CN107911370A

CN107911370A - A kind of data ciphering method and device, data decryption method and device

Info

Publication number: CN107911370A
Application number: CN201711173848.4A
Authority: CN
Inventors: 国承斌; 党君利; 吴刚; 张涛; 明晨辉
Original assignee: Shenzhen Mixlinker Network Co Ltd
Current assignee: Shenzhen Mixlinker Network Co Ltd
Priority date: 2017-11-22
Filing date: 2017-11-22
Publication date: 2018-04-13

Abstract

The embodiment of the invention discloses a kind of data ciphering method and device, data decryption method and device, computer installation, readable storage medium storing program for executing, for ensureing the transmission security of device data.The data ciphering method includes：Obtain the device data of corresponding industrial equipment；Symmetric cryptography is carried out to device data using default symmetric key, obtains encryption device data, and asymmetric encryption is carried out to default symmetric key using default asymmetric public key, obtains key data；By encryption device data and key data transmission to Internet of Things application service system.

Description

A kind of data ciphering method and device, data decryption method and device

Technical field

The present invention relates to field of information security technology, more particularly to a kind of data ciphering method and device, data deciphering side Method and device, computer installation, readable storage medium storing program for executing.

Background technology

At present, for industrial circle (for example, compressor, generating set, diesel engine, Industrial Boiler, steam turbine, water process Device, some chemical process device, automatic production line, machining apparatus, producing line, material transferring equipment and packaging facilities etc.) and Speech, whether the operation of industrial equipment is good, is related to the quality of life and the performance of enterprises of general public.Therefore, how phase is obtained The data of industrial circle are answered, and using the data equipment in corresponding industrial circle is controlled and to seem outstanding with state analysis etc. To be important.

However, in the transmitting procedure of data, it is understood that there may be data cause data the problems such as illegally capturing or intercept Leakage, it is also possible to illegal there are data is distorted, but for some industrial circles, this is not only possible to cause confidential data It is illegal open, it is also possible to influence the safety operation of its equipment, security risk is very high.Therefore, it is necessary to a kind of method to ensure Data transmission security in industrial circle.

The content of the invention

An embodiment of the present invention provides a kind of data ciphering method and device, data decryption method and device, computer dress Put, readable storage medium storing program for executing, for ensureing the transmission security of device data.

In view of this, the present invention provides a kind of data ciphering method, applied to things-internet gateway, it may include：

Obtain the device data of corresponding industrial equipment；

Symmetric cryptography is carried out to device data using default symmetric key, obtains encryption device data, and it is non-using presetting Symmetrical public key carries out asymmetric encryption to default symmetric key, obtains key data；

By encryption device data and key data transmission to Internet of Things application service system.

Further, using default symmetric key to device data carry out symmetric cryptography, obtain encryption device data it Before, method further includes：

Default symmetric key is generated using default symmetry algorithm.

Further, before using the default default symmetric key of symmetry algorithm generation, method further includes：

Detect whether there is default asymmetric public key；

If so, the step of then triggering presets symmetric key using default symmetry algorithm generation.

Further, asymmetric encryption is being carried out to default symmetric key using default asymmetric public key, is obtaining cipher key number According to before, method further includes：

The default asymmetric public key that service supporting platform is sent is received, asymmetric public key is preset and is utilized for service supporting platform Default asymmetric arithmetic generation；

The default asymmetric public key of storage.

Further, encryption device data and key data transmission to Internet of Things application service system are included：

By encryption device data and key data transmission to Internet of Things cloud platform, so that Internet of Things cloud platform sets encryption Standby data and key data transmission are to Internet of Things application service system.

Further, encryption device data and key data are reported to Internet of Things cloud platform includes：

Encryption device data and key data are transmitted to Internet of Things cloud platform with default message format respectively.

Further, generating default symmetric key using default symmetry algorithm includes：

Detect whether to reconnect successfully with Internet of Things cloud platform；

If so, then using the default default symmetric key of symmetry algorithm generation, and using default symmetric key as Internet of Things net Close and device data encryption key of the Internet of Things cloud platform during present communications.

Second aspect of the present invention provides a kind of data decryption method, applied to Internet of Things application service system, it may include：

Obtain from the encryption device data of the corresponding industrial equipment of things-internet gateway transmission and set for decrypting encryption The key data of standby data, encryption device data are asymmetric cryptography data, and key data is asymmetric cryptography data；

Asymmetric decryption is carried out to key data using default asymmetric privacy keys, obtains default symmetric key；

Encryption device data are symmetrically decrypted using default symmetric key, obtain device data.

Further, obtain from the encryption device data of the corresponding industrial equipment of things-internet gateway transmission and for solving The key data of close encryption device data includes：

The encryption device data of corresponding industrial equipment are obtained from Internet of Things cloud platform and for decrypting encryption device number According to key data, encryption device data and key data report to Internet of Things cloud platform for things-internet gateway.

The encryption device data and use of corresponding industrial equipment are obtained from Internet of Things cloud platform according to preset period of time In the key data of decryption encryption device data.

Further, asymmetric decryption is being carried out to key data using default asymmetric privacy keys, obtained default symmetrical close Before key, method further includes：

Default asymmetric privacy keys are obtained from the Authentication Center of Internet of Things cloud platform, default asymmetric privacy keys are put down for business support Platform is generated using default asymmetric arithmetic and is transmitted to Authentication Center.

Further, method further includes：

Queue storage is carried out to device data sequentially in time.

Third aspect present invention provides a kind of data encryption device, applied to things-internet gateway, it may include：

Acquiring unit, for obtaining the device data of corresponding industrial equipment；

Encryption unit, for carrying out symmetric cryptography to device data using default symmetric key, obtains encryption device data, And asymmetric encryption is carried out to default symmetric key using default asymmetric public key, obtain key data；

Transmission unit, for by encryption device data and key data transmission to Internet of Things application service system.

Further, device further includes：

Generation unit, for utilizing the default default symmetric key of symmetry algorithm generation.

Further, device further includes：

Detection unit, for detecting whether there is default asymmetric public key；

Trigger element, is given birth to for when there is default asymmetric public key, then triggering generation unit using default symmetry algorithm Into default symmetric key.

Further, device further includes：

Receiving unit, for receiving the default asymmetric public key of service supporting platform transmission, it is industry to preset asymmetric public key Support platform of being engaged in is generated using default asymmetric arithmetic；

Storage unit, for storing default asymmetric public key.

Further, transmission unit, is specifically used for：

Further, generation unit, is specifically used for：

Fourth aspect present invention provides a kind of data decryption apparatus, applied to Internet of Things application service system, it may include：

First acquisition unit, for obtain from things-internet gateway transmission corresponding industrial equipment encryption device data with And for decrypting the key data of encryption device data, encryption device data are asymmetric cryptography data, and key data is asymmetric Encryption data；

First decryption unit, for carrying out asymmetric decryption to key data using default asymmetric privacy keys, is preset Symmetric key；

Second decryption unit, for symmetrically being decrypted to encryption device data using default symmetric key, obtains equipment Data.

Further, first acquisition unit, is specifically used for：

Internet of Things application service system obtains corresponding industrial equipment according to preset period of time from Internet of Things cloud platform Encryption device data and the key data for decrypting encryption device data.

Further, device further includes：

Second acquisition unit, for obtaining default asymmetric privacy keys from the Authentication Center of Internet of Things cloud platform, it is non-right to preset Private key is referred to as that service supporting platform is generated using default asymmetric arithmetic and is transmitted to Authentication Center.

Further, device further includes：

Storage unit, for carrying out queue storage to device data sequentially in time.

Fifth aspect present invention provides a kind of computer installation, and computer installation includes processor, and processor is used to perform During the computer program stored in memory, following steps are realized：

Obtain the device data of corresponding industrial equipment；

Sixth aspect present invention provides a kind of computer-readable recording medium, is stored thereon with computer program, computer When program is executed by processor, following steps are realized：

Obtain the device data of corresponding industrial equipment；

Seventh aspect present invention provides a kind of computer installation, and computer installation includes processor, and processor is used to perform During the computer program stored in memory, following steps are realized：

Internet of Things application service system obtains the encryption device data of the corresponding industrial equipment from things-internet gateway transmission And for decrypting the key data of encryption device data, encryption device data are asymmetric cryptography data, and key data is non-right Claim encryption data；

Internet of Things application service system carries out asymmetric decryption using default asymmetric privacy keys to key data, is preset Symmetric key；

Internet of Things application service system symmetrically decrypts encryption device data using default symmetric key, obtains equipment Data.

Eighth aspect present invention provides a kind of computer-readable recording medium, is stored thereon with computer program, computer When program is executed by processor, following steps are realized：

As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages：

The present invention provides a kind of data ciphering method, in the transmitting procedure of the device data of industrial equipment, Ke Yixian Symmetric cryptography is carried out to device data using default symmetric key, and default unsymmetrical key is added using default asymmetric public key It is close, then by the key data transmission obtained after the encryption device data and asymmetric encryption that are obtained after symmetric cryptography to Internet of Things Application service system.Thus, by way of above-mentioned symmetric cryptography is combined with asymmetric encryption, not only realize to device data Encryption, to ensure the transmission security of device data, and due to also being carried out to the encrypted default symmetric key of device data Encryption, then when needing to encryption device data deciphering, it is necessary to key data be decrypted in advance, so as to further enhance The security of device data.

Brief description of the drawings

Fig. 1 is data ciphering method one embodiment schematic diagram in the embodiment of the present invention；

Fig. 2 is another embodiment schematic diagram of data ciphering method in the embodiment of the present invention；

Fig. 3 is data decryption method one embodiment schematic diagram in the embodiment of the present invention；

Fig. 4 is another embodiment schematic diagram of data decryption method in the embodiment of the present invention；

Fig. 5 be the embodiment of the present invention in data encryption to data deciphering interaction schematic diagram；

Fig. 6 is data encryption device one embodiment schematic diagram in the embodiment of the present invention；

Fig. 7 is another embodiment schematic diagram of data encryption device in the embodiment of the present invention；

Fig. 8 is another embodiment schematic diagram of data encryption device in the embodiment of the present invention；

Fig. 9 is another embodiment schematic diagram of data encryption device in the embodiment of the present invention；

Figure 10 is data decryption apparatus one embodiment schematic diagram in the embodiment of the present invention；

Figure 11 is another embodiment schematic diagram of data decryption apparatus in the embodiment of the present invention；

Figure 12 is another embodiment schematic diagram of data decryption apparatus in the embodiment of the present invention.

Embodiment

In order to make those skilled in the art more fully understand the present invention program, below in conjunction with the embodiment of the present invention Attached drawing, is clearly and completely described the technical solution in the embodiment of the present invention, it is clear that described embodiment is only The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people Member's all other embodiments obtained without making creative work, should all belong to the model that the present invention protects Enclose.

Term " first ", " second ", " the 3rd " in description and claims of this specification and above-mentioned attached drawing, " The (if present)s such as four " are for distinguishing similar object, without for describing specific order or precedence.It should manage The data that solution so uses can exchange in the appropriate case, so that the embodiments described herein can be with except illustrating herein Or the order beyond the content of description is implemented.In addition, term " comprising " and " having " and their any deformation, it is intended that Cover it is non-exclusive include, for example, containing the process of series of steps or unit, method, system, product or equipment need not limit In those steps or unit for clearly listing, but may include not list clearly or for these processes, method, production The intrinsic other steps of product or equipment or unit.

For ease of understanding, the idiographic flow in the embodiment of the present invention is described below, referring to Fig. 1, the present invention is real Applying data ciphering method one embodiment in example includes：

101st, the device data of corresponding industrial equipment is obtained；

In the present embodiment, things-internet gateway can correspond to one or more industrial equipments, in order to learn the fortune of industrial equipment Row state simultaneously realizes the control to industrial equipment, and things-internet gateway can be connected with corresponding industrial equipment, and be obtained corresponding The device data of industrial equipment.

Specifically, industrial equipment is in itself as a kind of equipment with operation function, and without the energy for obtaining data Power and the communication capacity with external equipment, but device controller can be installed on industrial equipment, things-internet gateway can lead to Cross and be connected with device controller, so as to obtain the device data of industrial equipment on device controller；Alternatively, things-internet gateway also may be used With direct external sensor, sensor can be deployed in around industrial equipment, for gathering the number of devices on industrial equipment periphery According to for example, temperature, humidity etc..

Things-internet gateway in the embodiment of the present invention, is a intelligent gateway for being directed to industrial Internet of Things, including data Acquisition module, communication module, locating module, data processing chip module etc., can dock multiple industrial equipments or sensor at the same time, Support Ethernet interface (Ethernet), RS485 serial ports, RS232 serial ports, uplink mode, or the GPRS such as be wirelessly transferred, The wireless transmission methods such as 433MHZ, 2.4GHZ, WI-FI.Different communication protocol and multiple servers are supported to exchange data.Collect number According to functions such as collection, data transfer, communication management, data receiver, protocol conversion, data processing forwardings.

It is understood that in the present embodiment only with above-mentioned description of contents the device data of the corresponding industrial equipment of acquisition Concrete mode, in practical applications, other manner can also be used, as long as the number of devices of corresponding industrial equipment can be obtained According to being not specifically limited herein.

In the present embodiment, industrial equipment can include but is not limited to compressor, generating set, diesel engine, Industrial Boiler, vapour Turbine, water treatment facilities and packaging facilities, are not specifically limited herein.

102nd, symmetric cryptography is carried out to device data using default symmetric key, obtains encryption device data, and using in advance If asymmetric public key carries out asymmetric encryption to default symmetric key, key data is obtained；

In the present embodiment, after the device data for obtaining corresponding industrial equipment, default symmetric key can be utilized to equipment Data carry out symmetric cryptography, obtain encryption device data, and default symmetric key can be carried out using default asymmetric public key Asymmetric encryption, obtains key data.

Wherein, symmetric cryptography only includes a key, which is not only used to encrypt but also for decrypting；It is asymmetric to add Close then to include a key pair, i.e. a public key and a private key, one of key can be disclosed outwardly, be known as public affairs Key, another key not being disclosed then are known as private key, and the key obtained by asymmetric arithmetic is to can guarantee that in world wide Inside unique, but using this key to when, if with one of key encrypt one piece of data, it is necessary to use another Secret key decryption.

Specifically, since default symmetric key needs to carry out asymmetric encryption, then default asymmetric privacy keys are not only existed, In the presence of default asymmetric public key corresponding with default asymmetric privacy keys.Assuming that default asymmetric public key is A, asymmetric privacy keys are preset For B, it is C, device data D to preset symmetric key, then C can be encrypted to obtain key data using A, can be with profit D is encrypted with C to obtain encryption device data.

In the present embodiment, A, B and/or C can be randomly generated by things-internet gateway, can also be by things-internet gateway from the 3rd Side obtains, and is not specifically limited herein.

103rd, by encryption device data and key data transmission to Internet of Things application service system.

, can be by encryption device data and key data after obtaining encryption device data and key data in the present embodiment Internet of Things application service system is transmitted to, thus completes transmission of the device data from encryption end to decrypting end.

Wherein, decrypting end of the Internet of Things application service system as device data, the industry that can be subscribed under its ownership are set Standby all encryption device data and corresponding key data so that corresponding application platform can obtain corresponding industry and set Standby device data is used accordingly.

It is understood that in the present embodiment, in encryption device data and the transmitting procedure of key data, except Internet of Things Net gateway is directly transmitted to Internet of Things application service system, can also carry out turning transmission via miscellaneous equipment, meanwhile, encryption is set The transmission of standby data and key data, can be active transmission by things-internet gateway or by Internet of Things application service The active obtaining of system, is not specifically limited herein.

Preferably, in the present embodiment, in order to decrypt the real-time of encryption device data in decrypting end, key data can be first Generated in encryption device data, and can be prior to encryption device data transfer to Internet of Things application service system.

, can be first with default symmetric key pair in the transmitting procedure of the device data of industrial equipment in the present embodiment Device data carries out symmetric cryptography, and using default asymmetric public key to default asymmetric-key encryption, then by after symmetric cryptography The key data transmission obtained after obtained encryption device data and asymmetric encryption is to Internet of Things application service system.By This, by way of above-mentioned symmetric cryptography is combined with asymmetric encryption, not only realizes the encryption to device data, is set with ensureing The transmission security of standby data, and due to also being encrypted to the encrypted default symmetric key of device data, then in needs pair , it is necessary to which key data is decrypted in advance during encryption device data deciphering, so as to further enhance the safety of device data Property.

Referring to Fig. 2, another embodiment of data ciphering method includes in the embodiment of the present invention：

201st, the default asymmetric public key that service supporting platform is sent is received；

In the present embodiment, things-internet gateway can be communicated to connect with service supporting platform, and service supporting platform can connect At least one things-internet gateway, service supporting platform can utilize default asymmetric arithmetic as each things-internet gateway generation one To key pair, i.e., default asymmetric public key and default asymmetric privacy keys.In order to enable things-internet gateway can be non-right using presetting Public key is claimed to be encrypted accordingly, service supporting platform can send default asymmetric public key to things-internet gateway, then Internet of Things Net gateway can receive the default asymmetric public key of service supporting platform transmission.

Specifically, service supporting platform is the application management system of Internet of Things cloud platform, including Internet of Things application service system System management module, things-internet gateway management module, flow use monitoring module, charge on traffic module etc..Can manage it is all Internet of Things application service system, all things-internet gateways to communicate with Internet of Things cloud platform of management registered in Internet of Things cloud platform (offline or presence), manages charge on traffic of all things-internet gateways, etc..

Wherein, service supporting platform can be managed connected at least one things-internet gateway, and be each A things-internet gateway distributes corresponding ID, to distinguish each things-internet gateway.Service supporting platform is each things-internet gateway Generate a pair of secret keys to after, default asymmetric public key can be sent to things-internet gateway be used for encrypt use, can also will Default asymmetric privacy keys are sent to the Authentication Center of Internet of Things cloud platform, to need to encrypted using default asymmetric public key When data are decrypted, corresponding default asymmetric privacy keys can be obtained from Authentication Center.

Wherein, the data processing maincenter that Internet of Things cloud platform is made of multiple server zones, each cluster is by more Physical server is formed, its overall capacity, is the summation that oncurrent processing ability can be carried on all separate unit physical servers, it Ensure that on multiple ground redundancy backup center can be established, data service is interrupted in no instance.And possess powerful Data Concurrent disposal ability, possesses hundred million grades of high concurrent disposal ability and Millisecond personalization event triggering ability, therefore can be very The things-internet gateway connection of million grades good of support, efficient transceiving data.

The specific effect of Internet of Things cloud platform is also embodied in the corresponding data that can receive things-internet gateway transmission, and preserves These data；Safeguard a series of logic rules, such as：Incidence relation, Early-warning Model, threshold value control, boundary condition setting etc. Deng；Data are arranged, organized, associated, are analyzed；According to logic rules, a series of trigger mechanism is formed；Give Internet of Things net Close lower photos and sending messages (data)；The corresponding data received from things-internet gateway, there is provided to other platforms etc..Internet of Things cloud platform Authentication Center can carry out authentication to the equipment for accessing Internet of Things cloud platform, to strengthen the peace of default asymmetric privacy keys Quan Xing.

202nd, default asymmetric public key is stored；

In the present embodiment, after things-internet gateway receives the default asymmetric public key that service supporting platform is sent, it can store The default asymmetric public key.

Specifically, default asymmetric public key can be stored in local memory or the caching of things-internet gateway, work as Internet of Things When there is default asymmetric public key in the local memory of gateway, it is meant that default asymmetric public key can be by service supporting platform one Secondary generation and permanent use, but when default asymmetric public key is stored in caching, it is meant that default asymmetric public key only exists Caching can use when not being eliminated, once caching is removed, then service supporting platform needs weight for the things-internet gateway Newly-generated default asymmetric public key.

In the present embodiment, in order to reduce the computational load of the default asymmetric public key of generation, it is preferred that default asymmetric public key It can be stored in local memory.

203rd, the device data of corresponding industrial equipment is obtained；

Step 203 in the present embodiment is identical with the step 101 in embodiment illustrated in fig. 1, and details are not described herein again.

204th, detect whether there is default asymmetric public key, if so, step 205 is then performed, if it is not, then performing step 209；

In the present embodiment, since default symmetric key needs to carry out asymmetric encryption using default asymmetric public key, then In the case where things-internet gateway can not obtain default asymmetric public key, the encryption to presetting symmetric key can not be realized, also It can not strengthen the security of device data.Thus, it is possible to whether deposited in the local memory of detection things-internet gateway or caching in advance In default asymmetric public key.

In general, in step 202 after the default asymmetric public key of things-internet gateway storage, if default asymmetric public key is deposited It is stored in local memory, then things-internet gateway need not obtain default asymmetric public key from service supporting platform each time, but be Avoid that default asymmetric public key sends not in time or the reason such as deletion of caching and caused by preset asymmetric public key and do not deposit The occurrence of symmetric key can not be encrypted is being preset caused by, can needed each time using default asymmetric During public key, it whether there is default asymmetric public key to things-internet gateway and detected accordingly.

205th, detect whether to reconnect successfully with Internet of Things cloud platform, if so, step 206 is then performed, if it is not, then performing Step 209；

In the present embodiment, if there is default asymmetric public key in things-internet gateway, then things-internet gateway can be detected whether With Internet of Things cloud platform successful connection.

Specifically, things-internet gateway, which can send access request to Internet of Things cloud platform, Internet of Things cloud platform, passes through authentication Center can authenticate the things-internet gateway of request access, and the things-internet gateway of illegal unauthorized is not accessible, thing Cloud platform of networking will not be to things-internet gateway feedback link information.Thus, things-internet gateway is if authorized, Internet of Things net Close and can access, then Internet of Things cloud platform can feed back a link information to things-internet gateway, if things-internet gateway receives company Information is connect, then it is authenticating the result is that legal, allowance Internet of Things to may indicate that Internet of Things cloud platform does the things-internet gateway of access Net gateway accessing, things-internet gateway are established according to link information and Internet of Things cloud platform and connected；If things-internet gateway does not receive To link information, show that Internet of Things cloud platform does the things-internet gateway of access authenticating the result is that illegal, or Internet of Things There occurs other mistakes during gateway accessing Internet of Things cloud platform.

In the present embodiment, since things-internet gateway needs to Internet of Things cloud platform then there was only encrypted data transfer When things-internet gateway and Internet of Things cloud platform successful connection are only possible to realize, if conversely, things-internet gateway and Internet of Things cloud platform Connection failure, then can not transmit encrypted data, also avoid the need for default symmetric key of the generation for encryption device data, To reduce the waste of computing resource.Thus, before the default symmetric key of generation, can detect in advance things-internet gateway whether with Internet of Things cloud platform successful connection.

206th, generate default symmetric key using default symmetry algorithm, and using default symmetric key as things-internet gateway and Device data encryption key of the Internet of Things cloud platform during present communications；

In the present embodiment, if things-internet gateway reconnects successfully with Internet of Things cloud platform, things-internet gateway can profit Default symmetric key is generated with default symmetry algorithm, and is existed default symmetric key as things-internet gateway and Internet of Things cloud platform Device data encryption key during present communications.

It is understood that for the sake of security, default symmetric cryptographic key can not be a fixed symmetric key, I.e. after things-internet gateway reconnects successfully with Internet of Things cloud platform each time, things-internet gateway can generate one default pair Claim key, and be stored in caching and temporarily use, then can be with as long as that is, things-internet gateway does not disconnect with Internet of Things cloud platform Always using the default symmetric key, but once things-internet gateway with being disconnected after Internet of Things cloud platform successful connection and heavy New things-internet gateway will generate a new default symmetric key and be used when establishing connection, and this is new default symmetrical Key is as things-internet gateway and device data cryptographic key of the Internet of Things cloud platform during present communications.

207th, symmetric cryptography is carried out to device data using default symmetric key, obtains encryption device data, and using in advance If asymmetric public key carries out asymmetric encryption to default symmetric key, key data is obtained；

Step 207 in the present embodiment is identical with the step 102 in embodiment illustrated in fig. 1, and details are not described herein again.

208th, by encryption device data and key data transmission to Internet of Things cloud platform, so that Internet of Things cloud platform will add Close device data and key data transmission are to Internet of Things application service system；

In the present embodiment, Internet of Things cloud platform can be connected with least one things-internet gateway, can get magnanimity Device data, in order to improve the treatment effeciency of the device data of magnanimity, what Internet of Things cloud platform can send things-internet gateway Data are associated, analyze and the operation such as logical process, so that Internet of Things application service system is used, are then being encrypted After device data and key data, things-internet gateway can equal encryption device data and key data transmission to Internet of Things cloud Platform so that Internet of Things cloud platform can by encryption device data and key data transmission to Internet of Things application service system, from And analysis of the Internet of Things application service system to the data of reception can be reduced and operated with processing, reduce Internet of Things application service system The resource load of system.

In the embodiment of the present invention, it is preferable that Internet of Things application service system, is an industrial Internet of Things application service system System, using modularized design, can flexibly show the device data received from Internet of Things cloud platform.It can be matched somebody with somebody according to user demand Each application module is set to, such as equipment operating data real-time management monitoring module, device management module, maintenance workform management mould Block, life cycle management module, warning information module, historical data module, operating right management module, contract management module, Work order workflow management module etc., it is easy to be easy-to-use, highly self-defined.

In the present embodiment, it is contemplated that the requirement for the data format that Internet of Things cloud platform can access, things-internet gateway obtain To after original device data, the data for reporting to Internet of Things cloud platform can be needed to be processed arrangement and formatting, from And it is changed into the data format that Internet of Things cloud platform can receive.Wherein, things-internet gateway can be by encryption device data and key Data are transmitted to Internet of Things cloud platform with default message format respectively.For example, default asymmetric public key is A, asymmetric private is preset Key is B, and it is C, device data D to preset symmetric key, then C can be encrypted to obtain the key of message format using A Data AC, can also be encrypted D to obtain the encryption device data CD of message format using C, and can send out AC, CD respectively Send to Internet of Things cloud platform.

It is understood that encryption device data and the data format of key data are except described above in the present embodiment Content outside, in practical applications, can also be using other data formats, as long as can be that Internet of Things cloud platform can connect The data format of receipts, is not specifically limited herein.

209th, other flows are performed.

In the present embodiment, if default asymmetric public key is not present in detection things-internet gateway, meaning can not be to default pair Claim key be encrypted, then other flows can be performed, be such as repeatedly detected whether existing default asymmetric public key, herein not It is specifically limited.

In the present embodiment, if detection things-internet gateway is not connected with success with Internet of Things cloud platform, mean no normal direction thing Cloud platform of networking transmission data, and default symmetric key need not be generated, then other flows can be performed, such as again to Internet of Things Net cloud platform initiates access request, is not specifically limited herein.

It is illustrated from data ciphering method side, data decryption method is illustrated above below：

Referring to Fig. 3, data decryption method one embodiment includes in the embodiment of the present invention：

301st, obtain from the encryption device data of the corresponding industrial equipment of things-internet gateway transmission and add for decrypting The key data of close device data；

In the present embodiment, decryption of the Internet of Things application service system as the encryption device data of corresponding industrial equipment End, can obtain the encryption device data of corresponding industrial equipment and the key data for decrypting the encryption device data, Remain to use so that encryption device data are decrypted.Wherein, encryption device data can be that things-internet gateway is encrypted symmetrical Encryption data, key data can be the encrypted asymmetric cryptography data of things-internet gateway.

For example, encryption device data D1 can be to carry out symmetric cryptography by device data D to obtain, key data C1 can be Asymmetric encryption is carried out by default symmetric key C to obtain.

302nd, asymmetric decryption is carried out to key data using default asymmetric privacy keys, obtains default symmetric key；

In the present embodiment, Internet of Things application service system gets encryption device data and encryption device data are corresponding After key data, asymmetric decryption can be carried out to key data using default asymmetric privacy keys, obtain default symmetric key.

Specifically, default asymmetric privacy keys are corresponding with default asymmetric public key during key data encryption, if default non- For asymmetric private key with default asymmetric public key this key to being generated by things-internet gateway, then presetting asymmetric privacy keys can be from Internet of Things Net gateway obtains；If default asymmetric privacy keys are with default asymmetric public key this key to by the third party beyond things-internet gateway Generation, then presetting asymmetric privacy keys can obtain from third party；If default asymmetric privacy keys are stored to third party by generation side, Default asymmetric privacy keys can be obtained from the third party.

For example, it is assumed that default asymmetric privacy keys be B, then can using B and asymmetric arithmetic to key data C1 into The asymmetric decryption of row, obtains default symmetric key C, and can reside in C stand-by in caching.

303rd, encryption device data are symmetrically decrypted using default symmetric key, obtains device data.

In the present embodiment, after Internet of Things application service system obtains default symmetric key, default symmetric key can be utilized Encryption device data are symmetrically decrypted, obtain device data.

For example, by transferring C in the buffer, encryption device data D can be carried out using C and symmetry algorithm asymmetric Decryption, obtains device data D, and can store D with stand-by.

Corresponding application platform can be issued in the device data of Internet of Things cloud platform storage, application platform is as one Application development platform, it is possible to achieve the function such as the management of device data, association, the device data that application platform receives can be all As shown on PC ends so that user can check the real-time running data of corresponding industrial equipment, equipment management, workform management, life Order cycle management, warning information, historical data, rights management etc..

Referring to Fig. 4, another embodiment of data decryption method includes in the embodiment of the present invention：

401st, the encryption device data of corresponding industrial equipment are obtained from Internet of Things cloud platform and is set for decrypting encryption The key data of standby data；

In the present embodiment, encryption device data and key for decrypting encryption device data are generated in things-internet gateway After data, if encryption device data and key data are reported to Internet of Things cloud platform, Internet of Things application by things-internet gateway Service system can obtain the encryption device data and key data of corresponding industrial equipment from Internet of Things cloud platform.

Specifically, it is stored in Internet of Things cloud platform when encryption device data and for the key data of encryption device data When upper, Internet of Things application service system can be subscribed to from Internet of Things cloud platform its ownership under equipment encryption device data and For decrypting the key data of the encryption device data.In practical applications, things-internet gateway is by encryption device data and right After the key data transmission answered to Internet of Things cloud platform, Internet of Things cloud platform can determine the encryption device data and corresponding Key data is that the industrial equipment of which device type produces, and the subscriber corresponding to the industrial equipment of different device types (i.e. Internet of Things application service system) be also it is different, then determine the corresponding industrial equipment of device data device type it Afterwards, Internet of Things cloud platform by the encryption device data and corresponding key data transmission to the industrial equipment with the device type In corresponding Internet of Things application service system so that encryption device data and corresponding key data can be transferred to Internet of Things Application service system.

Further, in order to avoid the not timing of encryption device data and corresponding key data and irregular Property, Internet of Things application service system can obtain adding for corresponding industrial equipment according to preset period of time from Internet of Things cloud platform Close device data and the key data for decrypting encryption device data, such as every other day obtain once corresponding industrial equipment Encryption device data and corresponding key data.

402nd, default asymmetric privacy keys are obtained from the Authentication Center of Internet of Things cloud platform；

In the present embodiment, after obtaining encryption device data and key data for decrypting the encryption device data, thing Working application service system can obtain default asymmetric privacy keys from the Authentication Center of Internet of Things cloud platform.Wherein, it is non-right to preset Private key can be referred to as that service supporting platform is generated using default asymmetric arithmetic and is transmitted to Authentication Center.

Specifically, the Authentication Center is security managing unit/authentication module in Internet of Things cloud platform, storage authentication is calculated Method and key, ensure the security of various security parameters, there is provided authentication parameter.

Specifically, after things-internet gateway is connected with service supporting platform, service supporting platform can be things-internet gateway A pair of secret keys pair is generated, i.e., default asymmetric public key and default asymmetric privacy keys.Wherein, default asymmetric privacy keys can be by business Support platform is stored to the Authentication Center of Internet of Things cloud platform, to remain to carry out the decryption of corresponding data, presets asymmetric privacy keys It can then be stored by service supporting platform to things-internet gateway, to remain to carry out the encryption of corresponding data.

In practical applications, Internet of Things application service system is got by presetting the encrypted key data of asymmetric privacy keys Afterwards, private key can be sent to the Authentication Center of Internet of Things cloud platform and obtains request, it is corresponding pre- to obtain default asymmetric privacy keys If asymmetric privacy keys, after Authentication Center receives private key acquisition request, it is corresponding pre- request lookup can be obtained according to the private key If asymmetric privacy keys, and this can be preset to asymmetric privacy keys and be back to Internet of Things application service system, so that Internet of Things should Asymmetric privacy keys can be preset with service system according to this key data is decrypted.

Further, in the present embodiment, in order to strengthen data safety, Authentication Center after receiving private key and obtaining request, Request can be obtained according to the private key and authentication, the feelings only passed through in authentication are carried out to Internet of Things application service system Under condition, default asymmetric privacy keys can be just fed back to Internet of Things application service system, so as to be conducive to prevent default asymmetric privacy keys Unauthorized theft.

403rd, asymmetric decryption is carried out to key data using default asymmetric privacy keys, obtains default symmetric key；

404th, encryption device data are symmetrically decrypted using default symmetric key, obtains device data.

Step 403 in the present embodiment is identical to step 303 with 302 in embodiment illustrated in fig. 3 to step 404, herein Repeat no more.

Further, in the present embodiment, encryption device data deciphering is obtained device data by Internet of Things application service system Afterwards, device data can be subjected to queue storage sequentially in time, which can be such as decryption time, it is possible thereby to just Set for chronologically-based pair in the chronologically-based management and application platform to device data of Internet of Things application service system The acquisition of standby data.

Data ciphering method, data decryption method has been separately described above, referring to Fig. 5, below from the encryptions of data to Decryption realizes that flow carries out exemplary interaction explanation：

501st, service supporting platform is the default asymmetric public key of things-internet gateway generation and default asymmetric privacy keys；

It is understood that things-internet gateway can include one or more, when things-internet gateway includes more than one, Each things-internet gateway can be corresponding with a default asymmetric public key and a default asymmetric public key.

Wherein, the corresponding default asymmetric public key of multiple things-internet gateways and default asymmetric privacy keys can with Mass production, It single can also generate, be not specifically limited herein.

502nd, service supporting platform sends default asymmetric public key to things-internet gateway, so that things-internet gateway stores Default asymmetric public key；

It is understood that in the present embodiment, the default asymmetric public key of service supporting platform generation and default asymmetric private After key, corresponding default asymmetric public key can be manually imported things-internet gateway, can also be obtained by third party's program default Things-internet gateway is automatically imported after asymmetric public key, rather than by service supporting platform and things-internet gateway direct communication, by industry Business support platform is sent to things-internet gateway, is not specifically limited herein.

Wherein, default asymmetric public key can be stored in the encryption IC of things-internet gateway.

503rd, service supporting platform sends default asymmetric privacy keys to the Authentication Center of Internet of Things cloud platform, so that mirror Power central store presets asymmetric privacy keys；

It is understood that the step 503 in the present embodiment can perform before step 502, can also be with step 502 Perform, be not specifically limited herein at the same time.

504th, things-internet gateway detects whether to reconnect successfully with Internet of Things cloud platform；

If the 505, successful connection, things-internet gateway presets symmetric key using default symmetry algorithm generation, and will be default Symmetric key is as things-internet gateway and device data encryption key of the Internet of Things cloud platform during present communications；

506th, things-internet gateway obtains the device data of corresponding industrial equipment；

507th, things-internet gateway carries out symmetric cryptography using default symmetric key to device data, obtains encryption device number According to, and asymmetric encryption is carried out to default symmetric key using default asymmetric public key, obtain key data；

508th, things-internet gateway is by encryption device data and key data transmission to Internet of Things cloud platform；

509th, Internet of Things application service system obtains the encryption device data of corresponding industrial equipment from Internet of Things cloud platform And for decrypting the key data of encryption device data；

510th, Internet of Things application service system obtains default asymmetric privacy keys from the Authentication Center of Internet of Things cloud platform；

511st, Internet of Things application service system carries out asymmetric decryption using default asymmetric privacy keys to key data, obtains Default symmetric key；

512nd, Internet of Things application service system symmetrically decrypts encryption device data using default symmetric key, obtains Device data.

Step 501 to step 512 may be referred to the content illustrated in preceding method embodiment in the present embodiment, herein no longer Repeat.

The data ciphering method in the embodiment of the present invention, data decryption method are illustrated above, below to this hair Data encryption device, data decryption apparatus in bright embodiment illustrate：

Referring to Fig. 6, data encryption device one embodiment includes in the embodiment of the present invention：

Acquiring unit 601, for obtaining the device data of corresponding industrial equipment；

Encryption unit 602, for carrying out symmetric cryptography to device data using default symmetric key, obtains encryption device number According to, and asymmetric encryption is carried out to default symmetric key using default asymmetric public key, obtain key data；

Transmission unit 603, for by encryption device data and key data transmission to Internet of Things application service system.

, can be first by encryption unit 602 using in advance in the transmitting procedure of the device data of industrial equipment in the present embodiment If the device data that symmetric key obtains acquiring unit 601 carries out symmetric cryptography, and using default asymmetric public key to default Asymmetric-key encryption, then by transmission unit 603 by after the encryption device data and asymmetric encryption that are obtained after symmetric cryptography Obtained key data transmission is to Internet of Things application service system.Thus, combined by above-mentioned symmetric cryptography with asymmetric encryption Mode, the encryption to device data is not only realized, to ensure the transmission security of device data, and due to device data Encrypted default symmetric key is also encrypted, then when needing to encryption device data deciphering, it is necessary in advance to cipher key number According to being decrypted, so as to further enhance the security of device data.

Optionally, in some embodiments of the invention, based on Fig. 6, as shown in fig. 7, device can further include：

Generation unit 604, for utilizing the default default symmetric key of symmetry algorithm generation.

Optionally, in some embodiments of the invention, based on Fig. 7, as shown in figure 8, device can further include：

Detection unit 605, for detecting whether there is default asymmetric public key；

Trigger element 606, for when there is default asymmetric public key, then triggering generation unit using default symmetry algorithm The default symmetric key of generation.

Optionally, in some embodiments of the invention, based on Fig. 8, as shown in figure 9, device can further include：

Receiving unit 607, for receiving the default asymmetric public key of service supporting platform transmission, default asymmetric public key is Service supporting platform is generated using default asymmetric arithmetic；

Storage unit 608, for storing default asymmetric public key.

Optionally, in some embodiments of the invention, transmission unit 603, can further be specifically used for：

Optionally, in some embodiments of the invention, generation unit 604, can further be specifically used for：

Detect whether and Internet of Things cloud platform successful connection；

If so, then utilize the default default symmetric key of symmetry algorithm generation.

Referring to Fig. 10, data decryption apparatus one embodiment includes in the embodiment of the present invention：

First acquisition unit 1001, for obtaining the encryption device number of the corresponding industrial equipment from things-internet gateway transmission According to this and for decrypting the key datas of encryption device data, encryption device data are asymmetric cryptography data, and key data is non- Asymmetric cryptography data；

First decryption unit 1002, for carrying out asymmetric decryption to key data using default asymmetric privacy keys, obtains Default symmetric key；

Second decryption unit 1003, for symmetrically being decrypted to encryption device data using default symmetric key, is obtained Device data.

Optionally, in some embodiments of the invention, first acquisition unit 1001, can further be specifically used for：

Optionally, in some embodiments of the invention, based on Figure 10, as shown in figure 11, device can also be wrapped further Include：

Second acquisition unit 1004, for obtaining default asymmetric privacy keys from the Authentication Center of Internet of Things cloud platform, presets Asymmetric privacy keys are generated using default asymmetric arithmetic for service supporting platform and are transmitted to Authentication Center.

Optionally, in some embodiments of the invention, based on Figure 11, as shown in figure 12, device can also be wrapped further Include：

Storage unit 1005, for carrying out queue storage to device data sequentially in time.

The angle of slave module functional entity carries out the data encryption in the embodiment of the present invention, data decryption apparatus above Description, is below described the computer installation in the embodiment of the present invention from the angle of hardware handles：

Based on data encryption device, Computer device one embodiment of the embodiment of the present invention includes：

Processor and memory；

Memory is used to store computer program, can when processor is used to perform the computer program stored in memory To realize following steps：

Obtain the device data of corresponding industrial equipment；

In some embodiments of the invention, when processor is used to perform the computer program stored in memory, may be used also To realize following steps：

Default symmetric key is generated using default symmetry algorithm.

Detect whether there is default asymmetric public key；

Detect whether to reconnect successfully with Internet of Things application service system；

The default asymmetric public key of storage.

Encryption device data and key data are reported into Internet of Things cloud platform, so that Internet of Things cloud platform sets encryption Standby data and key data transmission are to Internet of Things application service system.

Encryption device data and key data are transmitted to Internet of Things application service system with default message format respectively.

Based on data decryption apparatus, Computer device one embodiment of the embodiment of the present invention includes：

Processor and memory；

Queue storage is carried out to device data sequentially in time.

It is understood that when the processor in the computer installation of described above performs the computer program, also may be used To realize the function of each unit in above-mentioned corresponding each device embodiment, details are not described herein again.Exemplary, the computer journey Sequence can be divided into one or more module/units, and one or more of module/units are stored in the memory In, and performed by the processor, to complete the present invention.One or more of module/units can be can complete it is specific The series of computation machine programmed instruction section of function, the instruction segment are used to describe the computer program in the data encryption device Or the implementation procedure in data decryption apparatus.For example, the computer program can be divided into above-mentioned data encryption device Each unit, each unit can realize the concrete function as described in above-mentioned corresponding data encryption device.

The computer installation can be that the calculating such as desktop PC, notebook, palm PC and cloud server are set It is standby.The computer installation may include but be not limited only to processor, memory.It will be understood by those skilled in the art that processor, Memory is only the example of computer installation, does not form the restriction to computer installation, can be included more or fewer Component, either combines some components or different components, such as the computer installation can also be set including input and output Standby, network access equipment, bus etc..

The processor can be central processing unit (Central Processing Unit, CPU), can also be it His general processor, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field- Programmable GateArray, FPGA) either other programmable logic device, discrete gate or transistor logic, Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor Deng the processor is the control centre of the computer installation, utilizes various interfaces and the whole computer installation of connection Various pieces.

The memory can be used for storing the computer program and/or module, and the processor is by running or performing The computer program and/or module being stored in the memory, and the data being stored in memory are called, described in realization The various functions of computer installation.The memory can mainly include storing program area and storage data field, wherein, storage program Area can storage program area, application program needed at least one function etc.；Storage data field can store the use according to terminal Data created etc..In addition, memory can include high-speed random access memory, non-volatile memories can also be included Device, such as hard disk, memory, plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other volatibility are consolidated State memory device.

Based on data ciphering method, present invention also offers a kind of computer-readable recording medium, this is computer-readable to deposit Computer program is stored with storage media, when computer program is executed by processor, it is possible to achieve following steps：

Obtain the device data of corresponding industrial equipment；

In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor When, it can also realize following steps：

Default symmetric key is generated using default symmetry algorithm.

Detect whether there is default asymmetric public key；

The default asymmetric public key of storage.

Based on data decryption method, present invention also offers a kind of computer-readable recording medium, this is computer-readable to deposit Computer program is stored with storage media, when computer program is executed by processor, it is possible to achieve following steps：

Queue storage is carried out to device data sequentially in time.

If it is understood that the integrated unit is realized in the form of SFU software functional unit and is used as independent production Product are sold or in use, can be stored in a corresponding computer read/write memory medium.Based on such understanding, this hair The bright all or part of flow realized in above-mentioned corresponding embodiment method, can also be instructed relevant by computer program Hardware is completed, and the computer program can be stored in a computer-readable recording medium, which is being located Manage when device performs, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the computer program includes computer program generation Code, the computer program code can be source code form, object identification code form, executable file or some intermediate forms Deng.The computer-readable medium can include：Any entity or device, the record of the computer program code can be carried It is medium, USB flash disk, mobile hard disk, magnetic disc, CD, computer storage, read-only storage (ROM, Read-OnlyMemory), random Access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..Need It is noted that the content that includes of the computer-readable medium can be according to legislation in jurisdiction and patent practice will Ask and carry out appropriate increase and decrease, such as in some jurisdictions, do not included according to legislation and patent practice, computer-readable medium Electric carrier signal and telecommunication signal.

It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, may be referred to the corresponding process in preceding method embodiment, details are not described herein.

In several embodiments provided herein, it should be understood that disclosed system, apparatus and method can be with Realize by another way.For example, device embodiment described above is only schematical, for example, the unit Division, is only a kind of division of logic function, can there is other dividing mode, such as multiple units or component when actually realizing Another system can be combined or be desirably integrated into, or some features can be ignored, or do not perform.It is another, it is shown or The mutual coupling, direct-coupling or communication connection discussed can be the indirect coupling by some interfaces, device or unit Close or communicate to connect, can be electrical, machinery or other forms.

The unit illustrated as separating component may or may not be physically separate, be shown as unit The component shown may or may not be physical location, you can with positioned at a place, or can also be distributed to multiple In network unit.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.

In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also That unit is individually physically present, can also two or more units integrate in a unit.

The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations；Although with reference to before Embodiment is stated the present invention is described in detail, it will be understood by those of ordinary skill in the art that：It still can be to preceding State the technical solution described in each embodiment to modify, or equivalent substitution is carried out to which part technical characteristic；And these Modification is replaced, and the essence of appropriate technical solution is departed from the spirit and scope of various embodiments of the present invention technical solution.

Claims

A kind of 1. data ciphering method, applied to things-internet gateway, it is characterised in that including：

Obtain the device data of corresponding industrial equipment；

Symmetric cryptography is carried out to the device data using default symmetric key, obtains encryption device data, and it is non-using presetting Symmetrical public key carries out asymmetric encryption to the default symmetric key, obtains key data；

By the encryption device data and the key data transmission to Internet of Things application service system.
2. according to the method described in claim 1, it is characterized in that, default symmetric key is utilized to the device data described Symmetric cryptography is carried out, before obtaining encryption device data, the method further includes：

The default symmetric key is generated using default symmetry algorithm.
3. according to the method described in claim 2, it is characterized in that, described default pair is generated using default symmetry algorithm described Before claiming key, the method further includes：

Detect whether that there are the default asymmetric public key；

If so, the step of then triggering generates the default symmetric key using default symmetry algorithm.
4. according to the method in any one of claims 1 to 3, it is characterised in that utilize default asymmetric privacy keys described Asymmetric encryption is carried out to the default symmetric key, before obtaining key data, the method further includes：

The default asymmetric public key that service supporting platform is sent is received, the default asymmetric public key is the business support Platform is generated using default asymmetric arithmetic；

Store the default asymmetric public key.
It is 5. according to the method described in claim 4, it is characterized in that, described by the encryption device data and the key data Being transmitted to Internet of Things application service system includes：

By the encryption device data and the key data transmission to Internet of Things cloud platform, so that the Internet of Things cloud platform By the encryption device data and the key data transmission to Internet of Things application service system.
It is 6. according to the method described in claim 5, it is characterized in that, described by the encryption device data and the key data Being transmitted to Internet of Things cloud platform includes：

The encryption device data and the key data are transmitted to Internet of Things cloud platform with default message format respectively.
7. according to the method described in claim 6, it is characterized in that, described generate described preset symmetrically using default symmetry algorithm Key includes：

Detect whether to reconnect successfully with the Internet of Things cloud platform；

If so, the default symmetric key then is generated using default symmetry algorithm, and using the default symmetric key as described in Things-internet gateway and device data encryption key of the Internet of Things cloud platform during present communications.
A kind of 8. data decryption method, applied to Internet of Things application service system, it is characterised in that including：

Obtain from the encryption device data of the corresponding industrial equipment of things-internet gateway transmission and set for decrypting the encryption The key data of standby data, the encryption device data are asymmetric cryptography data, and the key data is asymmetric cryptography data；

Asymmetric decryption is carried out to the key data using default asymmetric privacy keys, obtains default symmetric key；

The encryption device data are symmetrically decrypted using the default symmetric key, obtain device data.
9. the according to the method described in claim 8, it is characterized in that, corresponding industry obtained from things-internet gateway transmission The encryption device data of equipment and the key data for decrypting the encryption device data include：

The encryption device data of corresponding industrial equipment are obtained from Internet of Things cloud platform and for decrypting the encryption device number According to key data, the encryption device data and the key data report to the Internet of Things cloud for things-internet gateway and put down Platform.
10. the according to the method described in claim 9, it is characterized in that, corresponding work obtained from things-internet gateway transmission The encryption device data of industry equipment and the key data for decrypting the encryption device data include：

According to preset period of time the encryption device data of corresponding industrial equipment are obtained from Internet of Things cloud platform and for solving The key data of the close encryption device data.
11. the method according to any one of claim 8 to 10, it is characterised in that utilize default asymmetric public affairs described Key carries out asymmetric decryption to the key data, and before obtaining default symmetric key, the method further includes：

The default asymmetric privacy keys are obtained from the Authentication Center of the Internet of Things cloud platform, the default asymmetric privacy keys are industry Business support platform is generated using default asymmetric arithmetic and is transmitted to the Authentication Center.
12. according to the method for claim 11, it is characterised in that the method further includes：

Queue storage is carried out to the device data sequentially in time.
A kind of 13. data encryption device, applied to things-internet gateway, it is characterised in that including：

Acquiring unit, for obtaining the device data of corresponding industrial equipment；

Encryption unit, for carrying out symmetric cryptography to the device data using default symmetric key, obtains encryption device data, And asymmetric encryption is carried out to the default symmetric key using default asymmetric public key, obtain key data；

Transmission unit, for by the encryption device data and the key data transmission to Internet of Things application service system.
A kind of 14. data decryption apparatus, applied to Internet of Things application service system, it is characterised in that including：

First acquisition unit, for obtaining the encryption device data and use of the corresponding industrial equipment from things-internet gateway transmission In the key data for decrypting the encryption device data, the encryption device data are asymmetric cryptography data, the key data For asymmetric cryptography data；

First decryption unit, for carrying out asymmetric decryption to the key data using default asymmetric privacy keys, is preset Symmetric key；

Second decryption unit, for symmetrically being decrypted to the encryption device data using the default symmetric key, is obtained Device data.
A kind of 15. computer installation, it is characterised in that：The computer installation includes processor, and the processor is used to perform Realized during the computer program stored in memory as described in any one in claim 1 to 7 the step of data ciphering method.
16. a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that：The computer program Realized when being executed by processor as described in any one in claim 1 to 7 the step of data ciphering method.
A kind of 17. computer installation, it is characterised in that：The computer installation includes processor, and the processor is used to perform The step of the data decryption method as described in any one in claim 8 to 12 is realized during the computer program stored in memory Suddenly.
18. a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that：The computer program Realized when being executed by processor as described in any one in claim 8 to 12 the step of data decryption method.