CN108173845B - Metering instrument with core chip and information security interaction system - Google Patents
Metering instrument with core chip and information security interaction system Download PDFInfo
- Publication number
- CN108173845B CN108173845B CN201711440099.7A CN201711440099A CN108173845B CN 108173845 B CN108173845 B CN 108173845B CN 201711440099 A CN201711440099 A CN 201711440099A CN 108173845 B CN108173845 B CN 108173845B
- Authority
- CN
- China
- Prior art keywords
- data
- server
- core chip
- key
- meter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The invention aims to provide a metering instrument with a core chip and an information security interaction system, which are used for solving the information security problem in the prior art scheme and improving the security of system information security interaction, and relate to the field of metering instruments, and comprise a core chip, a communication module, a data acquisition module, a key management module and a business service module; the core chip stores at least two keys; the system is used for randomly appointing a key to encrypt the meter end data when the metering meter sends the meter end data to the server, and sending the encrypted meter end data to the key management module through the communication module and the data acquisition module; the key management module stores the key of the core chip, and is used for decrypting the meter end data and sending the decrypted meter end data to the business service module; and the business service module is used for processing according to the table-end data. The core chip randomly selects the key to encrypt the meter end data, so that the probability of key cracking is reduced, and the safety of system information safety interaction is improved.
Description
Technical Field
The invention relates to the field of metering instruments, in particular to a metering instrument with a core chip and an information security interaction system.
Background
The traditional mechanical meter needs to input a large amount of manpower to manually meter, the meter reading cost is high, the meter reading rate cannot meet the requirement, and the prepayment function cannot be realized. The IC card meter can realize the prepayment function, but a business hall is required to be set to facilitate the recharging of the user, and the actual gas consumption of the user cannot be obtained.
The understanding and definition of the business logic of each gas meter manufacturer are different, which brings certain trouble to the gas company to develop business. With the change of social environment, the business of a gas company is also continuously changed, and an online gas meter cannot change along with the business of the gas company, so that the gas company needs to spend a large amount of manpower and material resources to maintain old products, and even the old meter with short service life needs to be replaced by a new meter due to the change of the business, so that the gas company has high manpower and material resource cost.
At present, gas meters gradually enter the era of intelligent internet of things. In recent years, the internet of things gas meter enters a high-speed development stage, and various intelligent internet of things gas meters are in endless. Along with the extension of gas meters to the field of the internet of things, the safety problem of the internet of things is increasingly highlighted, and the gas utilization safety is more related to the life and property safety of thousands of households. Each gas meter manufacturer often pursues low cost and rapid market release in a unilateral manner, but neglects consideration and investment on information safety. At present, data of the internet of things gas meter is generally transmitted in a plaintext or after being simply processed in a communication process, even if certain encryption measures are adopted by part of manufacturers, due to the fact that an encryption method is simple and the encryption level is not high, communication data are easy to crack and attack, loss can be caused to gas companies and users, even gas safety of the users is threatened, and the problem of information safety exists.
Accordingly, other meters have corresponding problems.
Disclosure of Invention
The invention aims to provide a metering instrument with a core chip and an information security interaction system, so as to solve the problem of information security in the prior art and improve the security of system information security interaction.
In order to achieve the purpose, the invention provides a metering instrument information safety interaction system with a core chip, which comprises: the system comprises a metering instrument and a server, wherein the metering instrument comprises a core chip and a communication module, and the server comprises a data acquisition module, a key management module and a business service module;
the core chip stores at least two keys; the system is used for randomly assigning a key to encrypt the meter end data when the metering meter sends the meter end data to the server, and sending the encrypted meter end data to the communication module;
the communication module is used for receiving the meter end data sent by the core chip and sending the meter end data to the data acquisition module;
the data acquisition module is used for receiving the meter end data sent by the communication module and sending the meter end data to the key management module;
the key management module stores the key of the core chip, and is used for receiving the meter end data sent by the data acquisition module, decrypting the meter end data and sending the decrypted meter end data to the service module;
and the business service module is used for receiving the table end data sent by the key management module and processing according to the table end data.
In the above-mentioned metering instrument information security interaction system with core chip, the service module is used for sending service end data to the key management module;
the key management module is used for receiving the server data sent by the business service module, encrypting the server data through a key and sending the encrypted server data to the data acquisition module;
the data acquisition module is used for receiving the server data sent by the key management module and sending the server data to the communication module;
the communication module is used for receiving the server data sent by the key management module and sending the server data to the core chip;
and the core chip receives the server data received by the communication module and decrypts the server data.
In the above-mentioned secure interaction system of information of a metering instrument with a core chip, the key management module is used for authenticating the identity of the core chip when the metering instrument communicates with the server for the first time, and binding the core chip number, the metering instrument number and the user number after the authentication is passed; and the system is used for performing identity authentication on the core chip number when receiving the meter data sent by the data acquisition module, verifying whether the metering instrument number and the user number are matched with the bound data after the authentication is successful, executing the step of decrypting the meter data if the metering instrument number and the user number are matched with the bound data, and not executing the step of decrypting the meter data if the metering instrument number and the user number are not matched with the bound data;
and/or the core chip is used for performing identity authentication operation after receiving the server data, executing the step of decrypting the server data if the identity authentication is passed, and not executing the step of decrypting the server data if the identity authentication is not passed.
In the measuring instrument information safety interaction system with the core chip, the core chips in different measuring instruments adopt different keys; and/or the key management module is used for issuing a key algorithm or a key to the core chip, and the core chip is used for receiving the key algorithm or the key issued by the key management module so as to initialize or update the key algorithm or the key in the core chip.
In the above system for secure interaction of information of a metering instrument having a core chip, the core chip is further used for processing business logic, wherein the business logic includes settlement logic; and the settlement logic performs settlement according to the usage of the metering instrument end, the balance of the server end and the unit price of the server end or performs settlement according to the usage of the metering instrument end and the allowance of the server end.
In another aspect of the invention, a metering device having a core chip for communicating with a server, the metering device comprising a core chip and a communication module;
the core chip stores at least two keys, and is used for randomly assigning one key to encrypt the end data when the metering instrument sends the end data to the server, and sending the encrypted end data to the communication module;
the communication module is used for receiving the meter end data sent by the core chip and sending the meter end data to the server.
In the metering device with the core chip, the communication module is used for receiving the server data of the server and sending the server data to the core chip; the core chip is used for receiving the server data received by the communication module.
In the above metering device with a core chip, the core chip is configured to perform an identity authentication operation when receiving the server data, execute the step of decrypting the server data if the identity authentication passes, and not execute the step of decrypting the server data if the identity authentication does not pass.
In the metering device with the core chip, the core chip is used for receiving a key algorithm or a key issued by a server so as to initialize or update the key algorithm or the key in the core chip; and/or, the core chip stores at least two key algorithms, and the randomly assigning a key to encrypt the end data includes: random assignment of a key encrypts the end data by a randomly chosen key algorithm.
In the above metering device with a core chip, the core chip is used for processing service logic, wherein the service logic includes settlement logic, and the settlement logic performs settlement according to the usage amount of the metering device end, the balance of the server end, and the unit price of the server end, or performs settlement according to the usage amount of the metering device end and the balance of the server end.
The implementation of the invention can achieve the following beneficial technical effects:
1. the core chip randomly selects the key to encrypt the meter end data, so that the probability of key cracking is reduced, and the safety of system information safety interaction is improved.
2. The metering instrument information safety interaction system with the core chip has a bidirectional identity authentication function between the server and the metering instrument; the safety of system information safety interaction is improved.
3. The metering instrument information security interaction system with the core chip has the bidirectional encryption and decryption functions of the server and the metering instrument; the safety of system information safety interaction is improved.
4. Updatable key algorithms or keys; the safety of system information safety interaction is improved.
5. The core chip integrates the service function, has the service upgrading function and improves the convenience.
Drawings
FIG. 1 is a schematic diagram showing the system connection in example 1;
FIG. 2 is a flowchart of the method of example 1;
FIG. 3 is a schematic diagram showing the system connection in example 2;
fig. 4 is a schematic diagram of a core chip of embodiment 3.
Detailed Description
To facilitate understanding of those skilled in the art, the present invention will be further described with reference to specific examples:
example 1:
the invention provides a metering instrument information security interaction system with a core chip, as shown in figure 1, the system comprises: the system comprises a metering device 1 and a server 2, wherein the metering device 1 comprises a core chip 11 and a communication module 12, and the server 2 comprises a data acquisition module 21, a key management module 22 and a business service module 23; the core chip 11 stores at least two keys; when the metering device 1 sends the meter data to the server 2, a key is randomly assigned to encrypt the meter data, and the encrypted meter data is sent to the communication module 12; the communication module 12 is configured to receive the meter end data sent by the core chip 11, and send the meter end data to the data acquisition module 21; the data acquisition module 21 is configured to receive the meter data sent by the communication module 12, and send the meter data to the key management module 22; the key management module 22 stores the key of the core chip 11, and is configured to receive the table end data sent by the data acquisition module 21, decrypt the table end data, and send the decrypted table end data to the service module 23; the service module 23 is configured to receive the table-end data sent by the key management module 22, and process the table-end data according to the table-end data.
The following beneficial technical effects can be achieved by implementing the embodiment: the probability of the key being cracked is reduced, and the safety of the system information safety interaction is improved.
The principle is as follows: when the metering device 1 sends the meter data to the server 2 for processing by the service module 23 of the server 2, the core chip 11 randomly selects a key to encrypt the meter data, after the encrypted meter data is sent to the key management module 22, the key management module 22 decrypts the meter data according to the key, and sends the decrypted meter data to the service module 23 for processing; the random key is used for encryption, so that the probability of key cracking can be effectively reduced. It can be known that the key stored in the core chip 11 is also stored in the key management module 22, so the key management module 22 can decrypt the table data encrypted by the core chip 11 according to the key; it should be noted that the table-side data and the server-side data are for distinguishing two groups of data, and the data itself is not particularly limited.
The meter end data may be provided by a meter controller 13, and the meter controller 13 may include: the device comprises a power supply module, a metering module, an alarm prompting module, a human-computer interaction module, a valve control module and a storage module. The system is mainly responsible for gas recording, event recording, remote instruction control and other functions.
In one embodiment, in order to improve the security of data when the server 2 sends the server data to the metering device 1, the business service module 23 is configured to send the server data to the key management module 22; the key management module 22 is configured to receive server data sent by the service module 23, encrypt the server data with a key, and send the encrypted server data to the data acquisition module 21; the data acquisition module 21 is configured to receive server data sent by the key management module 22, and send the server data to the communication module 12; the communication module 12 is configured to receive server data sent by the key management module 22, and send the server data to the core chip 11; the core chip 11 receives the server data received by the communication module 12, and decrypts the server data. It can be known that, in order to enable the core chip 11 to decrypt the server data encrypted by the key management module 22, the key management module 22 encrypts the server data with the key in the corresponding core module.
The decrypted server data can be sent to the meter controller 13 according to the situation; if the service-side data is a valve-close command, the valve-close control may be performed by a valve control module in the meter controller 13.
In one embodiment, in order to further improve the security of system information security interaction, the key management module is configured to perform identity authentication on the core chip 11 when the metering device 1 communicates with the server 2 for the first time, and bind the core chip number, the metering device number, and the user number after the authentication is passed; and a step for authenticating the identity of the core chip number when receiving the meter data sent by the data acquisition module 21, verifying whether the meter number and the user number match the bound data after the authentication is successful, and if so, executing the step of decrypting the meter data, and if not, not executing the step of decrypting the meter data. It will be appreciated that the core chip number, meter number and user number are all unique. It can also be known that the number of the metering instrument and the number of the user can record the corresponding relationship when the account is opened.
In an embodiment, in order to further improve the security of system information security interaction, the core chip 11 is configured to perform an identity authentication operation after receiving the server data, execute the step of decrypting the server data if the identity authentication passes, and not execute the step of decrypting the server data if the identity authentication does not pass.
In one embodiment, to further improve the security of the system information security interaction, different keys are used by the core chips 11 in different metering instruments 1. Even if the key of a certain metering device 1 is cracked, the safe communication of other metering devices 1 is not influenced.
In an embodiment, in order to further improve the security of the system information security interaction, the key management module 22 is configured to issue a key algorithm or a key to the core chip 11, and the core chip 11 is configured to receive the key algorithm or the key issued by the key management module 22, so as to initialize or update the key algorithm or the key in the core chip 11. The key management module 22 is configured to issue a key algorithm or a key to the core chip 11, and then update (upgrade) the key algorithm or the key in the core chip 11, so that the key can be prevented from being cracked, and the key or the key algorithm can be updated according to other requirements, thereby improving the security of system information security interaction.
In one embodiment, in order to enhance the table-side function, the core chip 11 is further configured to execute business logic, wherein the business logic includes settlement logic; and the settlement logic performs settlement according to the usage of the metering instrument end, the balance of the server end and the unit price of the server end or performs settlement according to the usage of the metering instrument end and the allowance of the server end. The settlement of the table end is realized, and further, the settlement function can still be realized under the condition that communication cannot be carried out; and because settlement is carried out based on the server data, the settlement data can be automatically corrected after communication is available, and the settlement accuracy is improved. After settlement, the balance or the allowance after settlement can be compared with a set threshold value, and whether to control the valve to close or not can be judged according to the comparison result. Business logic may also include postpaid mode logic.
In one embodiment, the metering device automatically completes communication with the server 2 according to a meter reading period, and realizes the synchronization of user records and money amount of the meter end and the server end.
In one embodiment, the service provider may upgrade the core chip 11 of the metering device 1 via the server 2. The facilitator sets the range of products (product code, version number) to be upgraded via the business service module 23.
After the metering device 1 is connected with the server 2 and the identity is confirmed, the service server 2 acquires the product code and the version number of the metering device 1, matches the product range needing to be upgraded, and if the product code and the version number are matched, issues an upgrade package to the metering device 1.
And after receiving the upgrade package, the metering device 1 verifies the integrity and the correctness of the upgrade package, and executes the upgrade program after the verification is passed.
After the upgrading of the metering device 1 is completed, the metering device 1 is actively in communication connection with the server 2, and the business service module 23 acquires the product code and the version number of the metering device 1 and confirms the upgrading result.
In one embodiment, the business service module stores the gas consumption record, the recharging record and the balance state, the user can inquire the gas consumption record, the recharging record and the balance state on line, after the prepayment mode is started, the business service module pushes residual amount prompt information to the user, and the user can realize on-line recharging business.
In one embodiment, the system includes a card issuing module through which the key management module initializes the core chip.
In this embodiment, The data acquisition module 21 and The communication module 12 may be a wired communication module or a wireless communication module, such as an rf (radio frequency) module, a LoRa module, a 2G (The 2nd Generation) module, a 3G (3 rd-Generation) module, an NB-lo (narrow Band Internet of things) module, an RS485 module, and so on.
The following is a method for implementing system information security interaction in this embodiment, as shown in fig. 2:
step S1: the key management module completes initialization of the core chip through the card issuing module, and the initialization comprises generation and downloading of keys and an encryption algorithm;
step S2: when a metering instrument with a core chip is communicated with a server, the data of the table end is handed over to the core chip, and the random assigned key and the encryption algorithm of the core chip are used for encrypting the data of the table end;
step S3: the core chip sends the encrypted table end data to the data acquisition module through the communication module;
step S4: the data acquisition module sends the received encryption meter data to the key management module;
step S5: if the metering instrument is communicated with the server for the first time, the key management module carries out identity authentication on the core chip, and binds the core chip number, the metering instrument number and the user number after the authentication is passed; and if the metering instrument is not communicated with the server for the first time, performing identity authentication on the core chip number, and verifying whether the metering instrument number and the user number are matched with the bound data after the authentication is successful.
Step S6: after the matching is passed, the meter end data is decrypted, and the decrypted meter end data is sent to the business service module;
step S7: after the business service module finishes processing, sending server data (such as valve closing instructions) to the key management module;
step S8: the key management module encrypts the data of the server; the encrypted server data is sent to a data acquisition module;
step S9: the data acquisition module sends the server data to the communication module;
step S10: the communication module sends the server data to the core chip;
step S11: the core chip decrypts the server data and sends the decrypted server data to the metering instrument controller;
step S12: and the metering instrument controller processes according to the service end data (if the service end data is a valve closing instruction, the metering instrument controller controls the valve controller to control the valve to close the valve).
The initialization may further include: downloading the service logic; when the meter controller 13 detects an event (for example, when the gas meter detects gas consumption), the event information is sent to the core chip 11, and the core chip 11 executes relevant business logic. For example, settlement is performed according to the gas consumption, and whether to control the valve closing valve is determined according to the settlement result.
Example 2:
as shown in fig. 3, the metering device having a core chip is used for communicating with the server 2, and the metering device 1 includes a core chip 11 and a communication module 12;
the core chip 11 stores at least two keys, and is used for randomly assigning one key to encrypt the meter end data when the metering instrument 1 sends the meter end data to the server 2, and sending the encrypted meter end data to the communication module 12;
the communication module 12 is configured to receive the meter-end data sent by the core chip 11, and send the meter-end data to the server 2.
The following beneficial technical effects can be achieved by implementing the embodiment: the probability of the key being cracked is reduced, and the safety of the system information safety interaction is improved.
In one embodiment, in order to improve the security of data interaction, the communication module 12 is configured to accept server data of the server 2 and send the server data to the core chip 11; the core chip 11 is configured to receive server data received by the communication module 12.
In an embodiment, in order to improve the security of data interaction, the core chip 11 is configured to perform an identity authentication operation when receiving server data, and if the identity authentication passes, execute the step of decrypting the server data, and if the identity authentication does not pass, not execute the step of decrypting the server data.
In one embodiment, in order to improve the security of data interaction, the core chip 11 is configured to receive a key algorithm or a key issued by the server 2, so as to initialize or update the key algorithm or the key in the core chip 11;
in one embodiment, to improve the security of data interaction, the core chip 11 stores at least two key algorithms, and the randomly assigning a key to encrypt the end data includes: random assignment of a key encrypts the end data by a randomly chosen key algorithm. Through the randomly selected key and the randomly selected key algorithm, the probability of being cracked is greatly reduced. The updating and upgrading of the key algorithm can be carried out periodically or when the key algorithm is cracked, and the safety of communication can be further guaranteed. Optionally, a plurality of encryption algorithms (ECC, AES, RSA) are built in the core chip 11, and a symmetric encryption algorithm and an asymmetric encryption algorithm are supported, where the asymmetric encryption algorithm is used for identity authentication, and the symmetric encryption algorithm is used for data encryption.
In one embodiment, the core chip 11 is used for processing business logic, wherein the business logic includes a settlement logic, and the settlement logic performs settlement according to the usage amount of the metering device, the balance of the server, and the unit price of the server, or performs settlement according to the usage amount of the metering device and the balance of the server. The settlement of the table end is realized, and further, the settlement function can still be realized under the condition that communication cannot be carried out; and because settlement is carried out based on the server data, the settlement data can be automatically corrected after communication is available, and the settlement accuracy is improved. After settlement, the balance or the allowance after settlement can be compared with a set threshold value, and whether to control the valve to close or not can be judged according to the comparison result. Business logic may also include postpaid mode logic.
In one embodiment, the metering device 1 automatically completes communication with the server 2 according to a meter reading period, and realizes the synchronization of the user records and settlement amounts of the meter end and the server end.
In one embodiment, the core chip 11 supports both prepaid mode and post-paid mode, prepaid mode supports meter-side and backend server 2 settlement, price mode supports tiered and non-tiered prices, and settlement mode supports both metered and monetary settlement.
Example 3:
as shown in fig. 4, the core chip 11 includes a communication interface 111, a logic processing unit 112, a meter controller interface 113, a core storage area 114, and an encrypted code area 115.
A meter controller interface 113 for communicating with a meter controller;
the communication interface 111 is used for controlling the communication module to perform data communication;
the core storage area 114 is used to store core data, which includes keys;
the encryption code area 115 is used for storing codes for performing encryption algorithm on data in a communication process;
the logic processing unit 112 is configured to execute encryption logic that: acquiring meter end data of a meter controller interface 113, randomly acquiring a key in a core storage area 114, and encrypting the meter end data by executing a code of an encryption algorithm of an encryption code area 115; and sends the encrypted data to the communication interface.
The communication interface is used for sending the table-side data to an external device communicated with the communication module through the communication module.
In one embodiment, the encrypted code region 115 further comprises code for a decryption algorithm, the encryption logic further comprising: the server data of the communication interface is received, the server data is decrypted according to the key in the core storage area 114 and the decryption algorithm of the encrypted code area 115, and the decrypted server data is sent to the meter controller interface 113.
In one embodiment, the encrypted code region 115 is further configured to store a code for authenticating both parties to the communication. The encryption logic further comprises: and acquiring server data of the communication module interface, authenticating the identity of a server data transmitting source, decrypting the server data according to a secret key in the core storage area 114 and a decryption algorithm of the encryption code area 115 if the authentication is passed, and transmitting the decrypted server data to the meter controller interface 113.
In one embodiment, the core chip further includes a service code region 116; the service code area 116 is used for storing service logic, which may be service logic established by a service provider; the logic processing unit 112 is also used for the execution of business logic; the core data also includes traffic data.
The service logic includes a settlement logic, which performs settlement according to the usage of the metering instrument end received by the metering instrument controller interface 113, the balance of the service end received by the communication interface, and the unit price of the server end, or performs settlement according to the usage of the metering instrument end received by the metering instrument controller interface 113 and the balance of the server end received by the communication interface. Knowing the usage amount, balance and unit price; or how to settle the account after knowing the usage amount and the margin is the prior art, and this embodiment will not be described in detail.
In one embodiment, the core chip further comprises a user memory area 117, said user memory area 117 being used for storing meter controller defined data.
In one embodiment, the core chip further includes an upgrade code area 118, where the upgrade code area 118 is used to upgrade the service code area 116 and the encryption code area 115, and when the service or encryption logic needs to be upgraded, the upgrade code area 118 will be responsible for writing new service logic and encryption logic into the service code area 116 and the encryption code area 115.
In this embodiment, the core chip may be used to perform service business operations, encryption/decryption operations, and identity authentication operations, thereby improving data interaction security and improving convenience of business operations.
In this embodiment, the core chip may provide a user storage space and a core storage space with a high security level, where the core storage space is used to store a key and an encryption algorithm, and core parameters (such as wallet, step price, gas record, server address, alarm amount, overdraft amount, and meter reading period) of the metering instrument, and the user storage space may be used to store data defined by a controller of the metering instrument.
In this embodiment, each core chip has a unique chip number.
In this embodiment, the core chip has a plurality of keys, and even if a certain key is cracked, the core chip can be switched to other keys to perform data encryption and decryption operations.
In this embodiment, a plurality of encryption algorithms (ECC, AES, RSA) are built in the core chip, and a symmetric encryption algorithm and an asymmetric encryption algorithm are supported, where the asymmetric encryption algorithm is used for identity authentication and the symmetric encryption algorithm is used for data encryption.
In this embodiment, the core chip supports the function of updating the key and the key algorithm online, and after establishing connection with the server and performing identity authentication, the core chip key and the key algorithm are allowed to be upgraded remotely through the server, so that convenience is improved.
In this embodiment, the core chip supports the online upgrade function of the service operation, and after establishing connection with the server and performing identity authentication, allows the server to perform remote upgrade service operation, thereby improving convenience.
In this embodiment, the core chip stores the core parameter of strapping table, can customize the gas table core business according to gas facilitator demand, can realize having ladder price and non-ladder price management function, the wallet function, amount of money, tolerance settlement function, and the gas record function, unified different facilitators' business logic, improve the convenience.
The above description is only an embodiment of the present invention, but the technical features of the present invention are not limited thereto, and any changes or modifications within the technical field of the present invention by those skilled in the art are covered by the claims of the present invention.
