the wireless access controller through a second path.
The implementation method of the step S604 may be:
the data packets subjected to encryption processing are sent to the wireless access controller in another way, for example, the terminal of the internet of things is connected with the AP through WIFI, then the AP20 may send the data packets to the wireless access controller in a wired way, and certainly in practical application, the AP20 may also send the data packets subjected to encryption processing to the wireless access controller through Long Term Evolution (LTE). Of course, the LTE or limited manner and the manner in which the terminal of the internet of things is connected with the AP through WIFI are only for illustration, and the present invention is not limited to the specific manner of the connection.
The first path and the second path are different paths, and the first path may be calculated by different path algorithms, which include but are not limited to: the shortest path first algorithm or the shortest delay first algorithm, of course, the first path and the second path may also be calculated by different path algorithms, for example, the first path may be calculated by the shortest path first algorithm, and the second path may be calculated by the shortest delay first algorithm.
According to the method provided by fig. 6, after the internet of things terminal sends the data packet to the internet of things repeater, the internet of things repeater inquires out an encryption unit corresponding to the type according to the type of the internet of things terminal, encrypts data through the encryption unit, for the Internet of things, the terminal of the Internet of things does not need to configure encryption, all encryption settings are arranged in the repeater of the Internet of things, the method can effectively reduce the cost of the terminal of the Internet of things, and for the whole Internet of things, because a plurality of internet of things terminals can be connected below one AP, the overall cost of the internet of things can be reduced only by configuring the internet of things repeater, in addition, for the internet of things repeater, the computing capability is generally higher than that of the internet of things terminal, so that the time delay of data sending can be reduced when the encryption unit is operated, the time delay of a network is reduced, and the user experience is improved. The method shown in fig. 6 adopts different paths for sending when sending the encrypted data packet and the private key, which increases the difficulty of information interception, and thus can further improve the security of data.
The present invention also provides a computer storage medium, wherein the computer storage medium may store a program, and the program includes some or all of the steps of any one of the above-mentioned internet-of-things repeater type-based uplink data encryption control methods when executed.
Referring to fig. 8, fig. 8 is a repeater apparatus 800 of the internet of things, the apparatus including:
a receiving unit 801, configured to receive a data packet sent by an internet of things terminal;
an identifying unit 802, configured to identify a type of the internet of things terminal;
a searching unit 803, configured to query, according to the type, a first encryption unit corresponding to the type in a pre-configured type and encryption unit mapping table;
the encryption unit 804 is used for calling the first encryption unit to encrypt the data packet;
a sending unit 805, configured to send the encrypted data packet to the radio access controller.
Optionally, the identifying unit 802 is specifically configured to identify the type of the terminal of the internet of things through the identifier of the terminal of the internet of things.
Optionally, the identifying unit 805 is specifically configured to send an internet of things terminal type table to the internet of things terminal, and receive the internet of things terminal type table sent by the internet of things terminal to find the internet of things terminal type matched with the terminal.
Optionally, the encrypting unit 804 is specifically configured to invoke the first encrypting unit to encrypt the data packet, if the encryption is successful, perform subsequent steps, if the encryption is unsuccessful, invoke the standby encrypting unit of the first encrypting unit to encrypt the data packet, and add the identifier of the standby encrypting unit to the header extension field of the encrypted data packet.
Optionally, the encrypting unit 804 is specifically configured to, if the signal modulation mode of the data packet obtained by analyzing the data packet is quadrature phase shift keying QPSK, obtain a phase number with energy in the QPSK, use a value obtained by sequentially ordering the phase numbers as a key, and call the encrypting unit to encrypt the data packet by using the key.
Optionally, the encrypting unit 804 is specifically configured to generate a key pair, where the key pair includes: the sending unit is used for sending the data packet after encryption processing through a first path and sending the private key through a second path.
Referring to fig. 9, fig. 9 is a diagram of an internet of things repeater 900 according to the present invention, where the internet of things repeater may be a node deployed in an internet system, and the internet system may further include: an internet of things terminal and a wireless access controller, the internet of things repeater 900 includes but is not limited to: as shown in fig. 9, the internet of things repeater 900 includes: a processor 901, a memory 902, a transceiver 903, and a bus 904. The transceiver 903 is used for transceiving data with external devices (e.g., other devices in the interconnected system, including but not limited to repeaters, core network devices, etc.). The number of processors 901 in the internet of things repeater 900 may be one or more. In some embodiments of the present application, the processor 901, the memory 902, and the transceiver 903 may be connected by a bus system or other means. Regarding the meaning and examples of the terms related to this embodiment, reference may be made to the embodiment corresponding to fig. 3 or fig. 6, which is not described herein again.
Wherein the memory 902 may have program code stored therein. The processor 901 is configured to call the program code stored in the memory 902 for performing the following operations:
the transceiver 903 is used for receiving a data packet sent by the terminal of the internet of things;
the processor 901 is configured to identify a type of the internet of things terminal, query a first encryption unit corresponding to the type in a preconfigured type and encryption unit mapping table according to the type, and call the first encryption unit to encrypt the data packet.
The transceiver 903 is further configured to send the encrypted data packet to the radio access controller.
Optionally, the processor 901 and the transceiver 903 may also be used to execute the steps and the refinement of the steps and the alternatives as shown in fig. 3 or in the embodiment shown in fig. 6.
It should be noted that the processor 901 may be a single processing element or may be a general term for multiple processing elements. For example, the Processing element may be a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits configured to implement embodiments of the present Application, such as: one or more microprocessors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs).
The memory 903 may be a storage device or a combination of storage elements, and is used for storing executable program codes or parameters, data, and the like required by the running device of the application program. And the memory 903 may include a Random Access Memory (RAM) or a non-volatile memory (non-volatile memory), such as a magnetic disk memory, a Flash memory (Flash), and the like.
The bus 904 may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an Extended ISA (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 9, but this does not indicate only one bus or one type of bus.
The user equipment may also include input and output devices coupled to bus 904 for interfacing with the processor 901, among other things, via the bus. The input and output device can provide an input interface for an operator so that the operator can select a control item through the input interface, and can also be other interfaces through which other equipment can be externally connected.
It should be noted that, for simplicity of description, the above-mentioned embodiments of the method are described as a series of acts or combinations, but those skilled in the art should understand that the present application is not limited by the order of acts described, as some steps may be performed in other orders or simultaneously according to the present application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: flash Memory disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
The content downloading method, the related device and the system provided by the embodiment of the present application are described in detail above, a specific example is applied in the present application to explain the principle and the implementation of the present application, and the description of the above embodiment is only used to help understand the method and the core idea of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (3)

1. The type-based uplink data encryption control method for the Internet of things repeater is characterized by comprising the following steps:
the Internet of things repeater receives a data packet sent by an Internet of things terminal in a Bluetooth, WIFI or Zigbee communication mode;
the Internet of things repeater identifies the type of the Internet of things terminal, and a first encryption unit corresponding to the type is inquired in a pre-configured type and encryption unit mapping table according to the type; the encryption unit comprises an encryption algorithm, and the encryption algorithm comprises a triple data encryption algorithm, a message digest algorithm or an RSA encryption algorithm;
the Internet of things repeater calls the first encryption unit to encrypt the data packet;
the Internet of things repeater transmits the encrypted data packet to an Internet of things access point in an LTE communication mode;
wherein the method further comprises:
the IOT repeater generates a key pair, the key pair comprising: the Internet of things repeater encrypts a data packet through a first encryption unit by adopting the public key, transmits the encrypted data packet through a first path, and transmits the private key through a second path; the first path or the second path is obtained by calculation through a shortest path priority algorithm or a shortest time delay priority algorithm;
the internet of things repeater calls the first encryption unit to encrypt the data packet specifically, and the method includes the following steps:
the internet of things repeater calls the first encryption unit to encrypt the data packet, wherein the internet of things repeater analyzes the data packet to obtain a signal modulation mode of the data packet, namely quadrature phase shift keying, phase numbers with energy in the quadrature phase shift keying are obtained, values obtained by sequencing the phase numbers in sequence are used as secret keys, and the secret keys are used for calling the first encryption unit to encrypt the data packet;
if the encryption is successful, performing subsequent steps, if the encryption is unsuccessful, calling a standby encryption unit of the first encryption unit by the Internet of things repeater to encrypt the data packet, and adding the identifier of the standby encryption unit to a packet header extension field of the encrypted data packet;
the internet of things repeater identifies the type of the internet of things terminal specifically, and comprises the following steps:
the Internet of things repeater identifies the type of the Internet of things terminal through the identification of the Internet of things terminal, wherein the type comprises the following steps: the intelligent lamp, the intelligent television, the intelligent cleaning equipment, the intelligent sleeping equipment or the intelligent monitoring equipment, wherein the identification comprises a media access address and an IP address of the terminal of the Internet of things or the name of the terminal of the Internet of things;
alternatively, the first and second electrodes may be,
the Internet of things repeater sends an Internet of things terminal type table to the Internet of things terminal,
and the Internet of things repeater receives the basis sent by the Internet of things terminal and searches for the Internet of things terminal type matched with the Internet of things repeater according to the Internet of things terminal type table.
2. The utility model provides an thing networking repeater type based uplink data encryption controlling means which characterized in that, the device includes:
the receiving unit is used for receiving a data packet sent by the terminal of the Internet of things in a Bluetooth, WIFI or Zigbee communication mode;
the identification unit is used for identifying the type of the terminal of the Internet of things;
the searching unit is used for searching a first encryption unit corresponding to the type in a preset type and encryption unit mapping table according to the type; the encryption unit comprises an encryption algorithm, and the encryption algorithm comprises a triple data encryption algorithm, a message digest algorithm or an RSA encryption algorithm;
the encryption unit is used for calling the first encryption unit to encrypt the data packet;
the sending unit is used for sending the encrypted data packet to the access point of the Internet of things in an LTE communication mode;
the encryption unit is specifically configured to generate a key pair, where the key pair includes: the sending unit is used for sending the data packet after encryption processing through a first path and sending the private key through a second path; the first path or the second path is obtained by calculation through a shortest path priority algorithm or a shortest time delay priority algorithm;
the encryption unit is specifically configured to invoke the first encryption unit to encrypt the data packet, where if a signal modulation mode of analyzing the data packet to obtain the data packet is quadrature phase shift keying, a phase number with energy in the quadrature phase shift keying is obtained, a value obtained by sequencing the phase numbers in sequence is used as a key, and the key is adopted to invoke the first encryption unit to encrypt the data packet; if the encryption is successful, carrying out subsequent steps, if the encryption is unsuccessful, calling a spare encryption unit of the first encryption unit to encrypt the data packet, and adding the identifier of the spare encryption unit to a packet header extension field of the encrypted data packet;
the identification unit is specifically configured to identify a type of the internet of things terminal through the identifier of the internet of things terminal, where the type includes: the intelligent lamp, the intelligent television, the intelligent cleaning equipment, the intelligent sleeping equipment or the intelligent monitoring equipment, wherein the identification comprises a media access address and an IP address of the terminal of the Internet of things or the name of the terminal of the Internet of things;
alternatively, the first and second electrodes may be,
the identification unit is specifically used for sending an Internet of things terminal type table to the Internet of things terminal, receiving the basis sent by the Internet of things terminal, and finding out the Internet of things terminal type matched with the identification unit from the Internet of things terminal type table.
3. A computer storage medium, wherein the computer storage medium may store a program that, when executed by a processor, performs the method of claim 1.
CN201710593623.8A 2017-07-20 2017-07-20 Type-based uplink data encryption control method and device for Internet of things repeater Active CN107493571B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201710593623.8A CN107493571B (en) 2017-07-20 2017-07-20 Type-based uplink data encryption control method and device for Internet of things repeater
PCT/CN2017/100751 WO2019015038A1 (en) 2017-07-20 2017-09-06 Encryption control method and device for type-based uplink data of internet of things repeater

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710593623.8A CN107493571B (en) 2017-07-20 2017-07-20 Type-based uplink data encryption control method and device for Internet of things repeater

Publications (2)

Publication Number Publication Date
CN107493571A CN107493571A (en) 2017-12-19
CN107493571B true CN107493571B (en) 2020-04-14

Family

ID=60644580

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710593623.8A Active CN107493571B (en) 2017-07-20 2017-07-20 Type-based uplink data encryption control method and device for Internet of things repeater

Country Status (2)

Country Link
CN (1) CN107493571B (en)
WO (1) WO2019015038A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110740109A (en) * 2018-07-18 2020-01-31 慧与发展有限责任合伙企业 Network device, method for security, and computer-readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104394143A (en) * 2014-11-24 2015-03-04 青岛海尔软件有限公司 Internet of Things equipment and Internet of Things server communicating method and device
CN105281904A (en) * 2014-06-06 2016-01-27 佛山市顺德区美的电热电器制造有限公司 Message data encryption method and system, internet of things server and internet of things terminal
CN105722069A (en) * 2016-03-24 2016-06-29 深圳市创百通讯科技有限公司 Mobile terminal capable of encrypting voice information and encryption method thereof

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5069327B2 (en) * 2010-03-25 2012-11-07 株式会社バッファロー Wireless LAN relay device, wireless communication system, and control method for wireless LAN relay device
GB2586549B (en) * 2013-09-13 2021-05-26 Vodafone Ip Licensing Ltd Communicating with a machine to machine device
CN104539439B (en) * 2015-01-12 2019-02-15 中国联合网络通信集团有限公司 Data transmission method and terminal
CN105337981A (en) * 2015-11-18 2016-02-17 上海新储集成电路有限公司 Relay device, update method and method for performing data interaction between devices
CN105897784B (en) * 2016-07-01 2019-03-26 三星电子(中国)研发中心 Internet-of-things terminal equipment encryption communication method and device
CN106254327A (en) * 2016-07-28 2016-12-21 努比亚技术有限公司 Information processor and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105281904A (en) * 2014-06-06 2016-01-27 佛山市顺德区美的电热电器制造有限公司 Message data encryption method and system, internet of things server and internet of things terminal
CN104394143A (en) * 2014-11-24 2015-03-04 青岛海尔软件有限公司 Internet of Things equipment and Internet of Things server communicating method and device
CN105722069A (en) * 2016-03-24 2016-06-29 深圳市创百通讯科技有限公司 Mobile terminal capable of encrypting voice information and encryption method thereof

Also Published As

Publication number Publication date
CN107493571A (en) 2017-12-19
WO2019015038A1 (en) 2019-01-24

Similar Documents

Publication Publication Date Title
CN106686070B (en) Database data migration method, device, terminal and system
TWI481213B (en) System and method for facilitating wireless communication
US10893573B2 (en) D2D communication method, remote user equipment, and relay user equipment
EP4164265A1 (en) Communication establishment method and terminal
CN112566113B (en) Key generation and terminal network distribution method, device and equipment
CN108353442B (en) Delegating a second network using a network
WO2018053894A1 (en) Internet-of-things access point handover method and device based on transmission rate
CN104378299A (en) Flow table entry processing method and device
WO2019041371A1 (en) Internet of things number-of-connections-based router switching method and device
JP2017539176A (en) Method and device for device configuration
JP2016208513A (en) Repeating method and corresponding communication network device, system, computer program and computer readable storage medium
WO2018053895A1 (en) Type-based uplink data encryption control method and device for internet-of-things access point
WO2019019282A1 (en) Method for internet of things terminal to sequentially encrypt data, and apparatus
CN107483203B (en) Time-interval encryption method and device for data received by Internet of things access point
WO2019019280A1 (en) Method for internet of things terminal to encrypt data according to time periods, and apparatus
CN107493571B (en) Type-based uplink data encryption control method and device for Internet of things repeater
CN106488483B (en) Method for configuring WIFI gateway equipment and corresponding gateway equipment
CN107360566B (en) Type-based uplink data encryption control method and device for Internet of things terminal
CN105451367A (en) Wireless network connection method, device and system
WO2019015041A1 (en) Time division encryption method and device for data of internet of things repeater
JP2014207608A (en) Radio relay system between ieee802.11 standard communication and ieee802.15.4 standard communication
CN107302538B (en) Sub-equipment encryption method and device for data received by AP (Access Point) of Internet of things
WO2019015039A1 (en) Internet of things repeater-based method and apparatus for selective encryption
WO2019019287A1 (en) Random encryption method and apparatus for internet of things terminal data
WO2019015037A1 (en) Internet of things access point-based method and device for selective encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant