CN107968736B - Intelligent home system, information encryption method and device and terminal - Google Patents
Intelligent home system, information encryption method and device and terminal Download PDFInfo
- Publication number
- CN107968736B CN107968736B CN201711260484.3A CN201711260484A CN107968736B CN 107968736 B CN107968736 B CN 107968736B CN 201711260484 A CN201711260484 A CN 201711260484A CN 107968736 B CN107968736 B CN 107968736B
- Authority
- CN
- China
- Prior art keywords
- timestamp
- control information
- gateway
- information
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L12/2816—Controlling appliance services of a home automation network by calling their functionalities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L12/2807—Exchanging configuration information on appliance services in a home automation network
- H04L12/2814—Exchanging control software or macros for controlling appliance services in a home automation network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Landscapes
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Selective Calling Equipment (AREA)
Abstract
The invention discloses an intelligent home system, an information encryption method, an information encryption device and a terminal, and belongs to the technical field of computer application. This intelligent home systems includes: the terminal is communicated with the gateway through a local area network, when the terminal generates control information according to control operation, a timestamp sent by the gateway is added to the control information, and the control information added with the timestamp is encrypted and then sent to the gateway; the gateway receives the encrypted information sent by the terminal, decrypts the encrypted information to obtain the control information, then obtains the timestamp in the control information, and sends the control information to the related household equipment when the time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold. In addition, an information encryption method, an information encryption device and a terminal are also provided. The intelligent home system, the information encryption method, the information encryption device and the terminal can ensure the communication safety in the local area network and improve the safety of home equipment control through the local area network.
Description
Technical Field
The invention relates to the technical field of computer application, in particular to an intelligent home system, an information encryption method, an information encryption device and a terminal.
Background
With the high-speed development of the intelligent home technology, more and more home devices are intelligentized. The terminals such as the mobile phone and the tablet personal computer are used as control terminals of the intelligent home, are in communication connection with the gateway, and form an intelligent home system together with the home equipment, so that intelligent control over the home equipment is achieved.
In the intelligent home system, in order to avoid the control of home equipment from being carried out by tools and ensure the safety of communication, control information needs to be encrypted. At present, when the smart home system controls the home devices, the terminal a encrypts the control information according to the preset secret key and then sends the encrypted control information to the gateway B, and then the gateway B decrypts the encrypted information through the preset secret key after acquiring the encrypted information to acquire the control information.
However, when the other terminal intercepts the encrypted information sent by the terminal a to the gateway B, after the gateway B obtains the encrypted information, although it cannot obtain the real content in the encrypted information, it may pretend that the terminal a sends the encrypted information to the gateway B at other time, so that the terminal B executes the real content in the encrypted information at wrong time, and thus the communication security in the smart home system cannot be ensured.
Disclosure of Invention
The invention provides an intelligent home system, an information encryption method, an information encryption device and a terminal, and aims to solve the technical problem of poor communication safety in the intelligent home system in the related art.
In a first aspect, an intelligent home system is provided, the intelligent home system comprising: terminal, gateway and house equipment, wherein:
the terminal adds a timestamp sent by the gateway to the control information when generating the control information according to the triggered control operation, encrypts the control information added with the timestamp and sends the control information to the gateway;
the gateway acquires the timestamp in the control information after receiving and decrypting the encrypted information sent by the terminal to obtain the control information, and sends the control information to related household equipment when the time interval between the timestamp when receiving the encrypted information and the timestamp in the control information is smaller than a preset time threshold value, so that the household equipment works according to the control information.
In a second aspect, there is provided an information encryption apparatus comprising:
the timestamp acquisition module is used for acquiring a timestamp sent by the gateway when the terminal generates control information according to the triggered control operation;
the encryption module is used for adding a timestamp into the control information and encrypting the control information added with the timestamp according to a preset secret key to obtain encrypted information;
and the encrypted information sending module is used for sending the encrypted information to the gateway.
In a third aspect, an information encryption apparatus is provided, including:
the encrypted information receiving module is used for receiving the encrypted information sent by the terminal by the gateway;
the decryption module is used for decrypting the encrypted information according to a preset secret key to obtain control information;
the time interval judging module is used for acquiring the timestamp in the control information and judging whether the time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold value or not;
and the control module is used for controlling the related household equipment according to the control information when the time interval between the time stamp when the encrypted information is received and the time stamp in the control information is smaller than a preset time threshold value.
In a fourth aspect, an information encryption method is provided, including:
the terminal acquires a timestamp sent by the gateway when generating control information according to the triggered control operation;
adding a timestamp into the control information, and encrypting the control information added with the timestamp according to a preset secret key to obtain encrypted information;
and sending the encryption information to the gateway.
In a fifth aspect, an information encryption method is provided, including:
the gateway receives the encrypted information sent by the terminal;
decrypting the encrypted information according to a preset secret key to obtain control information;
acquiring a timestamp in the control information, judging whether a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold value, and if so, judging whether the time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than the preset time threshold value
And sending the control information to related household equipment so that the household equipment works according to the control information.
In a sixth aspect, a terminal is provided, including:
a processor; and
a memory communicatively coupled to the processor; wherein the content of the first and second substances,
the memory stores readable instructions which, when executed by the processor, implement the method of the fourth aspect.
In a seventh aspect, a gateway is provided, including:
a processor; and
a memory communicatively coupled to the processor; wherein the content of the first and second substances,
the memory stores readable instructions which, when executed by the processor, implement the method of the fifth aspect.
In an eighth aspect, there is provided a computer readable storage medium having stored thereon a computer program which, when executed, implements a method as in the fourth or fifth aspect.
The technical scheme provided by the embodiment of the invention can obtain the following beneficial effects:
when the intelligent home system controls the home devices, the terminal generates control information according to triggered control operation, a timestamp sent by the gateway is added into the control information, the control information added with the timestamp is encrypted and then sent to the gateway, the gateway receives the encrypted information sent by the terminal and decrypts the encrypted information to obtain the control information, then the timestamp in the control information is obtained, when the time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold value, the control information is sent to the related home devices, so that the home devices work according to the control information, the authenticity of the information is judged according to the timestamp, the situation that when the gateway receives the encrypted information containing other timestamps sent by other terminals through spoofing is avoided, the related devices are controlled mistakenly, and the communication safety in the intelligent home system is ensured, the safety of controlling the related household equipment is greatly improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
FIG. 1 is a schematic diagram of an implementation environment in accordance with the present disclosure.
Fig. 2 is a block diagram illustrating a terminal 100 according to an example embodiment.
Fig. 3 is a block diagram illustrating a smart home system according to an exemplary embodiment.
Fig. 4 is a block diagram of another smart home system according to the embodiment shown in fig. 3.
Fig. 5 is a flow chart illustrating a method of encrypting information according to an example embodiment.
Fig. 6 is a flowchart illustrating a specific implementation of step S110 in the information encryption method according to the corresponding embodiment in fig. 5.
Fig. 7 is a flowchart illustrating another specific implementation of step S110 in the information encryption method according to the corresponding embodiment in fig. 5.
Fig. 8 is a flow chart illustrating another method of encrypting information according to an example embodiment.
Fig. 9 is a schematic diagram illustrating a method for controlling home devices in an intelligent home system according to an exemplary embodiment.
Fig. 10 is a block diagram illustrating an information encryption apparatus according to an example embodiment.
Fig. 11 is a block diagram of the broadcast acquiring module 110 in the information encrypting apparatus according to the corresponding exemplary embodiment shown in fig. 10.
Fig. 12 is another block diagram of the broadcast acquiring module 110 in the information encrypting apparatus according to the corresponding exemplary embodiment shown in fig. 10.
Fig. 13 is a block diagram illustrating another information encryption apparatus according to an example embodiment.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present invention. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the invention, as set forth in the claims below.
FIG. 1 is a schematic diagram of an implementation environment in accordance with the present disclosure. The implementation environment includes: a terminal, a gateway 200, and a router 300 for data transmission between the terminal 100 and the gateway 200.
After the terminal 100 sends the encrypted information to the gateway 200 through the router 300, the gateway 200 decrypts the encrypted information in a preset decryption manner to obtain the control information, calculates a time interval between a timestamp when the encrypted information is received and a timestamp in the control information, and controls the relevant device according to the control information when the time interval is smaller than a preset time threshold.
The terminal 100 may be a computer device such as a mobile phone and a computer, and the specific implementation manner is not limited by this embodiment.
Fig. 2 is a block diagram illustrating a terminal 100 according to an example embodiment.
Referring to fig. 2, the terminal 100 may include one or more of the following components: a processing component 101, a memory 102, a power component 103, a multimedia component 104, an audio component 105, a sensor component 107 and a communication component 108. The above components are not all necessary, and the terminal 100 may add other components or reduce some components according to its own functional requirements, which is not limited in this embodiment.
The processing component 101 generally controls overall operations of the terminal 100, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing components 101 may include one or more processors 109 to execute instructions to perform all or a portion of the above-described operations. Further, the processing component 101 may include one or more modules that facilitate interaction between the processing component 101 and other components. For example, the processing component 101 may include a multimedia module to facilitate interaction between the multimedia component 104 and the processing component 101.