It should be noted that, in this document, relational terms such as first and second, and the like are used only for description
One entity or operation is distinguished from another entity or operation by no means required or implied
There may be any such actual relationship or order between the entities or operations. Also, the terms "include", "bag" and the like
The inclusion "or any other variation thereof is intended to cover a non-exclusive inclusion such that a list of elements is included
Include not only those elements but also those not expressly listed
Other elements may be inherent to such processes, methods, articles, or apparatus. In that
Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (6)
1. Metering instrument information safety interactive system with core chip, its characterized in that, the system includes: the system comprises a metering instrument and a server, wherein the metering instrument comprises a core chip and a communication module, and the server comprises a data acquisition module, a key management module and a business service module;
the core chip stores at least two keys; the system is used for randomly assigning a key to encrypt the meter end data when the metering meter sends the meter end data to the server, and sending the encrypted meter end data to the communication module;
the communication module is used for receiving the meter end data sent by the core chip and sending the meter end data to the data acquisition module;
the data acquisition module is used for receiving the meter end data sent by the communication module and sending the meter end data to the key management module;
the key management module stores the key of the core chip, and is used for receiving the meter end data sent by the data acquisition module, decrypting the meter end data and sending the decrypted meter end data to the service module;
the business service module is used for receiving the table end data sent by the key management module and processing according to the table end data;
different keys are adopted by core chips in different metering instruments; and/or the key management module is used for issuing a key algorithm or a key to the core chip, and the core chip is used for receiving the key algorithm or the key issued by the key management module so as to initialize or update the key algorithm or the key in the core chip;
the key management module is used for carrying out identity authentication on the core chip when the metering instrument is communicated with the server for the first time, and binding the core chip number, the metering instrument number and the user number after the authentication is passed; and the system is used for performing identity authentication on the core chip number when receiving the meter data sent by the data acquisition module, verifying whether the metering instrument number and the user number are matched with the bound data after the authentication is successful, executing the step of decrypting the meter data if the metering instrument number and the user number are matched with the bound data, and not executing the step of decrypting the meter data if the metering instrument number and the user number are not matched with the bound data;
the core chip is used for performing identity authentication operation after receiving the server data, executing the step of decrypting the server data if the identity authentication is passed, and not executing the step of decrypting the server data if the identity authentication is not passed.
2. The system of claim 1, wherein the core chip is a chip on a chip,
the business service module is used for sending the server data to the key management module;
the key management module is used for receiving the server data sent by the business service module, encrypting the server data through a key and sending the encrypted server data to the data acquisition module;
the data acquisition module is used for receiving the server data sent by the key management module and sending the server data to the communication module;
the communication module is used for receiving the server data sent by the key management module and sending the server data to the core chip;
and the core chip receives the server data sent by the communication module and decrypts the server data.
3. The system of claim 1, wherein the core chip is further configured for business logic processing, wherein the business logic comprises settlement logic; and the settlement logic performs settlement according to the usage of the metering instrument end, the balance of the server end and the unit price of the server end or performs settlement according to the usage of the metering instrument end and the allowance of the server end.
4. The metering device is characterized by comprising a metering instrument with a core chip and a communication module, wherein the metering instrument is used for communicating with a server;
the core chip stores at least two keys, and is used for randomly assigning one key to encrypt the end data when the metering instrument sends the end data to the server, and sending the encrypted end data to the communication module;
the communication module is used for receiving the meter end data sent by the core chip and sending the meter end data to the server, so that the server performs identity authentication on the number of the core chip when receiving the meter end data sent by the metering instrument, verifies whether the number of the metering instrument and the number of the user are matched with the bound data after the authentication is successful, if so, the step of decrypting the meter end data is executed, and if not, the step of decrypting the meter end data is not executed;
the core chip is used for receiving a key algorithm or a key issued by the server so as to initialize or update the key algorithm or the key in the core chip; and/or, the core chip stores at least two key algorithms, and the randomly assigning a key to encrypt the end data includes: randomly assigning a key to encrypt the end data through a randomly selected key algorithm;
the core chip is used for performing identity authentication operation when receiving the server data, executing the step of decrypting the server data if the identity authentication is passed, and not executing the step of decrypting the server data if the identity authentication is not passed.
5. The metrology instrument of claim 4 having a core chip wherein the communication module is configured to accept server data from a server and send the server data to the core chip; the core chip is used for receiving the server data received by the communication module.
6. The metering device with the core chip as claimed in claim 4, wherein the core chip is used for business logic processing, wherein the business logic comprises settlement logic, and the settlement logic performs settlement according to the usage amount of the metering device, the balance of the server and the unit price of the server or performs settlement according to the usage amount of the metering device and the residual amount of the server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711440099.7A CN108173845B (en) | 2017-12-27 | 2017-12-27 | Metering instrument with core chip and information security interaction system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711440099.7A CN108173845B (en) | 2017-12-27 | 2017-12-27 | Metering instrument with core chip and information security interaction system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108173845A CN108173845A (en) | 2018-06-15 |
| CN108173845B true CN108173845B (en) | 2021-10-22 |
Family
ID=62522041
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711440099.7A Active CN108173845B (en) | 2017-12-27 | 2017-12-27 | Metering instrument with core chip and information security interaction system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108173845B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117319450B (en) * | 2023-11-27 | 2024-02-09 | 成都秦川物联网科技股份有限公司 | Ultrasonic metering instrument data interaction method, device and equipment based on Internet of things |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101098225A (en) * | 2006-06-29 | 2008-01-02 | 中国银联股份有限公司 | Safety data transmission method and paying method, paying terminal and paying server |
| CN102710414A (en) * | 2012-05-30 | 2012-10-03 | 中国电力科学研究院 | Randomized document block encryption method |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102143162A (en) * | 2011-01-21 | 2011-08-03 | 郑州华润燃气有限公司 | Encryption control circuit and operation control method for embedded remote transmission metering instrument |
| CN102098391B (en) * | 2011-04-01 | 2014-12-03 | 华为数字技术(成都)有限公司 | Communication terminal and communication information processing method thereof |
| CN103763631B (en) * | 2014-01-07 | 2018-06-01 | 青岛海信电器股份有限公司 | Authentication method, server and television set |
| CN105516210B (en) * | 2016-02-05 | 2018-08-21 | 山东信通电子股份有限公司 | The system and method for terminal security access authentication |
| CN106060064B (en) * | 2016-06-24 | 2019-07-16 | 刘虎 | A kind of public utilities instrument system and its management method |
| CN108418781A (en) * | 2017-02-10 | 2018-08-17 | 北京华大智宝电子系统有限公司 | A kind of control method of data transmission, device and safety bus module |
-
2017
- 2017-12-27 CN CN201711440099.7A patent/CN108173845B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101098225A (en) * | 2006-06-29 | 2008-01-02 | 中国银联股份有限公司 | Safety data transmission method and paying method, paying terminal and paying server |
| CN102710414A (en) * | 2012-05-30 | 2012-10-03 | 中国电力科学研究院 | Randomized document block encryption method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108173845A (en) | 2018-06-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108140182B (en) | Message dispatcher for payment system | |
| CN113475035A (en) | Flick to copy data to clipboard through NFC | |
| US20180053179A1 (en) | Method and System to Enable Mobile Contactless Ticketing/Payments Via a Mobile Phone Application | |
| CN103729942A (en) | Method and system for transmitting transmission key from terminal server to key server | |
| US20220078027A1 (en) | System and method for reconfiguring and deploying soft stock-keeping units | |
| CN101373440B (en) | Method and device for processing firmware upgrading data | |
| US10248940B1 (en) | Modular firmware for transaction system | |
| CN112889046A (en) | System and method for password authentication of contactless cards | |
| CN102867366A (en) | Portable bank card data processing device, system and method | |
| CN113168631A (en) | System and method for password authentication of contactless cards | |
| US11887022B2 (en) | Systems and methods for provisioning point of sale terminals | |
| CN106910063A (en) | A kind of offline payment method and system | |
| CN103502991B (en) | Equipment configuration and the determination of programming data | |
| CN108173845B (en) | Metering instrument with core chip and information security interaction system | |
| CN108334927B (en) | NFC (near field communication) receipt tag and payment method thereof | |
| CN103927669A (en) | Anti-fake system and method overcoming communication interrupting based on NFC function | |
| CN104134294A (en) | Authorization authentication method based on business hall self-service terminal | |
| CN104486323A (en) | POS (Point of Sale) terminal safety controlled networking activation method and device | |
| US11928672B2 (en) | Personalization method and system for financial IC card having dynamic verification code | |
| CN103778530A (en) | Industry application account over-the-air transferring method, system and apparatus | |
| CN113490952A (en) | System and method for performing complementary distribution of contactless cards | |
| CN101887503A (en) | Seed circulation supervision system and authentication method thereof | |
| KR101886807B1 (en) | Payment System for HCE Mobile Advance Payment Type Traffic Card using minimum balance and Payment Method thereof | |
| KR101691169B1 (en) | Method for distributing encrypt key, card reader, authentification server and system for distributing encrypt key thereof | |
| KR20160137082A (en) | Method for distributing encrypt key, card reader and system for distributing encrypt key thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |