CN107888603A - A kind of registration of Internet of Things smart machine, authentication method and Internet of Things - Google Patents

A kind of registration of Internet of Things smart machine, authentication method and Internet of Things Download PDF

Info

Publication number
CN107888603A
CN107888603A CN201711183397.2A CN201711183397A CN107888603A CN 107888603 A CN107888603 A CN 107888603A CN 201711183397 A CN201711183397 A CN 201711183397A CN 107888603 A CN107888603 A CN 107888603A
Authority
CN
China
Prior art keywords
smart machine
control terminal
access server
information
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711183397.2A
Other languages
Chinese (zh)
Other versions
CN107888603B (en
Inventor
宁晓魁
张超
胡永亮
杨爱蓉
姚铸
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National Certification Technology (Chongqing) Co.,Ltd.
Original Assignee
National Certified Technology (beijing) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National Certified Technology (beijing) Co Ltd filed Critical National Certified Technology (beijing) Co Ltd
Priority to CN201711183397.2A priority Critical patent/CN107888603B/en
Publication of CN107888603A publication Critical patent/CN107888603A/en
Application granted granted Critical
Publication of CN107888603B publication Critical patent/CN107888603B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of registration of Internet of Things smart machine, authentication method and Internet of Things, register method to include:Control terminal of the telecommunication terminal equipment as smart machine is chosen in advance, and the control terminal has the public key and private key of pairing with access server, and the control terminal storage has subscriber identity information;Subscriber identity information, control terminal device information and the smart machine information that access server is sent according to control terminal secret key signature carry out smart machine and the identity registration for controlling terminal and binding;Notice control terminal and smart machine succeed in registration after identity registration and binding success.The degree of safety of Internet of Things smart machine can be effectively lifted using the present invention.

Description

A kind of registration of Internet of Things smart machine, authentication method and Internet of Things
Technical field
The present invention relates to internet of things field, the more particularly to a kind of registration of Internet of Things smart machine, authentication method and thing Networking.
Background technology
Internet of Things smart machine is increasingly popularized, therefore the safety management for smart machine is more and more urgent.Using hand Management of the mobile terminals such as machine to smart machine is conventional way to manage, but mobile terminal, access server and intelligence are set Communication security between standby is also weaker.
The content of the invention
The invention provides a kind of registration of Internet of Things smart machine, authentication method and Internet of Things, solves prior art Internet of Things The problem of safety ratio of net smart machine is weaker.
The invention provides a kind of Internet of Things smart machine register method, including:
Control terminal of the telecommunication terminal equipment as smart machine, the control terminal and access service utensil are chosen in advance There are the public key and private key of pairing, and the control terminal storage has subscriber identity information;
Subscriber identity information, control terminal device information and the intelligence that access server is sent according to control terminal secret key signature Can identity registration and binding of the facility information progress smart machine with control terminal;
Notice control terminal and smart machine succeed in registration after identity registration and binding success.
Preferably, the access server is according to subscriber identity information, the control terminal for controlling terminal secret key signature transmission Facility information and smart machine information, which carry out smart machine and the identity registration for controlling terminal and binding, to be included:
Establish point-to-point communication link between smart machine and control terminal;
Terminal is controlled to send subscriber identity information and control terminal public key to smart machine;
It is after smart machine creates smart machine private key and smart machine public key according to control terminal public key, smart machine is public Key and smart machine information are sent to control terminal;
Terminal is controlled to send out subscriber identity information, smart machine information, control terminal device information and smart machine public key Give access server;
Access server carries out identity veritification to control terminal, is carried out after identity is veritified and passed through using subscriber identity information Registration verification;
After registration verification passes through, access server is believed according to family identity information, smart machine information, control terminal device Breath carries out identity combination mandate to smart machine and control terminal.
Preferably, the control terminal is by controlling terminal secret key signature to send subscriber identity information, control terminal device Information, smart machine information and smart machine public key are to access server;
The access server carries out identity veritification by the public key to match with control terminal secret key, then utilizes user Identity information carries out registration verification.
Preferably, after succeeding in registration, the register method also includes:
Smart machine sends the message of smart machine private key signature to ask to be connected with access server to access server;
Access server veritifies identity using smart machine public key to message, and accessing intelligence after identity is veritified and passed through sets It is standby.
Correspondingly, present invention also offers a kind of Internet of Things smart machine authentication method, including:
User authentication information of the smart machine by smart machine public key and comprising subscriber identity information enters in control terminal Row identity is veritified and sign test certification;
Smart machine identity veritify and sign test certification by when, send smart machine private key signature to access server Message is to ask to be connected with access server;
Access server veritifies identity using smart machine public key to message, and accessing intelligence after identity is veritified and passed through sets It is standby.
Preferably, user authentication information of the smart machine by smart machine public key and comprising subscriber identity information exists Control terminal, which carries out identity, to be veritified includes with sign test certification:
Establish point-to-point communication link between smart machine and control terminal;
The user authentication information that smart machine sends control terminal public key encryption gives control terminal;
Control terminal is using controlling terminal secret key to carry out identity veritification and sign test certification to user authentication information, by rear Notify smart machine.
Preferably, controlling terminal, identity is veritified and sign test certification is by rear, the certification using controlling terminal secret key to carry out Method also includes:
The control terminal sends the management instruction of smart machine to the access server;
The access server is sent to smart machine by instruction is managed.
Correspondingly, present invention also offers a kind of Internet of Things, including:
The mutually smart machine of communication connection, control terminal and access server, the control terminal and access server Public key and private key with pairing, and the control terminal storage has subscriber identity information;
Access server is used for the subscriber identity information according to control terminal transmission, control terminal device information, intelligence and set Standby information, smart machine public key, carry out smart machine and control identity registration and the binding of terminal, and to smart machine private key The message of signature carries out identity veritification, and smart machine is accessed after identity is veritified and passed through;
Control terminal is used for when smart machine request is connected with access server, to the user authentication information of smart machine Identity veritification and sign test certification are carried out with control terminal public key, can ask to connect with access server by rear notice smart machine Connect.
Preferably, controlling terminal, identity is veritified and sign test certification is by rear using controlling terminal secret key to carry out, the control Terminal is additionally operable to send the management instruction of smart machine to the access server, and the access server is sent instruction is managed To smart machine, to control smart machine.
It is preferably, described that to control terminal be mobile phone, the subscriber identity information include it is following any one or more:
Cell-phone number, user name and email address.
A kind of registration of Internet of Things smart machine, authentication method and Internet of Things provided by the invention, including:Telecommunications is chosen in advance Control terminal of the terminal device as smart machine, the control terminal have the public key and private key of pairing with access server, And the control terminal storage has subscriber identity information;The user identity that access server is sent according to control terminal secret key signature Information, control terminal device information and smart machine information carry out smart machine and the identity registration for controlling terminal and binding; Notice control terminal and smart machine succeed in registration after identity registration and binding success.Due to control terminal and access service Device was successfully connected, and therefore, control terminal can be as the control terminal of safety, then by controlling terminal to believe user identity Breath, control terminal device information and smart machine information are sent to access server, thus can be whole by the control of safety End carries out identity registration to smart machine to lift smart machine networking security, and can tie up smart machine and control terminal It is fixed, in order to by controlling terminal control smart machine.
Further, Internet of Things smart machine register method provided in an embodiment of the present invention, smart machine and control are established Point-to-point communication link between terminal, can so avoid smart machine from having been exposed to internet in the case of without permission Open environment under it is caused dangerous, and smart machine can be in the environment of it can not network by controlling terminal to be noted Volume.
Further, Internet of Things smart machine register method provided in an embodiment of the present invention, additionally provide smart machine and The identity registration of terminal and the specific method of binding are controlled, can be held by this method with the terminal of safety with smart machine Hand, the control terminal after shaking hands successfully using the terminal as smart machine, and communicated by way of encryption, Jin Erke With by controlling terminal that smart machine public key is sent to access server, in order to which access server utilizes smart machine public key Identity is veritified to smart machine, effectively improves the networking degree of safety of smart machine.
Further, Internet of Things smart machine authentication method provided in an embodiment of the present invention, asked in smart machine with connecing When entering server and being connected, it is necessary first to control terminal-pair smart machine to carry out identity and veritify and sign test certification, smart machine is logical It can just ask to be connected with access server on the premise of crossing, so effectively increase the degree of safety of smart machine networking.
Further, Internet of Things smart machine authentication method provided in an embodiment of the present invention, smart machine and control are established Point-to-point communication link between terminal, the point-to-point connection cause smart machine in the case of without control authorization terminal not It can directly ask to be connected with access server, thus improve the security of smart machine networking.
Further, Internet of Things provided in an embodiment of the present invention, by controlling terminal request to register and binding, and in intelligence When device request is connected with access server, identity veritification and sign test certification are carried out to smart machine, intelligence is effectively increased and sets The degree of safety of standby networking.
Brief description of the drawings
, below will be to institute in embodiment in order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art The accompanying drawing needed to use is briefly described, it should be apparent that, drawings in the following description are only one described in the present invention A little embodiments, for those of ordinary skill in the art, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the first flow chart according to Internet of Things smart machine register method provided in an embodiment of the present invention;
Fig. 2 is second of flow chart according to Internet of Things smart machine register method provided in an embodiment of the present invention;
Fig. 3 is the first flow chart according to Internet of Things smart machine authentication method provided in an embodiment of the present invention;
Fig. 4 is second of flow chart according to Internet of Things smart machine authentication method provided in an embodiment of the present invention;
Fig. 5 is a kind of structural representation according to Internet of Things provided in an embodiment of the present invention.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end Same or similar label represents same or similar parameter or the element with same or like function.Below with reference to attached The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.
A kind of Internet of Things smart machine register method and Internet of Things provided by the invention, due to control terminal and access service Utensil has the public key and private key of pairing, can be securely and reliably communicate, therefore, control terminal can be as smart machine The control terminal of safety, then by controlling terminal by subscriber identity information, control terminal device information and smart machine information Access server is sent to, thus identity registration can be carried out to lift intelligence by the control terminal-pair smart machine of safety Equipment networking security, and can be in order to which smart machine and control terminal are bound, in order to by controlling terminal-pair intelligently to set It is standby to be manipulated.
In order to be better understood from technical scheme and technique effect, below with reference to schematic flow sheet to specific Embodiment is described in detail.As shown in figure 1, the Internet of Things smart machine register method provided according to embodiments of the present invention The first flow chart, this method may comprise steps of:
Step S01, control terminal of the telecommunication terminal equipment as smart machine, the control terminal and access are chosen in advance Server has the public key and private key of pairing, and the control terminal storage has subscriber identity information.
In the present embodiment, telecommunication terminal equipment provides the function as necessary to user realizes access protocol.The telecommunications is whole End equipment speech, word, data and image information can be changed into electric signal or electromagnetic signal is sent out, and will receive Electricity or electromagnetic signal are restored to original speech, word, data and image information.Specifically, the control terminal can be phone Mechanical, electrical report machine, mobile phone, data terminal set, microcomputer, facsimile machine, television set, OAS, computer System etc..Wherein, control terminal to be used to establish a point-to-point communication link between smart machine, control terminal-pair outer net For, smart machine without permission in the case of, control terminal just as outer net terminal device access, for example, control end End can be connected by rigid line, or the point-to-point connection that bluetooth, WiFi etc. are wireless, the point-to-point connection cause smart machine to exist It is not exposed in the case of without permission in the open environment of internet, thus improves the safety of smart machine networking Property.
Preferably, it is mobile phone that this, which controls terminal, passes through 3C certifications, SRMC certifications and CTA certifications etc., mobile phone The public key and private key of pairing are provided between the server of telecommunication supplier's offer, therefore between mobile phone and access server Communication security degree can be protected, therefore, can be point-to-point logical by being established between mobile phone and smart machine Interrogate link so that mobile phone obtains smart machine public key and smart machine information, is then sent to access by mobile phone Server carries out smart machine and the identity registration for controlling terminal and binding, so that smart machine is in unwarranted situation Under be not exposed in the open environment of internet, effectively improve smart machine networking security.
Step S02, subscriber identity information, control terminal device of the access server according to control terminal secret key signature transmission Information and smart machine information carry out smart machine and the identity registration for controlling terminal and binding.
In the present embodiment, subscriber identity information can be cell-phone number, number of registration of the control terminal in access server, User name, user cipher, mailbox etc., the subscriber identity information are used to be registered in access server, register verification, identity Used during veritification etc..Control terminal device information and smart machine information can be device hardware information, such as MAC Address, CPU Number etc. unique hardware information, will control terminal device information and smart machine information be sent to access server in order to control Terminal device and smart machine are bound.
Specifically, control terminal can obtain subscriber identity information, control by way of being manually entered or obtaining automatically Terminal device information and smart machine information.For example, terminal is controlled by establishing point-to-point communication link with smart machine, so Smart machine information request message is sent to smart machine afterwards, smart machine sends out smart machine information after receiving request message Give control terminal.Certainly, in order to improve Information Security, communication can be encrypted between smart machine and control terminal.
In addition, encryption communication is should also be between access server and control terminal, for example, control terminal passes through private key label Name sends above- mentioned information and carries out identity veritification to access server, access server using the public key to match, pass through in veritification When obtain above- mentioned information.
Step S03, notice control terminal and smart machine succeed in registration after identity registration and binding success.
In the present embodiment, after identity registration and binding success, access server enters to control terminal and smart machine Row combined authorization, and control terminal is sent relevant information to, control terminal notifies smart machine to note after relevant information is received Volume success.
Internet of Things smart machine register method provided in an embodiment of the present invention, telecommunication terminal equipment is chosen first as intelligence The control terminal of equipment, the control terminal has the public key and private key of pairing with access server, and the control terminal is deposited Contain subscriber identity information.Because control terminal had been successfully connected with access server, therefore, control terminal can conduct The control terminal of safety, then by controlling terminal by subscriber identity information, control terminal device information and smart machine information Access server is sent to, thus identity registration can be carried out to lift intelligence by the control terminal-pair smart machine of safety Networking security of the household before registration, and smart machine can be manipulated with the binding of control terminal.
As shown in Fig. 2 it is second of flow according to Internet of Things smart machine register method provided in an embodiment of the present invention Figure.
In the present embodiment, there is provided the specifically method of smart machine and the identity registration and binding of control terminal, tool Body, subscriber identity information that the access server is sent according to control terminal secret key signature, control terminal device information and Smart machine information, which carries out smart machine and the identity registration for controlling terminal and binding, to be included:
1. establish point-to-point communication link between smart machine and control terminal.
In the present embodiment, control terminal can be connected by rigid line, or the wireless connection such as bluetooth, WiFi is point-to-point Connection, the point-to-point connection cause smart machine to be not exposed in the case of without permission in the open environment of internet, Thus improve the security of networking.
2. terminal is controlled to send subscriber identity information and control terminal public key to smart machine.
Wherein, the control terminal public key is different from the public key and private key that control terminal has pairing with access server, is Control another control terminal public key of terminal generation.It should be noted that the smart machine can be one or more, i.e., one Individual control terminal can correspond to multiple smart machines.
After 3. smart machine creates smart machine private key and smart machine public key according to control terminal public key, by smart machine Public key and smart machine information are sent to control terminal.
Wherein, the identity that smart machine private key and smart machine public key are used between follow-up smart machine and access server To veritify, the smart machine public key needs to be sent to access server in a manner of encrypting controlling terminal first, such as with control The mode of terminal secret key signature processed sends the smart machine public key to access server.When smart machine is wished only to access service When device sends the information of encryption, private key signature can be carried out to the information to be sent using smart machine private key, be subsequently sent to On internet, access server receives and carries out identity veritification to message using smart machine public key after the message of private key signature, If veritification passes through, show that this message is destined to access server, and there is no smart machine private in other servers Key, therefore message can not be correctly decoded, this also indicates that the message is not that the message to other servers or for damage occurs.
It should be noted that smart machine public key and smart machine information can be sent to control terminal simultaneously, for example, Smart machine public key is encrypted using smart machine information, is then sent to control terminal, control terminal in decryption just Obtain smart machine information and smart machine public key simultaneously, naturally it is also possible to be to send by several times.In addition, when smart machine is more When individual, smart machine private key and smart machine public key that each smart machine has are different from.
4. terminal is controlled by subscriber identity information, smart machine information, control terminal device information and smart machine public key It is sent to access server.
Specifically, the control terminal is by controlling terminal secret key signature to send subscriber identity information, control terminal device Information, smart machine information and smart machine public key are to access server.Access server storage subscriber identity information, control are eventually End equipment information, smart machine information and smart machine public key.
5. access server carries out identity veritification using the public key of pairing to control terminal, utilized after identity is veritified and passed through Subscriber identity information carries out registration verification.
Specifically, the access server to control terminal with the public key that control terminal secret key matches by carrying out identity Veritify, then carry out registration verification using subscriber identity information.Registration verification includes but is not limited to:Whether user name available, Correctly whether mailbox form, whether correct, password meets the requirements identifying code, password repeatedly inputs checking etc..
6. after registration verification passes through, access server is according to family identity information, smart machine information, control terminal device Information carries out identity combination mandate to smart machine and control terminal.
This completes register and bind flow.Access server available notification controls the registered success of terminal, then By the registered success of control terminal notification smart machine.
Further, check whether to be connected with access server for the ease of smart machine, it is described after succeeding in registration Register method also includes:
7. smart machine to access server send smart machine private key signature message with ask and access server connect Connect.
8. access server veritifies identity using smart machine public key to message, accessing intelligence after identity is veritified and passed through sets It is standby, then carry out feedback of the information.
Internet of Things smart machine register method provided in an embodiment of the present invention, can be with the end of safety by the register method End is shaken hands with smart machine, the control terminal after shaking hands successfully using the terminal as smart machine, and passes through encryption Mode is communicated, and then can be by controlling terminal that smart machine public key is sent to access server, in order to access clothes Business device veritifies identity using smart machine public key to smart machine, effectively improves the networking degree of safety of smart machine.
As shown in figure 3, it is the first flow according to Internet of Things smart machine authentication method provided in an embodiment of the present invention Figure.
In the present embodiment, the Internet of Things smart machine authentication method includes:
Step S31, user authentication information of the smart machine by smart machine public key and comprising subscriber identity information are being controlled Terminal processed carries out identity and veritified and sign test certification.
Specifically, when smart machine request is connected with access server, first have to carry out identity core by smart machine Test with sign test certification, all on the premise of could to access server send access request message, so add intelligence The security of equipment networking.
Step S32, smart machine identity veritify and sign test certification by when, give access server to send smart machine private The message of key signature is to ask to be connected with access server.
The information such as user name, password can be included in the message, and these information are by after smart machine private key signature Information.
Step S33, access server veritify identity using smart machine public key to message, are accessed after identity is veritified and passed through Smart machine.
Access server is using the smart machine public key for controlling terminal to be sent to access server in registration process, to report Text veritifies identity, and smart machine is accessed after identity is veritified and passed through.
Internet of Things smart machine register method provided in an embodiment of the present invention, in smart machine request and access server phase Lian Shi, it is necessary first to carry out identity veritification and sign test certification with control terminal, just can ask and access on the premise of Server is connected, and so effectively increases the degree of safety of smart machine networking.
As shown in figure 4, it is second of flow according to Internet of Things smart machine authentication method provided in an embodiment of the present invention Figure.
In the present embodiment, give the smart machine control terminal carry out identity veritify and sign test certification it is specific Method, wherein, user authentication information of the smart machine by smart machine public key and comprising subscriber identity information is controlling Terminal, which carries out identity, to be veritified includes with sign test certification:
1. establish point-to-point communication link between smart machine and control terminal.
In the present embodiment, control terminal can be connected by rigid line, or the wireless connection such as bluetooth, WiFi is point-to-point Connection, the point-to-point connection cause smart machine directly to be asked and access service in the case of without control authorization terminal Device connects, and thus improves the security of smart machine networking.
2. the user authentication information that smart machine sends control terminal public key encryption gives control terminal.
3. control terminal is being passed through using controlling terminal secret key to carry out identity veritification and sign test certification to user authentication information After notify smart machine.
Further, controlling terminal, identity is veritified and sign test certification is by rear, the control using controlling terminal secret key to carry out Terminal processed is believed that smart machine is connected with access server, and then can be by controlling terminal-pair smart machine to be controlled System, the authentication method also include:
6. the control terminal sends the management instruction of smart machine to the access server.
7. the access server is sent to smart machine by instruction is managed.Wherein, the access server can use intelligence Can equipment public key management instruction is encrypted after be sent to smart machine, smart machine receives profit after the management instruction of encryption Management instruction is decrypted with smart machine private key.
Internet of Things smart machine authentication method provided in an embodiment of the present invention, establish point between smart machine and control terminal To the communication link of point, the point-to-point connection causes smart machine directly to be asked in the case of without control authorization terminal It is connected with access server, thus improves the security of smart machine networking.
Correspondingly, present invention also offers Internet of Things corresponding with the above method, as shown in figure 5, for according to of the invention real A kind of structural representation of the Internet of Things of example offer is applied, the Internet of Things can include:
The mutually smart machine of communication connection, control terminal and access server, the control terminal and access server Public key and private key with pairing, and the control terminal storage has subscriber identity information.
Access server is used for the subscriber identity information according to control terminal transmission, control terminal device information, intelligence and set Standby information, smart machine public key, carry out smart machine and control identity registration and the binding of terminal, and to smart machine private key The message of signature carries out identity veritification, and smart machine is accessed after identity is veritified and passed through.
Control terminal is used for when smart machine request is connected with access server, to the user authentication information of smart machine Identity veritification and sign test certification are carried out with control terminal public key, can ask to connect with access server by rear notice smart machine Connect.
Wherein, smart machine includes but is not limited to:Intelligent air purifier, intelligent curtain, intelligent water heater, intelligence electricity Depending on, intelligent refrigerator, intelligent video camera head, intelligent sound box etc..
It can be mobile terminal or fixed terminal to control terminal, it is preferred to use mobile terminal, in order to user whenever and wherever possible It is controlled using control terminal-pair smart machine.It is highly preferred that described, to control terminal be mobile phone, the user identity letter Breath include it is following any one or more:Cell-phone number, user name and email address.Preferably, smart machine and control terminal it Between establish point-to-point communication link.It should be noted that the smart machine can be multiple, built respectively between control terminal Point-to-point communication link is found, accordingly, each smart machine has a set of exclusive smart machine public key and smart machine private Key.
In other embodiments, controlling terminal, identity is veritified and sign test certification is by rear using controlling terminal secret key to carry out, The control terminal is additionally operable to send the management instruction of smart machine to the access server, and the access server will manage Instruction is sent to smart machine, to control smart machine.
Internet of Things provided in an embodiment of the present invention, by controlling terminal request to register and binding, and asked in smart machine When being connected with access server, user authentication information and the progress identity veritification of control terminal public key and sign test to smart machine are recognized Card, effectively increase the degree of safety of smart machine networking.
In the specification that this place provides, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention Example can be put into practice in the case of these no details.In some instances, known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help to understand one or more of each inventive aspect, Above in the description to the exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor The application claims of shield features more more than the feature being expressly recited in each claim.
The all parts embodiment of the present invention can be realized with hardware, or to be run on one or more processor Software module realize, or realized with combinations thereof.It will be understood by those of skill in the art that it can use in practice Microprocessor or digital signal processor (DSP) according to embodiments of the present invention are used for multioperation end remote control list to realize Some or all functions in the system of operation object.The present invention is also implemented as being used to perform method as described herein Some or all equipment or system program (such as computer program and computer program product).It is such to realize this The program of invention can store on a computer-readable medium, or can have the form of one or more signal.So Signal can download and obtain from the website of internet, can also be provided on carrier signal, or in the form of any other There is provided.

Claims (10)

  1. A kind of 1. Internet of Things smart machine register method, it is characterised in that including:
    Control terminal of the telecommunication terminal equipment as smart machine is chosen in advance, and the control terminal has with access server matches somebody with somebody To public key and private key, and it is described control terminal storage have subscriber identity information;
    Subscriber identity information, control terminal device information and the intelligence that access server is sent according to control terminal secret key signature are set Standby information carries out smart machine and the identity registration for controlling terminal and binding;
    Notice control terminal and smart machine succeed in registration after identity registration and binding success.
  2. 2. register method according to claim 1, it is characterised in that the access server is according to control terminal secret key label Subscriber identity information, control terminal device information and the smart machine information that name is sent carry out smart machine and control the body of terminal Part registration and binding include:
    Establish point-to-point communication link between smart machine and control terminal;
    Terminal is controlled to send subscriber identity information and control terminal public key to smart machine;
    After smart machine creates smart machine private key and smart machine public key according to control terminal public key, by smart machine public key and Smart machine information is sent to control terminal;
    Subscriber identity information, smart machine information, control terminal device information and smart machine public key are sent to by control terminal Access server;
    Access server carries out identity veritification to control terminal, is registered after identity is veritified and passed through using subscriber identity information Verification;
    After registration verification passes through, access server is according to family identity information, smart machine information, control terminal device information pair Smart machine and control terminal carry out identity combination mandate.
  3. 3. register method according to claim 2, it is characterised in that the control terminal is by controlling terminal secret key to sign Subscriber identity information, control terminal device information, smart machine information and smart machine public key are sent to access server;
    The access server carries out identity veritification by the public key to match with control terminal secret key, then utilizes user identity Information carries out registration verification.
  4. 4. register method according to claim 3, it is characterised in that after succeeding in registration, the register method also includes:
    Smart machine sends the message of smart machine private key signature to ask to be connected with access server to access server;
    Access server veritifies identity using smart machine public key to message, and smart machine is accessed after identity is veritified and passed through.
  5. A kind of 5. Internet of Things smart machine authentication method, it is characterised in that including:
    User authentication information of the smart machine by smart machine public key and comprising subscriber identity information carries out body in control terminal Part veritifies and sign test certification;
    Smart machine identity veritify and sign test certification by when, to access server send smart machine private key signature message It is connected with request with access server;
    Access server veritifies identity using smart machine public key to message, and smart machine is accessed after identity is veritified and passed through.
  6. 6. authentication method according to claim 5, it is characterised in that the smart machine passes through smart machine public key and bag User authentication information containing subscriber identity information carries out identity veritification and sign test certification in control terminal to be included:
    Establish point-to-point communication link between smart machine and control terminal;
    The user authentication information that smart machine sends control terminal public key encryption gives control terminal;
    Control terminal is passing through rear notice using controlling terminal secret key to carry out identity veritification and sign test certification to user authentication information Smart machine.
  7. 7. the authentication method according to claim 5 or 6, it is characterised in that control terminal is using controlling terminal secret key to carry out Identity is veritified and sign test certification is by rear, and the authentication method also includes:
    The control terminal sends the management instruction of smart machine to the access server;
    The access server is sent to smart machine by instruction is managed.
  8. A kind of 8. Internet of Things, it is characterised in that including:
    The mutually smart machine of communication connection, control terminal and access server, the control terminal have with access server The public key and private key of pairing, and the control terminal storage has subscriber identity information;
    Access server is used for the subscriber identity information, control terminal device information, smart machine letter sent according to control terminal Breath, smart machine public key, carry out smart machine and control identity registration and the binding of terminal, and to smart machine private key signature Message carry out identity veritification, identity veritify pass through after access smart machine;
    Control terminal is used for when smart machine request is connected with access server, user authentication information and control to smart machine Terminal public key processed carries out identity veritification and sign test certification, can ask to be connected with access server by rear notice smart machine.
  9. 9. Internet of Things according to claim 8, control terminal using controlling terminal secret key to carry out, veritified and sign test is recognized by identity After card passes through, it is characterised in that the control terminal is additionally operable to send the management instruction of smart machine to the access server, The access server is sent to smart machine by instruction is managed, to control smart machine.
  10. 10. Internet of Things according to claim 8 or claim 9, it is characterised in that described to control terminal be mobile phone, the use Family identity information include it is following any one or more:
    Cell-phone number, user name and email address.
CN201711183397.2A 2017-11-23 2017-11-23 Internet of things intelligent equipment registration and authentication method and Internet of things Active CN107888603B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711183397.2A CN107888603B (en) 2017-11-23 2017-11-23 Internet of things intelligent equipment registration and authentication method and Internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711183397.2A CN107888603B (en) 2017-11-23 2017-11-23 Internet of things intelligent equipment registration and authentication method and Internet of things

Publications (2)

Publication Number Publication Date
CN107888603A true CN107888603A (en) 2018-04-06
CN107888603B CN107888603B (en) 2020-08-04

Family

ID=61774728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711183397.2A Active CN107888603B (en) 2017-11-23 2017-11-23 Internet of things intelligent equipment registration and authentication method and Internet of things

Country Status (1)

Country Link
CN (1) CN107888603B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108540553A (en) * 2018-04-08 2018-09-14 中国联合网络通信集团有限公司 Internet of Things data management method, platform and equipment
CN110113355A (en) * 2019-05-22 2019-08-09 北京安护环宇科技有限公司 The cut-in method and device in Internet of Things cloud
CN110932947A (en) * 2019-11-27 2020-03-27 南京创维信息技术研究院有限公司 Equipment control method and device based on television terminal
CN112422479A (en) * 2019-08-22 2021-02-26 北京奇虎科技有限公司 Equipment binding method, device and system
CN112464205A (en) * 2020-11-20 2021-03-09 南京酷开智慧屏科技有限公司 Authority authentication system and method for contact connection equipment
CN113329056A (en) * 2021-04-30 2021-08-31 河海大学 Method, device and system for binding Internet of things device and user terminal
CN113726863A (en) * 2021-08-20 2021-11-30 珠海格力电器股份有限公司 Internet of things data transmission method and device and Internet of things cloud platform server
CN113965379A (en) * 2021-10-21 2022-01-21 镇伟 Networking method of intelligent household equipment
CN114448725A (en) * 2022-03-22 2022-05-06 北京一砂信息技术有限公司 Equipment authentication method, system and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404726A (en) * 2011-11-18 2012-04-04 重庆邮电大学 Distributed control method for information of accessing internet of things by user
US20140089366A1 (en) * 2012-09-21 2014-03-27 International Business Machines Corporation Techniques for Improving the Efficiency of Mixed Radix Fast Fourier Transform
CN103825745A (en) * 2014-03-13 2014-05-28 广州物联家信息科技股份有限公司 User authentication method and user authentication system based on Home-IOT cloud gate
CN103841119A (en) * 2014-03-25 2014-06-04 广州物联家信息科技股份有限公司 Method and system for achieving equipment access authentication based on Home-IOT cloud gateway
CN105467846A (en) * 2015-11-10 2016-04-06 广东安居宝数码科技股份有限公司 Intelligent household appliance control method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404726A (en) * 2011-11-18 2012-04-04 重庆邮电大学 Distributed control method for information of accessing internet of things by user
US20140089366A1 (en) * 2012-09-21 2014-03-27 International Business Machines Corporation Techniques for Improving the Efficiency of Mixed Radix Fast Fourier Transform
CN103825745A (en) * 2014-03-13 2014-05-28 广州物联家信息科技股份有限公司 User authentication method and user authentication system based on Home-IOT cloud gate
CN103841119A (en) * 2014-03-25 2014-06-04 广州物联家信息科技股份有限公司 Method and system for achieving equipment access authentication based on Home-IOT cloud gateway
CN105467846A (en) * 2015-11-10 2016-04-06 广东安居宝数码科技股份有限公司 Intelligent household appliance control method and system

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108540553B (en) * 2018-04-08 2019-08-13 中国联合网络通信集团有限公司 Internet of things data management method, platform and equipment
CN108540553A (en) * 2018-04-08 2018-09-14 中国联合网络通信集团有限公司 Internet of Things data management method, platform and equipment
CN110113355A (en) * 2019-05-22 2019-08-09 北京安护环宇科技有限公司 The cut-in method and device in Internet of Things cloud
CN112422479B (en) * 2019-08-22 2024-05-14 北京奇虎科技有限公司 Equipment binding method, device and system
CN112422479A (en) * 2019-08-22 2021-02-26 北京奇虎科技有限公司 Equipment binding method, device and system
CN110932947A (en) * 2019-11-27 2020-03-27 南京创维信息技术研究院有限公司 Equipment control method and device based on television terminal
CN112464205A (en) * 2020-11-20 2021-03-09 南京酷开智慧屏科技有限公司 Authority authentication system and method for contact connection equipment
CN113329056A (en) * 2021-04-30 2021-08-31 河海大学 Method, device and system for binding Internet of things device and user terminal
CN113329056B (en) * 2021-04-30 2023-12-01 河海大学 Binding method, binding device and binding system for Internet of things equipment and user terminal
CN113726863B (en) * 2021-08-20 2023-02-17 珠海格力电器股份有限公司 Internet of things data transmission method and device and Internet of things cloud platform server
CN113726863A (en) * 2021-08-20 2021-11-30 珠海格力电器股份有限公司 Internet of things data transmission method and device and Internet of things cloud platform server
CN113965379A (en) * 2021-10-21 2022-01-21 镇伟 Networking method of intelligent household equipment
CN114448725A (en) * 2022-03-22 2022-05-06 北京一砂信息技术有限公司 Equipment authentication method, system and storage medium

Also Published As

Publication number Publication date
CN107888603B (en) 2020-08-04

Similar Documents

Publication Publication Date Title
CN107888603A (en) A kind of registration of Internet of Things smart machine, authentication method and Internet of Things
JP7352008B2 (en) First element contactless card authentication system and method
CN101167388B (en) Limited supply access to mobile terminal features
CN105306211B (en) A kind of identity identifying method of client software
CN106101147B (en) A kind of method and system for realizing smart machine and the communication of remote terminal dynamic encryption
US20050188219A1 (en) Method and a system for communication between a terminal and at least one communication equipment
CN108512862A (en) Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques
CN107919962A (en) A kind of internet of things equipment registration and authentication method
CN104765999A (en) User resource information processing method, terminal and server
CN1842993B (en) Providing credentials
US20080288778A1 (en) Method for Generating and Verifying an Electronic Signature
CN103929748A (en) Internet of things wireless terminal, configuration method thereof and wireless network access point
CN110995710B (en) Smart home authentication method based on eUICC
WO2006101065A1 (en) Connection parameter setting system, method thereof, access point, server, radio terminal, and parameter setting device
CN104660567B (en) D2D terminal access authentications method, D2D terminals and server
CN106571915A (en) Terminal master key setting method and apparatus
CN111131416A (en) Business service providing method and device, storage medium and electronic device
CN107770194A (en) A kind of customer identity registration, authentication method and car networking
CN107749799A (en) Distribution method, apparatus, system and the computer-readable recording medium of home appliance
CN105376059A (en) Method and system for performing application signature based on electronic key
CN113132977A (en) Network distribution method, network distribution system and computer readable storage medium
CN105634884B (en) A kind of control instruction wiring method, intelligent home furnishing control method and relevant apparatus
CN113411184A (en) Integrated management terminal device and integrated management method
CN102547702B (en) User authentication method, system and password processing device
CN105812218A (en) Method for realizing multi-VPN-protocol application access, middleware and mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: Part 4-5, No. 789 Jingwei Avenue, Shiyou Road Street, Yuzhong District, Chongqing 400042

Patentee after: National Certification Technology (Chongqing) Co.,Ltd.

Address before: 100080 No.303, 3 / F, digital media building, No.7 Shangdi Information Road, Haidian District, Beijing

Patentee before: GUOMIN AUTHENTICATION TECHNOLOGY (BEIJING) CO.,LTD.