The memory 102 is configured to store various types of data to support operations at the terminal 100. Examples of such data include instructions for any application or method operating on terminal 100. The Memory 102 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as an SRAM (Static Random Access Memory), an EEPROM (Electrically Erasable Programmable Read-Only Memory), an EPROM (Erasable Programmable Read-Only Memory), a PROM (Programmable Read-Only Memory), a ROM (Read-Only Memory), a magnetic Memory, a flash Memory, a magnetic disk, or an optical disk. Also stored in memory 102 are one or more modules configured to be executed by the one or more processors 109 to perform all or a portion of the steps of any of the methods shown in fig. 2, 3, 4, 5, and 6.
The power supply component 103 provides power to the various components of the terminal 100. The power components 103 may include a power management system, one or more power sources, and other components associated with generating, managing, and distributing power for the terminal 100.
The multimedia component 104 includes a screen providing an output interface between the terminal 100 and the user. In some embodiments, the screen may include an LCD (Liquid Crystal Display) and a TP (Touch Panel). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation.
The audio component 105 is configured to output and/or input audio signals. For example, the audio component 105 includes a microphone configured to receive external audio signals when the terminal 100 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signals may further be stored in the memory 102 or transmitted via the communication component 108. In some embodiments, audio component 105 also includes a speaker for outputting audio signals.
The sensor assembly 107 includes one or more sensors for providing various aspects of state assessment for the terminal 100. For example, the sensor assembly 107 can detect an open/close state of the terminal 100, a relative positioning of the components, a change in coordinates of the terminal 100 or a component of the terminal 100, and a change in temperature of the terminal 100. In some embodiments, the sensor assembly 107 may also include a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 108 is configured to facilitate communications between the terminal 100 and other devices in a wired or wireless manner. The terminal 100 may access a WIreless network based on a communication standard, such as WiFi (WIreless-Fidelity), 2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 108 receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the Communication component 108 further includes a Near Field Communication (NFC) module to facilitate short-range Communication. For example, the NFC module may be implemented based on an RFID (Radio Frequency Identification) technology, an IrDA (Infrared Data Association) technology, an UWB (Ultra-Wideband) technology, a BT (Bluetooth) technology, and other technologies.
In an exemplary embodiment, the terminal 100 may be implemented by one or more ASICs (Application Specific Integrated circuits), DSPs (Digital Signal processors), PLDs (Programmable Logic devices), FPGAs (Field-Programmable Gate arrays), controllers, microcontrollers, microprocessors or other electronic components for performing the above-described methods.
The specific manner in which the processor in the server in this embodiment performs operations will be described in detail in the embodiment related to the information encryption method, and will not be described in detail here.
Fig. 3 is a block diagram illustrating a structure of an intelligent home system according to an exemplary embodiment, and as shown in fig. 3, the intelligent home system includes: terminal 100, gateway 200 and house equipment 300, wherein:
when generating control information according to the triggered control operation, the terminal 100 adds a timestamp sent by the gateway to the control information, encrypts the control information added with the timestamp, and sends the encrypted control information to the gateway;
the gateway 200 obtains the timestamp in the control information after receiving the encrypted information that terminal 100 sent and decipher and obtain control information, when the time interval between the timestamp in timestamp and the control information when receiving encrypted information is less than predetermined time threshold, send control information for relevant household equipment 500, so that household equipment 500 works according to control information, thereby carry out the judgement of information true and false according to the timestamp, avoid the gateway to control relevant equipment when receiving other terminals through the encrypted information of sending other timestamps of imposition, thereby communication safety among the intelligent home systems has been guaranteed, the security of controlling relevant household equipment has been improved greatly.
The home device 300 may be a home appliance such as an intelligent refrigerator and an intelligent air conditioner, or an intelligent home device such as an intelligent wall switch, an air conditioner companion, and an intelligent camera, and the specific implementation manner is not limited by this embodiment.
The terminal 100 and the gateway 200 can be in communication connection through local area networks such as ZIGBEE and bluetooth, and can also be in communication connection through external networks such as WIFI and 2G/3G/4G/5G.
When the terminal 100 and the gateway 200 are in communication connection through the lan, even if the terminal 100 cannot be connected to the extranet, the control of the home devices in the smart home system can be realized, and the communication connection is not limited by the quality of the extranet network, thereby greatly improving the convenience of the smart home system.
Optionally, fig. 4 is a structural block diagram of another smart home system shown in the embodiment corresponding to fig. 3, as shown in fig. 4, the smart home system further includes a cloud server 400, when the cloud server 400 is in communication connection with the terminal 100 and the gateway 200, the cloud server 400 sends key information to the terminal 100 and the gateway 200, and the terminal 100 and the gateway 200 perform encryption or decryption of information according to keys in the received key information.
Fig. 5 is a flowchart illustrating an information encryption method according to an example embodiment, which may include the following steps, as shown in fig. 5.
In step S110, the terminal acquires a timestamp transmitted by the gateway when generating control information according to the triggered control operation.
The control information is information for controlling a device related to the local area network.
As shown in the implementation environment diagram of fig. 1, a user operates an APP running in a terminal to generate corresponding control information.
There are various ways to obtain the timestamp sent by the gateway, and the timestamp may be sent to the terminal at a fixed frequency by setting the gateway, or the timestamp returned by the gateway may be received when the terminal sends a request for obtaining the timestamp to the gateway, or the timestamp sent by the gateway may be obtained by other ways.
The timestamp is a time stamp made by the gateway on a timescale.
Alternatively, the timestamp may be a timestamp that is performed on the system time of the gateway, may be a timestamp that is performed on a timer, or may be a timestamp that is performed in another form.
In step S120, a timestamp is added to the control information, and the control information with the timestamp added is encrypted according to a preset key, so as to obtain encrypted information.
The key is a parameter set in advance for encrypting or decrypting the control information.
It should be noted that, the two keys respectively sent by the cloud server to the terminal and the gateway may be the same or corresponding, that is, after the terminal encrypts information according to the key received by the terminal, the gateway may successfully decrypt the information according to the key received by the gateway. That is, information encryption and information decryption can be performed by the same key; the information can be encrypted by one key, and the information can be decrypted by another key corresponding to the encrypted key, so that the gateway can be ensured to be successfully decrypted after receiving the encrypted information.
There are various ways of encrypting the control information, for example, RSA algorithm, AES algorithm, etc., and the specific way of encrypting the control information is not limited herein.
In step S130, the encryption information is transmitted to the gateway.
By utilizing the method, when the terminal generates the control information according to the triggered control operation, the timestamp sent by the gateway is obtained, the timestamp is added into the control information, the control information added with the timestamp is encrypted according to the preset secret key, the obtained encrypted information is sent to the gateway, and when the gateway decrypts the encrypted information to obtain the control information, the judgment of the authenticity of the information is carried out according to the timestamp, so that the communication safety in the intelligent home system is ensured, and the safety of controlling related home equipment is greatly improved.
Optionally, fig. 6 is a detailed description of step S110 in the information encryption method shown in the corresponding embodiment of fig. 5, and as shown in fig. 6, step S110 in the information encryption method may further include the following steps.
In step S111, the terminal receives the timestamp sent by the gateway at the preset time interval.
The time interval of the gateway sending time stamp is a preset time range value, the time interval cannot be set too large or too small, and the time interval can be finely adjusted in advance in an actual intelligent home system. In an exemplary embodiment, the time interval is preset to 5 seconds.
When receiving a timestamp sent by a gateway at a preset time interval, a terminal does not immediately acquire the timestamp, and only when generating control information according to a triggered control operation, the terminal acquires the received timestamp and adds the timestamp into the control information.
In step S112, the time stamp received at the time of generating the control information is acquired from the time stamp transmitted by the gateway.
By the method, the gateway sends the time stamp to the terminal according to the preset time interval, so that when the terminal generates the control information, the terminal directly searches the time stamp received last time in the time stamp sent by the gateway, the time stamp does not need to be specially inquired from the gateway, and the convenience of obtaining the time stamp is greatly improved.
Optionally, fig. 7 is another detailed description of step S110 in the information encryption method shown in the corresponding embodiment of fig. 5, and as shown in fig. 7, step S110 in the information encryption method may further include the following steps.
In step S114, the terminal transmits a timestamp acquisition request to the gateway when generating the control information.
As previously mentioned, a timestamp is a time stamp made on a timescale.
In order to ensure the accuracy of the timestamp, after receiving the information, the gateway can judge the authenticity of the information according to the timestamp, and the gateway should know the timestamp added by the terminal in the control information. Therefore, when the terminal is to transmit control information to the gateway, the gateway is requested to transmit a timestamp by transmitting a timestamp acquisition request to the gateway, thereby ensuring that the timestamp is a timestamp known by the gateway.
In the local area network, the terminal sends a timestamp acquisition request to the gateway through the router.
In step S115, a timestamp returned by the gateway in response to the request is received.
And the gateway immediately sends the timestamp to the terminal when receiving the timestamp acquisition request sent by the terminal.
By using the method, when the terminal generates the control information, the terminal sends the timestamp acquisition request to the gateway to request the gateway to send the timestamp, and the gateway does not need to frequently send the timestamp to the terminal through the router, thereby avoiding the waste of resources.
Fig. 8 is a flow chart illustrating another information encryption method according to an example embodiment, which may include the following steps, as shown in fig. 8.
In step S210, the gateway receives the encrypted information transmitted by the terminal.
The encryption information sent by the gateway receiving terminal is the encryption information sent by the terminal to the gateway through the local area network.
In step S220, the encrypted information is decrypted according to the preset key, so as to obtain the control information.
As mentioned above, the keys stored in the gateway and the terminal are the same or corresponding.
After a terminal encrypts and sends information to a gateway according to a key stored in the terminal, the gateway can successfully decrypt the information according to the key stored in the gateway after receiving the information.
For example, the key stored in the terminal is key X1, the key stored in the gateway is key X2, key X2 is the same as or corresponds to key X2, and when information Y1 is encrypted by key X1 to obtain encrypted information Y2, information Y1 can be successfully decrypted by key X2 to obtain encrypted information Y2.
In step S230, acquiring a timestamp in the control information, determining whether a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold, if yes, executing step S241; if not (N), go to step S242.
As mentioned previously, the terminal encrypts the time-stamped control information.
Therefore, the control information obtained by decrypting the encrypted information also includes the time stamp.
As previously mentioned, the time stamp is a time stamp in time metrics. Thus, the timestamps at different times are not the same, and the time information described by the timestamps changes as time elapses.
For example, the timestamp is a timestamp that is used to time-stamp the system time of the gateway, and when the terminal generates the control information according to the triggered control operation, the timestamp T1 sent by the gateway is acquired as the system time 12:00:00 of the gateway, and the timestamp T2 when the terminal receives the encrypted information is acquired as the system time 12:00:03 of the gateway when the terminal receives the encrypted information.
For another example, the timestamp is a time stamp of a timer in the gateway, and when the terminal generates the control information according to the triggered control operation, the timestamp T1 sent by the gateway is acquired to be the timer count of the gateway 30:00:10, and the timestamp T2 when the encryption information is received is the timer count of the gateway 30:00: 13.
The time threshold is a preset time range value, cannot be set too large or too small, and can be finely adjusted through data transmission in an actual local area network. In an exemplary embodiment, the time threshold is preset to 5 seconds.
If the time interval between the time stamp when the encrypted information is received and the time stamp in the control information is smaller than the preset time threshold, the control information is valid, and the attack is not performed by other terminals in the local area network through impersonation. Therefore, the relevant device is controlled according to the control information. Because the terminal encrypting the control information and the gateway receiving the encrypted information is almost instantaneous if the control information is valid, i.e. the time interval between the terminal encrypting the control information and the gateway receiving the encrypted information is usually small.
If the time interval between the time stamp when the encryption information is received and the time stamp in the control information is not less than the preset time threshold, it indicates that the time interval between the time when the terminal encrypts the control information and the time when the gateway receives the encryption information sent by the terminal is larger, and it is likely that other terminals in the local area network attack through impersonation, so the control information is discarded and corresponding operations are not executed according to the control information.
In step S241, the control information is sent to the relevant home devices, so that the home devices operate according to the control information.
In step S242, the control information is discarded.
By using the method, when the gateway decrypts the encrypted information and acquires the timestamp in the control information, the control information is sent to the relevant household equipment only when the time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than the preset time threshold value, the household equipment executes corresponding operation, other terminals are prevented from attacking the gateway through impersonation, thereby ensuring the communication safety in the intelligent household system, and greatly improving the safety of controlling the relevant household equipment.
Fig. 9 is a schematic diagram illustrating a method for controlling home devices in an intelligent home system according to an exemplary embodiment.
In step S310, the terminal and the gateway respectively receive key information sent by the cloud server through communication connection with the cloud server, where the key information includes a preset key.
It can be understood that the key for the terminal and the gateway to encrypt or decrypt information is pre-stored in their respective storage in the form of key information, and then the terminal encrypts the control information according to the key by obtaining the key in the key information stored in the terminal, and the gateway decrypts the encrypted information according to the key by obtaining the key in the key information stored in the gateway after receiving the encrypted information.
When the terminal and the gateway are in communication connection with the cloud server for the first time, the cloud server sends key information containing keys to the terminal and the gateway respectively, and the key information received by the terminal and the key information received by the gateway respectively are the same, so that the gateway can decrypt smoothly after the terminal encrypts control information and sends the control information to the gateway.
In step S320, when the terminal generates the control information according to the triggered control operation, the terminal adds the timestamp sent by the gateway to the control information.
In step S330, the terminal encrypts the control information added with the timestamp according to a preset key, and sends the obtained encrypted information to the gateway.
In step S340, the gateway receives the encrypted information sent by the terminal, and decrypts the encrypted information according to the agreed encryption and decryption method to obtain the control information.
In step S350, the gateway obtains the timestamp in the control information, determines whether a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold, and if so, executes step S361; if not, go to step S362.
In step S361, the gateway controls the relevant device according to the control information.
In step S362, the gateway discards the control information.
The following is an embodiment of the system of the present invention, which can be used to implement the above-mentioned embodiment of the information encryption method. For details that are not disclosed in the embodiments of the system of the present invention, refer to the embodiments of the information encryption method of the present invention.
Fig. 10 is a block diagram illustrating an information encryption apparatus according to an exemplary embodiment, which includes a timestamp acquisition module 110, an encryption module 120, and an encrypted information transmission module 130 that are run in an application program of a terminal.
A timestamp obtaining module 110, configured to obtain a timestamp sent by the gateway when the terminal generates control information according to the triggered control operation;
the encryption module 120 is configured to add a timestamp to the control information, and encrypt the control information added with the timestamp according to a preset key to obtain encrypted information;
and an encrypted information sending module 130, configured to send the encrypted information to the gateway.
The implementation process of the functions and actions of each module in the above device is specifically described in the implementation process of the corresponding step in the above information encryption method, and is not described herein again.
Optionally, as shown in fig. 11, the timestamp obtaining module 110 further includes, but is not limited to: a time stamp receiving unit 111 and a first time stamp obtaining unit 112.
A timestamp receiving unit 111, configured to receive, by the terminal, a timestamp sent by the gateway according to a preset time interval;
a first timestamp obtaining unit 112, configured to obtain, from the timestamps transmitted by the gateway, a timestamp received when the control information is generated.
Optionally, as shown in fig. 12, the timestamp obtaining module 110 further includes, but is not limited to: a time stamp obtaining request unit 114 and a second time stamp obtaining unit 115.
A timestamp obtaining request unit 114, configured to send a timestamp obtaining request to the gateway when the terminal generates the control information;
a second timestamp obtaining unit 115, configured to obtain a timestamp sent by the gateway in response to the timestamp obtaining request.
Fig. 13 is a block diagram illustrating another information encryption apparatus according to an exemplary embodiment, which includes an encrypted information receiving module 210, a decryption module 220, a time interval determination module 230, and a control module 240 in an application program running in a gateway.
An encrypted information receiving module 210, configured to receive, by the gateway, encrypted information sent by the terminal;
the decryption module 220 is configured to decrypt the encrypted information according to a preset key to obtain control information;
a time interval determining module 230, configured to obtain a timestamp in the control information, and determine whether a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold;
and the control information sending module 240 is configured to send the control information to the relevant home equipment when a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold, so that the home equipment works according to the control information.
Optionally, the information encryption apparatus shown in fig. 13 further includes, but is not limited to: and a control information discarding module.
And the control information discarding module is used for discarding the control information when the time interval between the time stamp when the encrypted information is received and the time stamp in the control information is not less than a preset time threshold.
Optionally, the present invention further provides a terminal, which executes all or part of the steps of the information encryption method shown in any one of fig. 5, fig. 6 and fig. 7. The terminal includes:
a processor; and
a memory communicatively coupled to the processor; wherein the content of the first and second substances,
the memory stores readable instructions which, when executed by the processor, implement the method of any of the above exemplary embodiments.
The specific manner in which the processor in the terminal in this embodiment performs the operation has been described in detail in the embodiment related to the information encryption method, and will not be explained in detail here.
Optionally, the present invention further provides a gateway, which performs all or part of the steps of the information encryption method shown in fig. 8. The gateway includes:
a processor; and
a memory communicatively coupled to the processor; wherein the content of the first and second substances,
the memory stores readable instructions which, when executed by the processor, implement the method of any of the above exemplary embodiments.
The specific manner in which the processor in the gateway in this embodiment performs operations has been described in detail in the embodiment related to the information encryption method, and will not be elaborated here.
In an exemplary embodiment, a storage medium is also provided that is a computer-readable storage medium, such as may be temporary and non-temporary computer-readable storage media, including instructions. The storage medium includes, for example, the memory 102 of instructions executable by the processor 109 of the terminal 100 to perform the information encryption method described above.
It is to be understood that the invention is not limited to the precise arrangements described above and shown in the drawings, and that various modifications and changes may be effected therein by one skilled in the art without departing from the scope thereof. The scope of the invention is limited only by the appended claims.
Claims (13)
1. The utility model provides an intelligent home systems, its characterized in that, intelligent home systems includes: terminal, gateway and house equipment, wherein:
the terminal adds a timestamp which is sent by the gateway for the last time to the control information when the control information is generated according to the triggered control operation, encrypts the control information added with the timestamp and sends the control information to the gateway;
the gateway acquires a timestamp in the control information after receiving and decrypting the encrypted information sent by the terminal to obtain the control information, and sends the control information to related household equipment when a time interval between the timestamp when receiving the encrypted information and the timestamp in the control information is smaller than a preset time threshold value so that the household equipment works according to the control information;
the gateway sends a timestamp to the terminal according to a preset time interval, and the terminal only obtains the timestamp sent by the gateway when generating control information according to triggered control operation and adds the obtained timestamp into the control information.
2. The smart home system according to claim 1, wherein the terminal is in communication connection with the gateway through a local area network.
3. The smart home system according to claim 1, further comprising a cloud server, wherein the cloud server sends key information to the terminal and the gateway when being in communication connection with the terminal and the gateway, and the terminal and the gateway encrypt or decrypt information according to keys in the key information received by the terminal and the gateway respectively.
4. An information encryption method, characterized in that the method comprises:
when the terminal generates control information according to the triggered control operation, acquiring a timestamp sent by the gateway last time;
adding a timestamp into the control information, and encrypting the control information added with the timestamp according to a preset secret key to obtain encrypted information;
sending the encrypted information to the gateway so that the gateway decrypts the encrypted information to obtain a timestamp contained in the control information, and sending the control information to related household equipment when a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold;
the gateway sends a timestamp to the terminal according to a preset time interval, and the terminal only obtains the timestamp sent by the gateway when generating control information according to triggered control operation and adds the obtained timestamp into the control information.
5. The method according to claim 4, wherein the step of the terminal obtaining the timestamp sent by the gateway last time when generating the control information according to the triggered control operation comprises:
the terminal receives a timestamp sent by the gateway according to a preset time interval;
and acquiring the timestamp received when the control information is generated from the timestamp transmitted by the gateway.
6. An information encryption method, characterized in that the method comprises:
the gateway receives the encrypted information sent by the terminal;
decrypting the encrypted information according to a preset secret key to obtain control information;
acquiring a timestamp in the control information, judging whether a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold value, and if so, judging whether the time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than the preset time threshold value
Sending the control information to related household equipment so that the household equipment works according to the control information;
the time stamp in the control information is the time stamp which is acquired by the terminal when the control information is generated according to the triggered control operation and is sent by the gateway for the last time, the time stamp is sent to the terminal by the gateway according to the preset time interval, the time stamp sent by the gateway is acquired by the terminal only when the control information is generated according to the triggered control operation, and the acquired time stamp is added into the control information.
7. The method of claim 6, further comprising:
and if the time interval between the time stamp when the encrypted information is received and the time stamp in the control information is not less than the preset time threshold, discarding the control information.
8. An information encryption apparatus, comprising a timestamp acquisition module, an encryption module, and an encrypted information transmission module that run in an application program of a terminal, wherein:
the timestamp acquisition module is used for acquiring a timestamp which is sent by the gateway last time when the terminal generates the control information according to the triggered control operation;
the encryption module is used for adding a timestamp into the control information and encrypting the control information added with the timestamp according to a preset secret key to obtain encrypted information;
the encrypted information sending module is used for sending the encrypted information to the gateway so that the gateway decrypts the encrypted information to obtain a timestamp contained in the control information, and sending the control information to related household equipment when a time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold;
the gateway sends a timestamp to the terminal according to a preset time interval, and the terminal only obtains the timestamp sent by the gateway when generating control information according to triggered control operation and adds the obtained timestamp into the control information.
9. The apparatus of claim 8, wherein the timestamp acquisition module comprises a timestamp receiving unit and a first timestamp acquisition unit, wherein:
the terminal comprises a timestamp receiving unit, a timestamp receiving unit and a timestamp sending unit, wherein the timestamp receiving unit is used for receiving a timestamp sent by the gateway according to a preset time interval;
and a first timestamp acquiring unit configured to acquire a timestamp received when the control information is generated from the timestamp transmitted by the gateway.
10. An information encryption device, characterized in that the device comprises an encrypted information receiving module, a decryption module, a time interval judgment module and a control module which are run in an application program of a gateway, wherein:
the encrypted information receiving module is used for receiving the encrypted information sent by the terminal by the gateway;
the decryption module is used for decrypting the encrypted information according to a preset secret key to obtain control information;
the time interval judging module is used for acquiring the timestamp in the control information and judging whether the time interval between the timestamp when the encrypted information is received and the timestamp in the control information is smaller than a preset time threshold value or not;
the control information sending module is used for sending the control information to related household equipment when the time interval between the time stamp when the encrypted information is received and the time stamp in the control information is smaller than a preset time threshold value, so that the household equipment works according to the control information;
the time stamp in the control information is the time stamp which is acquired by the terminal when the control information is generated according to the triggered control operation and is sent by the gateway for the last time, the time stamp is sent to the terminal by the gateway according to the preset time interval, the time stamp sent by the gateway is acquired by the terminal only when the control information is generated according to the triggered control operation, and the acquired time stamp is added into the control information.
11. A terminal, characterized in that the terminal comprises:
a processor; and
a memory communicatively coupled to the processor; wherein the content of the first and second substances,
the memory stores readable instructions which, when executed by the processor, implement the method of any of claims 4-5.
12. A gateway, characterized in that the gateway comprises:
a processor; and
a memory communicatively coupled to the processor; wherein the content of the first and second substances,
the memory stores readable instructions which, when executed by the processor, implement the method of any of claims 6-7.
13. A computer-readable storage medium, on which a computer program is stored, which, when being executed, carries out the method according to any one of claims 4-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711260484.3A CN107968736B (en) | 2017-12-04 | 2017-12-04 | Intelligent home system, information encryption method and device and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711260484.3A CN107968736B (en) | 2017-12-04 | 2017-12-04 | Intelligent home system, information encryption method and device and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107968736A CN107968736A (en) | 2018-04-27 |
| CN107968736B true CN107968736B (en) | 2021-07-02 |
Family
ID=61997903
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711260484.3A Active CN107968736B (en) | 2017-12-04 | 2017-12-04 | Intelligent home system, information encryption method and device and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107968736B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109358520B (en) * | 2018-11-01 | 2022-01-07 | 南京仁程智能科技有限公司 | Local dynamic unlocking system for smart home Internet of things |
| CN110222086A (en) * | 2019-05-07 | 2019-09-10 | 深圳壹账通智能科技有限公司 | Data managing method, device, equipment and storage medium based on block chain |
| CN112910916A (en) * | 2021-02-23 | 2021-06-04 | 内江佳路云网络科技有限公司 | Intelligent home gateway system information encryption processing method based on cloud computing |
| CN113014579A (en) * | 2021-02-24 | 2021-06-22 | 珠海格力电器股份有限公司 | Control instruction transmission method, system, server and storage medium |
| CN113839958B (en) * | 2021-09-29 | 2023-05-26 | 广州河东科技有限公司 | Communication encryption method, device, control system and storage medium for smart home |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104301303A (en) * | 2014-09-15 | 2015-01-21 | 汕头大学 | Intelligent home Internet of Things safety protection method and system |
| CN106712959A (en) * | 2016-12-09 | 2017-05-24 | 深圳竹信科技有限公司 | Implementation method and system of communication safety |
| CN107040459A (en) * | 2017-03-27 | 2017-08-11 | 高岩 | A kind of intelligent industrial secure cloud gateway device system and method |
| CN107360139A (en) * | 2017-06-19 | 2017-11-17 | 努比亚技术有限公司 | A kind of mobile terminal, data ciphering method and computer-readable recording medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100375424C (en) * | 2004-03-22 | 2008-03-12 | 国际商业机器公司 | Multimedia information receiving and transmitting method system, gateway and customer's equipment |
-
2017
- 2017-12-04 CN CN201711260484.3A patent/CN107968736B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104301303A (en) * | 2014-09-15 | 2015-01-21 | 汕头大学 | Intelligent home Internet of Things safety protection method and system |
| CN106712959A (en) * | 2016-12-09 | 2017-05-24 | 深圳竹信科技有限公司 | Implementation method and system of communication safety |
| CN107040459A (en) * | 2017-03-27 | 2017-08-11 | 高岩 | A kind of intelligent industrial secure cloud gateway device system and method |
| CN107360139A (en) * | 2017-06-19 | 2017-11-17 | 努比亚技术有限公司 | A kind of mobile terminal, data ciphering method and computer-readable recording medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107968736A (en) | 2018-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107968736B (en) | Intelligent home system, information encryption method and device and terminal | |
| CN109844823B (en) | PEPS portable device positioning | |
| CN109844822B (en) | Passive entry/passive start system and method for a vehicle | |
| EP3136648B1 (en) | Method and device for determining control authority on user device | |
| CN107819572B (en) | Command transmission method and device and electronic equipment | |
| RU2662362C2 (en) | System, method and apparatus for intelligent device grouping | |
| CN105933904B (en) | Network connection method and device | |
| CN106888206B (en) | Key exchange method, device and system | |
| US9729522B2 (en) | System and method for device authentication | |
| EP3151507A1 (en) | Methods and apparatuses for controlling device | |
| CN104869612A (en) | Method and device for accessing network | |
| CN105282158A (en) | Intelligent equipment networking method, routing equipment, intelligent equipment and system | |
| CN106685644B (en) | Communication encryption method and device, gateway, server, intelligent terminal and system | |
| CN107947924A (en) | Intelligent domestic system and information ciphering method and device, terminal | |
| CN104009837A (en) | Method and device for updating key and terminal | |
| CN109150508A (en) | Equipment control and controlled method, device, computer equipment and storage medium | |
| CN104837178A (en) | Network accessing method and device | |
| CN104980919A (en) | Method for acquiring network service information and equipment | |
| CN113055169B (en) | Data encryption method and device, electronic equipment and storage medium | |
| CN112383532B (en) | Device networking method and device, electronic device and storage medium | |
| CN105635249B (en) | Session management method and device | |
| CN105376399B (en) | For controlling the method and device of smart machine | |
| CN115001863B (en) | Network security vulnerability detection method, device, medium and electronic equipment | |
| CN112583920B (en) | Push method, push device, electronic equipment and storage medium | |
| WO2017113663A1 (en) | Method and apparatus for acquiring user information, terminal device and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |