CN108475317A - System and method for protecting Internet of Things (IoT) device preset - Google Patents

Abstract

The present invention provides a kind of system and method using the association preset IoT devices of ID codes.For example, an embodiment of method includes：It generates and is associated between new Internet of Things (IoT) device identifies (ID) code and is associated with ID codes；By the associated storage in the IoT facility databases that IoT is serviced；The association ID codes are retrieved from the new IoT devices；The association ID code transfers are serviced to the IoT, the IoT services execute lookup to determine described device ID codes using the association ID codes in the IoT facility databases；And the preset IoT devices are to use described device ID codes and the IoT communication for services.

Description

System and method for protecting Internet of Things (IoT) device preset

Background technology

Technical field

Present invention relates generally to field of computer.More particularly, it relates to for protecting Internet of Things (IoT) The preset system and method for device.

Related field explanation

" Internet of Things " refer in Internet basic framework can unique identification embedded equipment interconnection.Finally, IoT is estimated New type will be caused to be widely applied, in such applications, almost any type of physics things can be provided about it The information of body or its ambient enviroment and/or can be remotely controlled by the client terminal device on internet.

Due to lacking some related problems with connectivity, power and standardization, the exploitation and use of Internet of Things are compared always Relatively slowly.For example, IoT is developed and is using a faced obstacle, no standard platform allows developer to design and carry For new IoT devices and service.In order to enter the markets IoT, developer must design entire IoT platforms from the beginning, including IoT needed for supporting realizes the procotol needed and architecture, hardware, software and services.Therefore, IoT devices is each Family is provided commercial city and IoT devices is designed and connected using proprietary technology, this makes for end user, and use is a plurality of types of IoT devices are a hard works.IoT is related with the connection of IoT devices and power supply using another obstacle faced Difficulty.For example, the electric appliance of connection refrigerator, garage door switch, environmental sensor, domestic security sensor/controller etc. Need power supply for each connection IoT devices power, and this power supply usually position it is inconvenient.

Another existing problem is usual for interconnecting the wireless technology of IoT devices such as Bluetooth LE (BTLE) It is short-range technologies.So if the data collection center for implementing IoT is in except the range of IoT devices, IoT devices It will be unable to transfer data to the centers IoT (vice versa).Therefore, it is necessary to allow IoT devices to provide data to except range The centers IoT (or other IoT devices) technology.

In addition, the current IoT implementations dependent on wireless communication protocol such as BTLE do not provide enough safety measures.Cause This, needs other technology to improve the safety during IoT is implemented.

Description of the drawings

In combination with following drawings the present invention is more fully understood from detailed description below, wherein：

Figure 1A to Figure 1B shows the different embodiments of IoT system architectures；

Fig. 2 shows the IoT devices of an embodiment according to the present invention；

Fig. 3 shows the centers IoT of an embodiment according to the present invention；

Fig. 4 A to Fig. 4 B show that the present invention is used to controlling and collecting the data from IoT devices and generates the reality of notice Apply scheme；

Fig. 5 shows that the present invention takes for collecting the data from IoT devices and generating from the centers IoT and/or IoT The embodiment of the notice of business；

Fig. 6 shows that intermediate mobile device collects the data for carrying out self-retaining IoT devices and the data are supplied to the centers IoT System an embodiment；

Fig. 7 shows the intermediate connection logic implemented in one embodiment of the invention；

The method that Fig. 8 shows an embodiment according to the present invention；

Fig. 9 A, which are shown to IoT devices, provides program code and the newer embodiment of data；

Fig. 9 B show the embodiment for providing program code and the newer method of data to IoT devices；

Figure 10 shows the high-level view of an embodiment of security architecture；

Figure 11 is shown in which to store one of the framework of key on IoT devices using subscriber identity module (SIM) Embodiment；

Figure 12 A are shown in which to register an embodiment of IoT devices using bar code or QR codes；

Figure 12 B are shown in which the embodiment matched using bar code or QR codes；

Figure 13 shows an embodiment for using the centers IoT to the SIM methods being programmed；

Figure 14 is shown for an embodiment to the centers IoT and the method for IoT service registration IoT devices；And

Figure 15 shows an embodiment of the method for encrypting the data that be sent to IoT devices；

Figure 16 A to Figure 16 B show different implementations of the present invention for the encryption data between IoT services and IoT devices Scheme；

It is close for executing security key exchange, generating public code and the password being used to generate that Figure 17 shows the present invention The embodiment of key stream；

Figure 18 shows the packet structure of an embodiment according to the present invention；

Figure 19 show in one embodiment used by the case where not matched formally with IoT devices to IoT Data/from the technology of IoT device for reading data are written in device；

Figure 20 shows the one group of exemplary command used in one embodiment of the invention；

Figure 21 shows the exemplary sequence of the transaction using order packet；

The method that Figure 22 shows an embodiment according to the present invention；

Figure 23 A to Figure 23 C show the method for matching safely of an embodiment according to the present invention；

Figure 24 is shown for adjusting advertisement interval to identify one embodiment of the invention of data transmission conditions；

The method that Figure 25 shows an embodiment according to the present invention；

Figure 26 A to Figure 26 C are shown in which that the reality that data-/ command is transferred to IoT devices is attempted at multiple centers IoT Apply the operation of scheme；

The method that Figure 27 shows an embodiment according to the present invention；

Figure 28 shows an embodiment of the system for protecting IoT devices preset；

The method that Figure 29 shows an embodiment according to the present invention；

Figure 30 is used to carry out multiple IoT devices one embodiment of the system of flow control；

The method that Figure 31 shows an embodiment according to the present invention；And

Figure 32 shows an embodiment party of the system for managing application attribute, system property and priority notification attribute Case.

Specific implementation mode

In the following description, for illustrative purposes, many specific details be set forth herein to understand thoroughly hereafter Embodiment of the present invention of description.However, those skilled in the art is readily apparent, it can be in these no specific details Some in the case of put into practice embodiment of the present invention.In other cases, to exempt from the base of fuzzy embodiment of the present invention Present principles, well known construction and device are shown in block diagram form.

One embodiment of the invention includes a kind of Internet of Things (IoT) platform, developer can using the platform come Design and build new IoT devices and application.In particular, an embodiment includes for the basic hard of Internet of things device Part/software platform, the platform include predefined network protocol stack and the centers IoT, and IoT devices are connected to by the centers IoT Internet.It is serviced in addition, an embodiment includes an IoT, can be serviced by the IoT and access and manage as described below The IoT devices at the centers IoT and connection.In addition, an embodiment of IoT platforms include access and configure IoT service, in The IoT application programs or Web of the heart and the device of connection apply (for example, being executed on client terminal device).Existing online retail Quotient and other website operators easily can provide unique IoT work(using IoT platforms as described herein for existing user group Energy.

Figure 1A shows the general view for the architecture platform that embodiment of the present invention may be implemented thereon.Specifically, it is illustrated that Embodiment includes multiple IoT devices 101 to 105, during these IoT devices are communicably connected to by local communi-cation channel 130 The centers IoT 110, center centers IoT itself is entreated to be communicably coupled to IoT services 120 by internet 220.IoT devices 101 To each IoT devices in 105 initially can (for example, using matching technology described below) and the centers IoT 110 match so that Obtain each local communi-cation channel that can be realized in local communi-cation channel 130.In one embodiment, IoT services 120 include End user data library 122, for safeguarding the user account information and data collected from the IoT devices of each user.For example, such as Fruit IoT devices include sensor (for example, temperature sensor, accelerometer, heat sensor, motion detector etc.), then database 122 can constantly update to store the data collected by IoT devices 101-105.The data being stored in database 122 then can With via on user apparatus 135 IoT application programs or browser (or via desktop computer or other clients Computer system) so that end user and networking client (for example, having subscribed the website 130 of IoT services 120) is able to access that.

IoT devices 101 to 105 can be equipped with various types of sensors to collect about itself and its ambient enviroment Information, and the information of collection is supplied to IoT services 120, user apparatus 135 and/or external website via the centers IoT 110 130.Some in IoT devices 101 to 105 can be specified to execute in response to the control command that is sent by the centers IoT 110 Function.A variety of specific examples of the information and control command collected by IoT devices 101 to 105 are provided below.It is described below An embodiment in, IoT devices 101 be designed to record user selection and by user selection be sent to IoT service 120 And/or the user input apparatus of website.

In one embodiment, the centers IoT 110 include cellular radio, with via such as 4G (for example, mobile WiMAX, LTE) or 5G cellular data services cellular service 115 establish to internet 220 connection.Alternatively or except this it Outside, the centers IoT 110 may include WiFi radio devices, with by by the centers IoT 110 be connected to internet (for example, via To end user provide Internet service Internet Service Provider) WiFi access points or router 116 establish WiFi connect It connects.Of course, it should be noted that the basic principle of the present invention is not limited to any certain types of communication channel or agreement.

In one embodiment, IoT devices 101 to 105 be can using battery capacity for a long time (for example, several years) The ultra low power device of operation.In order to save power, low power wireless communication technology such as Bluetooth Low Energy (LE) can be used To realize local communi-cation channel 130.In this embodiment, each device in IoT devices 101 to 105 and the centers IoT 110 equipped with bluetooth LE radio devices and protocol stack.

As described above, in one embodiment, which includes being executed on user apparatus 135 to allow user Access and configure the IoT application programs or Web of connected IoT devices 101 to 105, the centers IoT 110 and/or IoT services 120 Using.In one embodiment, the application program or Web applications can be designed as from the network operator of website 130 to its user Group provides IoT functions.As shown, the website can be safeguarded comprising the customer data base with the relevant Account History of each user 131。

Figure 1B shows the additional connectivity option for multiple centers IoT 110 to 111,190.In this embodiment, single A user can at single user guard station 180 (for example, the family of user or job site) in-site installation have multiple centers 110 to 111.It can do so (for example) to extend the wireless range connected needed for all IoT devices 101 to 105.As shown, if User has multiple centers 110,111, then they can be via local communi-cation channel (for example, Wifi, Ethernet, power line network Network etc.) connection.In one embodiment, each center in center 110 to 111 can by cellular connection 115 or WiFi connections 116 (being not explicitly shown in Figure 1B) are directly connected to establish with IoT services 120.Alternatively or in addition to this, One of centers IoT such as centers IoT 110 can serve as " master " center, the every other IoT on user resident 180 The center such as centers IoT 111 provide connectivity and/or local service (such as the dotted line at the centers connection IoT 110 and the centers IoT 111 It is shown).For example, the main centers IoT 110 can be the unique centers IoT being directly connected to established with IoT services 120.In a reality Apply in scheme, only the centers " master " IoT 110 equipped with cellular communication interface with establish with IoT service 120 connection.In this way, All communications between IoT services 120 and other centers IoT 111 will flow through the main centers IoT 110.As this role, main IoT Center 110 can have additional program code, with to the data exchanged between other centers IoT 111 and IoT services 120 Execute filter operation (for example, when possible, in local service in some request of data).

Regardless of the centers IoT 110 to 111 connect, in one embodiment, IoT services 120 will be logically by center It is associated with user, and by the combination of the IoT devices 101 to 105 of all attachments can be via being equipped with application program 135 Under the single comprehensive user interface (and/or interface based on browser) that user apparatus accesses.

In this embodiment, the main centers IoT 110 and the one or more centers subordinate IoT 111 can pass through local network Connection, the local network can be WiFi network 116, Ethernet and/or use power line communication (PLC) network (for example, wherein The electric wire running fully or partially through user of network).In addition, for the centers IoT 110 to 111, IoT devices 101 to Each device in 105 can use any kind of local network channel of such as WiFi, Ethernet, PLC or bluetooth LE It is interconnected with the centers IoT 110 to 111.

Figure 1B also shows the centers IoT 190 at second user guard station 181.Such IoT of virtually limitless quantity Center 190 can be mounted and configure, to collect the data of the IoT devices 191 to 192 at user resident all over the world. In one embodiment, it can be two user residents 180 to 181 of same user configuration.For example, a user resident 180 Can be the main house of user, and another user resident 181 can be the chalet of user.In this case, IoT takes Business 120 will be logically associated with user by the centers IoT 110 to 111,190, and by the IoT devices 101 to 105 of all attachments, 191 to 192 combinations can via single comprehensive user interface that the user apparatus for being equipped with application program 135 accesses (and/ Or the interface based on browser) under.

As shown in Fig. 2, an exemplary implementation scheme of IoT devices 101 includes for storing program code and data 201 To 203 memory 210 and for execute program code and handle data low power microcontroller 200.Memory 210 It can be the volatile memory of such as dynamic random access memory (DRAM), or can be the non-of such as flash memories Volatile memory.In one embodiment, nonvolatile memory can be used for permanently storing, and volatile memory can For executing program code and data at runtime.In addition, memory 210 can be integrated in low power microcontroller 200, or Person can be connected to low power microcontroller 200 via bus or communication structure.The basic principle of the present invention is not limited to memory 210 any specific implementation.

As shown, said program code may include defining to be executed by IoT devices 201 one group to apply specific work( The application code 203 of energy and one group including that can be utilized by the application developer of IoT devices 101 predefined structure The bank code 202 of block.In one embodiment, bank code 202 includes the one group of basic function realized needed for IoT devices, all Such as the communication protocol for making it possible to realize each IoT device in IoT devices 101 and the communication between the centers IoT 110 Stack 201.As described above, in one embodiment, communication protocol stack 201 includes bluetooth LE protocol stacks.In this embodiment, Bluetooth LE radio devices and antenna 207 can be integrated in low power microcontroller 200.However, the present invention's is substantially former Reason is not limited to any specific communication protocol.

Specific embodiment shown in Fig. 2 further includes receiving user's input and providing to low power microcontroller to be somebody's turn to do Multiple input device or sensor 210 input by user, low power microcontroller according to application program 203 and bank code 202 at Manage user input.It is that each input unit in input unit includes for end user at one in embodiment The LED 209 of feedback is provided.

In addition, illustrated embodiment includes the battery 208 for powering to low power microcontroller.In an embodiment In, use non-rechargeabel button cell.However, in an alternative embodiment, integrated chargeable electricity can be used Pond (for example, being charged by the way that IoT devices are connected to AC power (not shown)).

Loud speaker 205 for generating audio is also provided.In one embodiment, low power microcontroller 299 includes For decoding compressed audio stream (for example, such as MPEG-4/ Advanced Audio Codings (AAC) flow) to generate sound on loud speaker 205 The audio decoder logic of frequency.Alternatively, low power microcontroller 200 and/or application code/data 203 may include that number is adopted The audio fragment of sample, to provide Verbal Feedback to end user when user is via 210 input selection of input unit.

In one embodiment, the specific application being designed to based on IoT devices 101, can be in IoT devices 101 It is upper include one or more other/alternative I/O devices or sensor 250.For example, may include environmental sensor to measure temperature Degree, pressure, humidity etc..May include security sensor and/or door lock opener if IoT devices are used as safety device. Certainly, these examples provide just for the sake of the purpose illustrated.The basic principle of the present invention is not limited to any specific The IoT devices of type.In fact, in view of the high programmable nature of the low power microcontroller 200 equipped with bank code 202, Application developer can easily develop new application code 203 and new I/O devices 250 with for almost any type of IoT is applied and is interacted with low power microcontroller.

In one embodiment, low power microcontroller 200 further includes security key storage part, for storing for adding The encryption key of close communication and/or generation signature.Alternatively, key can be protected in subscriber identification module (SIM).

In one embodiment, including receiver 207 is waken up with the ultralow work(by IoT devices from hardly consumption power It is waken up in rate state.In one embodiment, receiver 207 is waken up to be configured to respond to exist from configuration as shown in Figure 3 Wake-up signal that wake-up transmitter 307 on the centers IoT 110 receives makes IoT devices 101 exit the low power state.Tool Say to body, in one embodiment, transmitter 307 and receiver 207 form electric resonance transformer circuit together, such as it is special this Bracing wire circle.In operation, when center 110 needs to wake up IoT devices 101 from extremely low power rating, energy is believed via radio frequency Number it is sent to receiver 207 from transmitter 307.Due to this energy transmission, IoT devices 101 may be configured in low work( Power is hardly consumed when rate state, because it need not continuously " listen to " signal from center (as using permission device The case where procotol being waken up by network signal, is such).More precisely, the microcontroller 200 of IoT devices 101 can Be configured as by using from transmitter 307 with electrical way is sent to the energy of receiver 207 and is being effectively powered down It is waken up later.

As shown in figure 3, the centers IoT 110 further include memory 317, the Yi Jiyong for storing program code and data 305 In such as microcontroller of hardware logic 301 for executing program code and processing data.Wide area network (WAN) interface 302 and antenna 310 The centers IoT 110 are connected to cellular service 115.Alternatively, as described above, the centers IoT 110 can also connect including local network Mouth (not shown), such as WiFi interfaces (and WiFi antennas) or Ethernet interface, for establishing WLAN communication channel.At one In embodiment, hardware logic 301 further includes security key storage part, and coded communication and generation/verification label are used for for storing The encryption key of name.Alternatively, key can be protected in subscriber identification module (SIM).

Local communication interface 303 and antenna 311 are established to be believed with the local communication of each in IoT devices 101 to 105 Road.As described above, in one embodiment, 303/ antenna 311 of local communication interface implements bluetooth LE standards.However, this hair Bright basic principle is not limited to use in any specific agreement of foundation and the local communi-cation channel of IoT devices 101 to 105.Although It is shown as individual unit in figure 3, but wan interface 302 and/or local communication interface 303 can be embedded in and be patrolled with hardware It collects in 301 identical chips.

In one embodiment, program code and data include communication protocol stack 308, which may include Separated storehouse is used to being communicated by local communication interface 303 and wan interface 302.Furthermore, it is possible to which device is matched journey Sequence code and the storage of data 306 are in memory to allow the centers IoT to be matched with new IoT devices.In one embodiment, Unique code is distributed for each new IoT devices 101 to 105, the unique code is transmitted to the centers IoT during pairing 110.For example, the unique code can be embedded in the bar code on IoT devices, and can be read by barcode reader 106 It takes, or can be transmitted by local communi-cation channel 130.In an alternative embodiment, the unique ID code is magnetic Ground is embedded on IoT devices, and there is Magnetic Sensor such as Radio Frequency ID (RFID) or near-field communication (NFC) to sense at the centers IoT Device, to detect the code when IoT devices 101 move in more than 110 inches of centers distance IoT.

In one embodiment, once communicated unique ID, the centers IoT 110 can be come in the following manner Verify unique ID：Inquiry local data base (not shown), execute hash verify the code it is whether acceptable and/or It is communicated with IoT services 120, user apparatus 135 and/or website 130 to verify the ID codes.In one embodiment, once Through verification, the centers IoT 110 just and IoT devices 101 match and paired data is stored in memory 317 (as described above, The memory may include nonvolatile memory).Once pairing is completed, the centers IoT 110 can be connect with IoT devices 101 To execute various IoT functions as described herein.

In one embodiment, the tissue of operation IoT services 120 can provide the centers IoT 110 and basic hardware/soft Part platform is serviced with allowing developer easily to design new IoT.It, can be in particular, other than the centers IoT 110 Software Development Kit (SDK) is provided for developer to update the program code executed in center 110 and data 305.Separately Outside, for IoT devices 101, SDK may include for basis IoT hardware (for example, low power microcontroller shown in Fig. 2 200 And other assemblies) one group of extensive bank code 202 of design various types of applies 101 to be conducive to design.At one In embodiment, SDK includes that developer only needs to be the specified graphic designs interface output and input of IoT devices wherein. It has been developer's all set all networking codes, including IoT devices 101 is allowed to be connected to center 110 and service 120 Communication stack 201.In addition, in one embodiment, SDK further include for promote be mobile device (for example, iPhone and Android devices) design application bank code base.

In one embodiment, the centers IoT 110 manage continuous between IoT devices 101 to 105 and IoT services 120 Bidirectional traffic.In the case that need real-time update to IoT devices 101 to 105/ from these IoT devices it is newer (for example, In the case that user needs to check the current state of safety device or environmental readings), the TCP sets that the centers IoT can stay open Word is connect to provide regularly updating to user apparatus 135 and/or external website 130.For providing newer specific networking protocol It can be adjusted according to the demand that bottom is applied.For example, in some cases, if continuous bidirectional flow may be nonsensical, Then information can be collected when needed using simple request/response protocol.

In one embodiment, the centers IoT 110 and IoT devices 101 to 105 can automatically be upgraded by network.Tool It says to body, when the centers IoT 110 have new update can be used, it can automatically download from IoT services 120 and install this update. It in newer Code copying to local storage, will can run and verify this update first, then replace older program Code.It similarly, initially can be by the centers IoT when each IoT device in IoT devices 101 to 105 has update can be used 110, which download these, updates and pushes it to each IoT device in IoT devices 101 to 105.Then, each IoT devices 101 to 105 may be used similar to the above-mentioned mode application update for the centers IoT, and newer result is reported back in IoT The heart 110.If be updated successfully, the centers IoT 110 can delete this update from its memory, and record and be mounted on each IoT On device newest code release (such as so that it can continue checking for whether each IoT devices have new update).

In one embodiment, the centers IoT 110 are powered by AC power.In particular, the centers IoT 110 can wrap The power supply unit 390 with transformer is included, wherein transformer is for being converted to the alternating voltage provided by AC power cord Lower DC voltage.

Fig. 4 A show that the present invention executes an embodiment of Universal Remote control operation using IoT systems.Specifically It says, in this embodiment, one group of IoT devices 101-103 is respectively equipped with infrared (IR) and/or radio frequency (RF) transmitter 401- 403, for sending remote-control code to control various types of electronic equipment, including air-conditioning/heater 430, illumination System 431 and audio-visual equipment 432 (naming just a few).In the embodiment shown in Fig. 4 A, IoT devices 101-103 also matches respectively Sensor 404-406 is had, the operation for detecting the device that they are controlled, as described below.

For example, the sensor 404 in IoT devices 101 can be temperature for sensing Current Temperatures/humidity and/or wet Sensor is spent, and air-conditioning/heater 430 is responsively controlled based on current desired temperature.In this embodiment, empty Tune/heater 430 is designed to that (being typically itself has the temperature sensor being embedded via remote control apparatus Remote controler) come air-conditioning/heater for controlling.In one embodiment, user is via the application on user apparatus 135 Program or browser provide required temperature to the centers IoT 110.The control logic 412 executed on the centers IoT 110, which receives, to be come It from Current Temperatures/humidity data of sensor 404, and responsively sends and orders to IoT devices 101, with according to required temperature Degree/humidity controls IR/RF transmitters 401.For example, if temperature is less than required temperature, control logic 412 can be via IR/RF transmitters 401 send order to increase temperature (for example, being heated by closing air-conditioning or opening to air-conditioning/heater Device).The order may include the necessary remote-control code in the database 413 being stored on the centers IoT 110.Alternatively or In addition to this, IoT services 421 can implement control logic 421, with based on specified user preference and the control routine stored 422 carry out control electronics 430-432.

IoT devices 102 in shown example be used to control illumination 431.Specifically, the sensor in IoT devices 102 405 can be photoelectric sensor or photoelectric detector, be configured as what detection was generated by lamps and lanterns 431 (or other lighting apparatus) The present intensity of light.User can via user apparatus 135 to the centers IoT 110 specify required illumination level (including on or off Instruction).In response, control logic 412 will send order to control the present intensity water of lamp 431 to IR/RF transmitters 402 It is flat (for example, increasing illumination if present intensity is too low, or illumination to be reduced if present intensity is too high；Or it only beats Turn on light or close lamp).

IoT devices 103 in shown example are configured for control audio-visual equipment 432 (for example, television set, A/V are received Device, wired/satellite receiver, AppleTV^TMDeng).Sensor 406 in IoT devices 103 can be for detecting current environment The audio sensor (for example, microphone and associated logic) of audio volume level and/or the light generated based on television set are detected The photoelectric sensor (for example, by measuring the light in special spectrum) of the open and close situation of television set.Alternatively, sensor 406 may include the temperature sensor for being connected to audio-visual equipment, to detect the unlatching of audio frequency apparatus based on detected temperature Close situation.Again, in response to user's input via user apparatus 135, control logic 412 can be via IoT devices 103 IR transmitters 403 send to audio-visual equipment and order.

It should be noted that the above is only the exemplary example of one embodiment of the invention.The present invention's is substantially former Reason is not limited to any certain types of sensor controlled by IoT devices or equipment.

It is couple in the embodiment at the centers IoT 110, sensor number via bluetooth LE connections in IoT devices 101-103 It is sent by bluetooth LE channels according to order.However, the basic principle of the present invention is not limited to bluetooth LE or any other communication mark It is accurate.

In one embodiment, the control routine needed for each electronic equipment is controlled to be stored on the centers IoT 110 In database 422 in database 413 and/or in IoT services 120.As shown in Figure 4 B, control routine can take from for IoT The primary database of the control routine 422 for the different part equipment safeguarded in business 120 is provided to the centers IoT 110.End user can With the class of specified electronics (or other) equipment to be controlled via the application program or browser that are executed on user apparatus 135 Type, and in response, the supercentral remote-control code study modules of IoT 491 can service the long-range control on 120 from IoT Code database 492 processed retrieves required IR/RF codes (for example, each electronic equipment is identified with unique ID).

In addition, in one embodiment, the centers IoT 110 are equipped with IR/RF interfaces 490, to allow remote-control code Study module 491 is directly from the remote-control code new with electronic equipment original remote controllers 495 " study " provided together. For example, if not including for the control generation with the original remote controllers provided together of air-conditioning 430 in remote control data library Code, then user can interact via application program/browser on user apparatus 135 with the centers IoT 110, to instruct IoT The various control routines (for example, increasing temperature, reduction temperature etc.) that center 110 is generated by original remote controllers.Once learning Remote-control code, they are stored in the control routine database 413 on the centers IoT 110, and/or by IoT services 120 are sent back, to be included in central-remote control routine database 492 (and then by with identical sky Adjust the other users use of unit 430).

In one embodiment, each IoT devices in IoT devices 101-103 have very small form factor, and And double faced adhesive tape, small nail, magnetic attachment etc. can be used to be attached on or near their own electronic equipment 430-432. In order to control certain part equipment (such as air-conditioning 430), IoT devices 101 need to be placed enough to remote so that sensor 404 can be accurate The environment temperature in family really is measured (if for example, IoT devices are directly placed on air-conditioning, the temperature survey when operation of air conditioner Magnitude can be too low, and measured temperature can be too high when heater is run).In contrast, it is used to control the IoT devices of illumination 102 can be placed on luminaire 431 or near it, so that sensor 405 detects current illumination level.

Other than the overall control function is provided, an embodiment party of the centers IoT 110 and/or IoT services 120 Case sends the relevant notice of current state with each electronic equipment to terminal user.The notice can be text message and/or Specific to the notice of application program, can then be displayed on the display of mobile device 135 of user.For example, if The air-conditioning of user has had already turned on one section of long period but temperature does not change, then the centers IoT 110 and/or IoT services 120 can send the notice that air-conditioning does not work normally to user.If user stays out, (this can be examined by motion sensor Survey, or detected based on currently detected user location), and sensor 406 indicates that audio-visual equipment 430 is opened or sensing 405 indicator light of device is opened, then can send and notify to user, asks the user whether to want to close audio-visual equipment 432 and/or lamp 431. The notice of same type can be sent for any device type.

Once user receives notice, he/her can be by application program on user apparatus 135 or browser come remote Journey ground control electronics 430-432.In one embodiment, user apparatus 135 is touch panel device, and application program Or browser shows that band is useful for the remote controllers image of the optional button of user of control device 430-432.User receives After notice, graphic remote controller can be opened, closes or adjust a variety of different equipment.If connected via IoT services 120 It connects, then the selection of user can service 120 from IoT and be forwarded to the centers IoT 110, then will be set by control logic 412 to control It is standby.Alternatively, user's input can be sent directly to the centers IoT 110 from user apparatus 135.

In one embodiment, user can be programmed the control logic 412 on the centers IoT 110, with to electronics Equipment 430-432 executes various automatic control functions.In addition to keeping required temperature, luminance level and audio volume level as described above Except, if detecting certain conditions, electronic equipment can be automatically closed in control logic 412.For example, if control logic 412 detect that user stays out and air-conditioning does not work, then air-conditioning can be automatically closed.Similarly, if user stays out, and And sensor 406 indicates that audio-visual equipment 430 is opened or 405 indicator light of sensor is opened, then control logic 412 can be via IR/RF transmitters 403 and 402 are automatic respectively to send order, to close audio-visual equipment and lamp.

Fig. 5 shows the IoT devices 104-105 equipped with the sensor 503-504 for monitoring electronic equipment 530-531 Other embodiments.In particular, the IoT devices 104 of the present embodiment include temperature sensor 503, can place On cooking stove 530 or near the cooking stove, to detect when cooking stove remains on.In one embodiment, IoT devices 104 will The Current Temperatures measured by temperature sensor 503 are sent to the centers IoT 110 and/or IoT services 120.If detecting that cooking stove is beaten It is more than threshold time period (for example, based on measured temperature) to open, then control logic 512 can be to the device 135 of end user Notice is sent, informs that user's cooking stove 530 is in open state.In addition, in one embodiment, IoT devices 104 may include Control module 501, to close cooking stove or automatically (if 512 quilt of control logic in response to receiving instruction from the user User program is to do so) close cooking stove.In one embodiment, control logic 501 include cut-out cooking stove 530 electric power or The switch of gas supply.However, in other embodiments, control logic 501 can be incorporated in cooking stove.

Fig. 5 also shows the IoT devices 105 with motion sensor 504, for detecting certain form of electronic equipment The movement of (such as, washing machine and/or dryer).Available another kind sensor is the sound for detecting ambient volume level Video sensor (for example, microphone and logic).As other above-mentioned embodiments, if meeting certain specified conditions (for example, if detecting that movement has carried out one section of long period, it indicates that washing/drying machine is not turned off), the then embodiment party Case can send to end user and notify.Although not shown in FIG. 5, IoT devices 105 may be fitted with control module, with Washing/drying machine 531 (for example, by turn off electricity/gas) is closed automatically and/or in response to user's input.

In one embodiment, the first IoT devices with control logic and switch, which can be configured as, closes user All electric power in family, and the 2nd IoT devices with control logic and switch can be configured as the institute closed in user family There is gas supply.Then the electronic equipment or the gas-powered equipment of confession that the IoT devices with sensor can be arranged in user family On or near.If user is notified, there are specific equipment (for example, cooking stove 530) to be not turned off, and user can then send out The order for sending all electric power or gas supply in shutdown man, to prevent from damaging.Alternatively, the centers IoT 110 and/or IoT services Control logic 512 in 120 can be configured as automatically shuts down electric power or gas supply in this case.

In one embodiment, the centers IoT 110 and IoT services 120 are communicated with periodic interval.If IoT Service 120 detects that the connection with the centers IoT 110 has been lost (for example, failing to connect from the centers IoT within the specified duration Receive request or response), then it communicates this information to the equipment 135 of end user (such as by sending information message or spy Due to the notice of application program).

For passing through intermediate device

Transmit the device and method of data

As described above, because being typically short-range technologies for interconnecting the wireless technology (such as bluetooth LE) of IoT devices, If the center for implementing IoT is in except the range of IoT devices, IoT devices will be unable to transfer data to the centers IoT (vice versa).

In order to overcome this defect, one embodiment of the invention to provide a kind of mechanism for IoT devices, locate Except the wireless range at the centers IoT, so as to when one or more mobile devices are in range periodically with it is one Or multiple mobile device connections.Once establishing connection, IoT devices can pass any data for being provided to the centers IoT Defeated to arrive mobile device, then which forwards the data to the centers IoT.

As shown in fig. 6, an embodiment include the centers IoT 110, range beyond the centers IoT 110 IoT devices 601 and mobile device 611.Off-limits IoT devices 601 may include any form that can collect and transmit data IoT devices.For example, IoT devices 601 may include the transacter being configured in refrigerator, it can in refrigerator to monitor The user of edible food, these edible food and Current Temperatures.Certainly, basic principle of the invention is not limited to any specific The IoT devices of type.The techniques described herein can be implemented using any kind of IoT devices, including those are used to collect Device with transmission for the data of following household electrical appliances：Intelligence instrument, cooking stove, washing machine, dryer, lighting system, HVAC system It (is named just a few) with audio-visual equipment.

In addition, mobile device in operation, IoT devices 611 shown in fig. 6 can be transmitted data and storage number According to any type of mobile device.For example, in one embodiment, mobile device 611 is to be equipped with application program thereon Smart mobile phone, to be conducive to the techniques described herein.In another embodiment, mobile device 611 includes wearable sets Communicated tokens, smartwatch or body-building device standby, be such as attached on necklace or bracelet.Wearable token is for old user Or do not possess the other users of smart-phone device may be particularly useful.

In operation, off-limits IoT devices 601 can be checked occurs either periodically or continuously and mobile device 611 Connectivity.It is collected on IoT devices 601 when setting up connection (for example, the result moved about in refrigerator as user) Any data 605 are automatically sent to the ephemeral data repository 615 in mobile device 611.In one embodiment, IoT Device 601 and mobile device 611 establish local wireless communication channel using low-power wireless standard (such as BTLE).In this way In the case of, mobile device 611 and IoT devices 601 can initially be matched using known matching technology.

Once having transferred data to ephemeral data repository, mobile device 611 will just be set up with the centers IoT 110 (for example, when user walks about in the range of the centers IoT 110) transmission data when communication.Then the centers IoT can deposit data Storage in central data repository 413, and/or by internet transmit data to one or more services and/or its His user apparatus.In one embodiment, mobile device 611 can be provided data using different types of communication channel Give the centers IoT 110 (may be the communication channel of higher power, such as WiFi).

Off-limits IoT devices 601, mobile device 611 and the centers IoT can with program code and/or logic come Configuration, to implement the techniques described herein.As shown in fig. 7, for example, IoT devices 601 can be configured with intermediate connection logic And/or application, mobile device 611 can be configured with intermediate connection logic/application, and the centers IoT 110 can be configured with Centre connection logic/apply 721, to execute operations described herein.Intermediate connection logic/application on each device can be used Hardware, software or any combination thereof realize.In one embodiment, the intermediate connection logic of IoT devices 601/apply 701 It searches for and establishes and connect logic/using the company of 711 (it may be implemented as device application program) with intermediate in mobile device It connects, to transfer data to ephemeral data repository 615.Intermediate connection logic in mobile device 611/then will using 701 Data forwarding connects logic/application to the supercentral centres IoT, and the latter stores data in central data repository 413.

As shown in fig. 7, intermediate connection logic on each device/using 701,711,721 can based on current application come Configuration.For example, for refrigerator, connection logic/may only need periodically to send several data packets using 701.For Other application (for example, temperature sensor), connection logic/may need to transmit more frequent update using 701.

In one embodiment, IoT devices 601 (and nonmobile device 611) can be configured as foundation and be located at IoT The wireless connection of the intermediate IoT devices of one or more in the range of center 110.In this embodiment, IoT center ranges it Outer any IoT devices 601 can form " chain " by using other IoT devices and be linked to the center.

In addition, although for simplicity, Fig. 6 to Fig. 7 illustrates only single mobile device 611, however implements at one In scheme, multiple such mobile devices of different user can be configured as to be communicated with IoT devices 601.Furthermore, it is possible to right Other multiple IoT devices implement identical technology, to form intermediate device data gathering system in entire family.

In addition, in one embodiment, the techniques described herein can be used for collecting various types of dependency number According to.For example, in one embodiment, when mobile device 611 is connect with IoT devices 601, collected data 605 are just It may include the identity of user.In this way, IoT systems can be used to the behavior of different user in tracking man.For example, if in refrigerator Interior to use the system, then collected data 605 may include the identity of each user by refrigerator, open each use of refrigerator The identity at family, and specific food that each user eats.Different types of number can be collected from other kinds of IoT devices According to.By using the data, system can determine that such as which user has washed clothes, which user has seen electricity on the given date The time etc. fallen asleep and waken up depending on, each user.All these data from crowd then can be in the number at the centers IoT According to being compiled and/or be forwarded to external service or user in repository 413.

Another advantageous application of the techniques described herein is for monitoring the old user that may be wanted help.This is answered With mobile device 611 can be the very small token worn by old user, to collect in user family the letter in not chummery Breath.For example, when user opens refrigerator, which can will be included together with collected data 605, and via order Board is transferred to the centers IoT 110.Then, the centers IoT can serve data to one or more external users (for example, looking after old The children or other people of year user).If (such as 12 hours) are not collected into data in section at the appointed time, this Mean that old user does not move and/or be not turned at home refrigerator.Then, the centers IoT 110 or the centers IoT are connected to External service can send alert notification, the case where notifying them that should check old user to these other people.In addition, Collected data 605 may include other relevant informations, the food and whether need one time that such as user is eating Whether grocery store, old user are seeing that TV and old user see the frequency of TV, the frequency of the elderly user's laundry clothes Deng.

In another specific implementation, if there are problems for the electronic equipments such as washing machine, refrigerator, HVAC system, received The data of collection may include the instruction of the component to needing replacing.It is notified in this case, it is possible to can be sent to technical staff, Request solves the problems, such as.Technical staff then with required replacement component go to this family other.

The method that an embodiment according to the present invention is shown in Fig. 8.This method can be real in the environment of above-mentioned framework It applies, but is not limited to any specific framework.

At 801, data are periodically collected at the IoT devices of the range beyond the centers IoT (for example, opening refrigerator Door, edible food etc.).At 802, IoT devices occurs either periodically or continuously check with the connectivity of mobile device (for example, Connection, the connection specified by such as BTLE standards are established using standard local wireless technology).If established and mobile device Connection, then the connection is determined at 802, then by collected data transmission to mobile device at 803.At 804, move Dynamic device transfers data to the centers IoT, external service and/or user.As described above, if mobile device has connected (example Such as, via WiFi links), then it can transmission data immediately.

Other than collecting the data from IoT devices, in one embodiment, the techniques described herein can be used for Update otherwise provides data to IoT devices.One example is shown in Fig. 9 A, and it illustrates be mounted on needs The centers IoT 110 of program code update 901 on IoT devices 601 (or IoT devices as one group).Program code update can To carry out operating any other required data by user including system update, patch, configuration data and IoT devices. In one embodiment, user can be 601 specified configuration option of IoT devices via mobile device or computer, then will These config options are stored on the centers IoT 110, and are supplied to IoT devices using the techniques described herein.Specifically, In one embodiment, intermediate connection logic on the centers IoT 110/connect and patrol with the centre in mobile device 611 using 721 It collect/is communicated using 711, program code is updated storage in temporary storing device 615.When mobile device 611 enters When the range of IoT devices 601, intermediate connection logic in mobile device 611/connect with the centre on IoT devices 601 using 711 Logic/be connected using 701 is connect, program code update is supplied to device.In one embodiment, IoT devices 601 are right After can enter and automatically update process, to install new program code update and/or data.

The method of update IoT devices is shown in Fig. 9 B.This method can be implemented in the environment of above system framework, but unlimited In any specific system architecture.

At 900, provided on the centers IoT and/or external service (for example, being connected to mobile device by internet) new Program code or data update.At 901, mobile device represents IoT devices and receives and stores program code or data update. At 902, IoT devices and/or mobile device are periodically checked, to determine whether to have built up connection.If 903 Place's determination establishes connection, then at 904, update is transferred to IoT devices and is installed.

The embodiment for improving safety

In one embodiment, the low work(of the low power microcontroller 200 of each IoT devices 101 and the centers IoT 110 Rate logic/microcontroller 301 includes secure key storage, for storing the encryption key (ginseng used by following embodiments See, such as Figure 10 is to Figure 15 and related text).Alternatively, key can be protected in subscriber identity module as described below (SIM) in.

Figure 10 shows a kind of high level architecture, is handed over using Public Key Infrastructure (PKI) technology and/or symmetric key Change/encryption technology encrypts IoT services 120, the communication between the centers IoT 110 and IoT devices 101-102.

Now by description first using the embodiment of public keys/private cipher key pair, then description is handed over using symmetric key Change/the embodiment of encryption technology.Specifically, in the embodiment using PKI, unique public keys/private cipher key It is pair 120 associated with each IoT devices 101-102, each centers IoT 110 and IoT service.In one embodiment, when building When standing the new centers 110 IoT, public keys is provided to IoT services 120, and when establishing new IoT devices 101, Public keys is provided to the centers IoT 110 and IoT services 120.It is described below public for safely exchanging between the devices The various technologies of key.In one embodiment, all public keys master key known to all reception devices is signed (that is, a kind of form of certificate) so that any reception device can verify the validity of public keys by verifying signature. Therefore, these certificates will be exchanged, rather than just exchange original common secret key.

As shown, in one embodiment, each IoT devices 101,102 respectively include security key storage device 1001,1003, it is used for the private cipher key of each equipment of secure storage.Then security logic 1002,1304 utilizes secure storage Private cipher key executes encryption/decryption described herein.Similarly, the centers IoT 110 include safe storage device 1011, Public keys for storing the centers IoT private cipher key and IoT devices 101-102 and IoT service 120；And security logic 1012, for executing encryption/decryption using key.Finally, IoT services 120 may include safe storage device 1021, use In secure storage its own private cipher key, various IoT devices and the centers IoT public keys；And security logic 1013, it uses In the communication using key encryption/decryption and the centers IoT and equipment.In one embodiment, when the centers IoT 110 receive When public-key certificate from IoT devices, the centers IoT can verify the certificate (for example, by using master key as described above Verification signature), it is then extracts from public keys, and public keys is stored in its secure key storage 1011.

For example, in one embodiment, when IoT services 120 need to transmit order or data to IoT devices 101 When (for example, solution lock a door order, read the request of sensor, IoT devices it is pending/data etc. of display), security logic 1013 are encrypted the data-/ command using the public keys of IoT devices 101 to generate encrypted IoT devices data packet. In one embodiment, then the security logic is encrypted IoT device data packets using the public keys at the centers IoT 110 To generate IoT centre data packets, and IoT centre data packets are transferred to the centers IoT 110.In one embodiment, it services 120 sign the encryption message with above-mentioned private cipher key or master key so that whether device 101 can verify it just from credible next Source receives the message that do not change.Then device 101 can be tested using the public keys corresponding to private cipher key and/or master key Demonstrate,prove the signature.As described above, symmetric key exchange/encryption technology can be used to replace public private key to encrypt.In these realities It applies in scheme, the copy of identical symmetric key can be provided for each device for signature is encrypted and is verified, and Be not secret store key and provide corresponding public keys to other devices.Symmetric key algorithm another example is height Grade encryption standard (AES), but the basic principle of the present invention is not limited to any certain types of symmetric key.

Using symmetric key realization method, each device 101 enters security key exchange agreement to be handed over the centers IoT 110 Change symmetric key.The preset agreement of security key (such as dynamic symmetry Key predistribution agreement (DSKPP)) can be used for by leading to safely Believe channel switch secret key (for example, seeing that opinion solicits original text (RFC) 6063).However, the basic principle of the present invention is not limited to any spy Determine Key predistribution agreement.

Once symmetric key is exchanged, they can be used for adding communication by each device 101 and the centers IoT 110 It is close.Similarly, the centers IoT 110 and IoT services 120 can execute safe symmetric key and exchange, then symmetrical close using what is exchanged Communication is encrypted in key.In one embodiment, between device 101 and center 110 and center 110 and IoT service New symmetric key is periodically exchanged between 120.In one embodiment, new symmetric key is with device 101, center New communication session each of between 110 and service 120 and exchange (for example, generating for each communication session and safely exchanging New key).In one embodiment, if the security module 1012 in the centers IoT is believable, service 120 can be with With 1312 consult session key of Central Security module, then security module 1012 will be with 120 consult session key of each device.So Afterwards before being re-encrypted for transmission to device 101, the message from service 120 will be solved in Central Security module 1012 Close and verification.

In one embodiment, divulging a secret in Central Security module 1012 in order to prevent, can be when mounted in device Negotiate disposable (permanent) installation key between 101 and service 120.When sending message to device 101, service 120 can be first / MAC first is encrypted with the device installation key, then uses the session key encryption/MAC at the center.Then center 110 will be tested It demonstrate,proves and extracts encrypted device litura and send it to device.

In one embodiment of the invention, Replay Attack is prevented using counter mechanism.For example, can be from dress Set 101 to center 110 (or vice versa) each continuous communiction distribute the Counter Value that continues to increase.Center 110 and device 101 will all to track the value and verify in each continuous communiction of the value between the devices be correct.At center 110 and service Identical technology may be implemented between 120.It will be made it more difficult to using counter in this way to cheat between each device Communication (because Counter Value will be incorrect).It is shared between service and device but even if the not no counter mechanism Installation key also will prevent the network (center) to all devices from widely attacking.

In one embodiment, when being encrypted using public private key, the centers IoT 110 use its private cipher key pair IoT centre data packets are decrypted and generate encrypted IoT devices data packet, are then transmitted to associated IoT dresses Set 101.Then IoT devices 101 are decrypted using its private cipher key pair IoT device data packets is originated from IoT services 120 to generate Command/data.Then it can handle the data and/or execute the order.Using symmetric cryptography, each device will use altogether The symmetric key enjoyed is encrypted and decrypted.In either case, each transmitting device can also use its private cipher key label Affix one's name to message so that reception device can verify its authenticity.

Different groups of key pair can be used to be carried out from IoT devices 101 to the communication at the centers IoT 110 and IoT services 120 Encryption.For example, in one embodiment, using public private cipher key arrangement, the security logic 1002 on IoT devices 101 makes The data packet for being sent to the centers IoT 110 is encrypted with the public keys at the centers IoT 110.Then the peace on the centers IoT 110 Full logic 1012 can use the private cipher key pair data packet at the centers IoT to be decrypted.Similarly, the safety on IoT devices 101 Security logic 1012 in logic 1002 and/or the centers IoT 110 can use the public keys of IoT services 120 to being sent to IoT service 120 data packet be encrypted (and then its can by IoT service 120 on security logic 1013 using service it is privately owned Key is decrypted).Using symmetric key, device 101 and center 110 can share symmetric key, and center and service 120 can With shared different symmetric key.

Although set forth certain details in the above description above, it should be noted that the basic principle of the present invention can It is realized with using a variety of different encryption technologies.For example, although some above-mentioned embodiments are close using asymmetric public private Key pair, but alternative embodiment can use between the various centers IoT devices 101-102, IoT 110 and IoT services 120 The symmetric key of secure exchange.In addition, in some embodiments, data-/ command itself is not encrypted, but existed using key Signature is generated on the data-/ command (or other data structures).Then reciever can verify signature using its key.

As shown in figure 11, in one embodiment, each to realize using programmable user identification module (SIM) 1101 Security key storage device on IoT devices 101.It in this embodiment, initially can be by being placed on IoT devices 101 IoT devices 101 are supplied to end user by the unprogrammed SIM card 1101 in SIM interface 1100.In order to use one group one or more A encryption key is programmed SIM, and programmable SIM card 1101 is taken out from SIM interface 500 and inserts it into IoT by user In SIM programming interface 1102 on center 110.Then the supercentral programmed logics 1125 of IoT carry out safely SIM card 1101 Programming is register/match the centers IoT devices 101 and IoT 110 and IoT services 120.It in one embodiment, can be with Public private key pair is randomly generated by programmed logic 1125, then the public keys of the cipher key pair can be stored in In the safe storage device 411 at the centers IoT, and the private cipher key of the cipher key pair is stored in programmable SIM 1101.Separately Outside, programmed logic 525 can deposit the public keys at the centers IoT 110, IoT services 120 and/or any other IoT device 101 Storage (waits for by the security logic 1302 on IoT devices 101 being used for that outgoi8ng data is encrypted) in SIM card 1401.Once SIM 1101 are programmed, using SIM as secure identifier (for example, using for prior art using SIM register devices), new IoT devices 101 can preset IoT services 120.After preset, the centers IoT 110 and IoT services 120 will be deposited safely Store up the copy of the public keys of IoT devices to be used when pair being encrypted with the communication of IoT devices 101.

Above in association with the technology described in Figure 11 huge flexibility is provided to provide new IoT devices to end user. SIM card can be transferred safely to IoT clothes by end user by the result of 110 Direct Programming of the centers IoT and programming Business 120, specific service provider is directly registered with (as currently done without user in sale/purchase by each SIM As).Therefore, new IoT devices 101 can be sold to end user by online or local retailers, and then be pacified IoT services 120 are preset entirely.

Although registration and encryption technology are described in the specific context of SIM (subscriber identification module) above, this The basic principle of invention is not limited to " SIM " device.On the contrary, any kind of tool for storing a group encryption keys can be used There is the device of secure storage to realize the basic principle of the present invention.Moreover, although the embodiment above includes removable SIM dresses It sets, but in one embodiment, SIM devices are non-removable, but IoT devices itself are inserted into the centers IoT 110 In programming interface 1102.

In one embodiment, SIM is pre-programmed into IoT devices 101 before being distributed to end user, rather than It is required that user is programmed SIM (or other devices).It in this embodiment, can be with when user setting IoT devices 101 Adding between the centers IoT 110/IoT services 120 and new IoT devices 101 is safely exchanged using various techniques described herein Key.

For example, as illustrated in fig. 12, each IoT devices 101 or SIM 401 can with unique identification IoT devices 101 and/or The bar code or QR codes 1501 of SIM 1001 is packaged together.In one embodiment, bar code or QR codes 1201 include to use In the coded representation of IoT devices 101 or the public keys of SIM 1001.Alternatively, bar code or QR codes 1201 can be by IoT The heart 110 and/or IoT services 120 are used for identifying or generating public keys (for example, being stored in safe storage device as being directed toward In public keys).Bar code or QR codes 601 can print in individual card upper (as illustrated in fig. 12) or can be directly printed on With IoT device sheets.No matter bar code printing wherein, in one embodiment, the centers IoT 110 equipped with bar code read Device 206 is taken, for reading bar code and taking the security logic 1012 and/or IoT that result data is supplied on the centers IoT 110 Security logic 1013 in business 120.Then the security logic 1012 on the centers IoT 110 can deposit the public keys of IoT devices Storage is in its security key storage device 1011, and the security logic 1013 in IoT services 120 can store public keys (for subsequent coded communication) in its safe storage device 1021.

In one embodiment, the data included in bar code or QR codes 1201 can also be by being equipped with IoT clothes The IoT application programs of provider's design of being engaged in or small routine based on browser user apparatus 135 (for example, such as iPhone or Android devices) it captures.Once captured, then bar code data can be by secure connection (for example, such as safe socket Word layer (SSL) connects) it is transferred safely to IoT services 120.Bar code data can also pass through the locality connection (example of safety Such as, pass through local WiFi or bluetooth LE connections) it is supplied to the centers IoT 110 from client terminal device 135.

The security logic 1012 on security logic 1002 and the centers IoT 110 on IoT devices 101 can use hardware, soft Part, firmware or any combination thereof realize.For example, in one embodiment, security logic 1002,1012, which is implemented in, to be used for Established between IoT devices 101 and the centers IoT 110 in the chip of local communi-cation channel 130 (for example, bluetooth LE chips, if Local channel 130 is bluetooth LE).Specific location regardless of security logic 1002,1012, in one embodiment, peace Full logic 1002,1012 is designed to establish the secure execution environments for executing certain form of program code.For example, this can With by using TrustZone technologies (on certain arm processors can with) and/or credible execution technology (being designed by Intel) To realize.Certainly, basic principle of the invention is not limited to any certain types of safe execution technology.

In one embodiment, bar code or QR codes 1501 can be used for matching each IoT devices 101 with the centers IoT 110 It is right.For example, the pair code that can be will be embedded in bar code or QR codes 1501 is supplied to the centers IoT 110, by the centers IoT It is matched with corresponding IoT devices, rather than uses the standard radio pairing process for being currently used in pairing bluetooth LE devices.

Figure 12 B are shown in which that the capture of the barcode reader 206 on the centers IoT 110 is associated with IoT devices 101 One embodiment of bar code/QR codes 1201.As described above, bar code/QR codes 1201 can be directly printed on IoT devices On 101, or it can be printed on the individual card for being provided with IoT devices 101.In either case, barcode reader 206 read pair code from bar code/QR codes 1201, and pair code is supplied to Local Communication Module 1280.At one In embodiment, Local Communication Module 1280 is bluetooth LE chips and related software, but the basic principle of the present invention is not limited to Any specific consensus standard.Once receiving pair code, it is stored in the secure storage for including paired data 1285 In device, and IoT devices 101 and the centers IoT 110 are by automatic matching.Whenever the centers IoT are filled with new IoT in this way It sets and matches clock synchronization, the paired data for the pairing is stored in safe storage device 685.In one embodiment, one The Local Communication Module 1280 at the centers denier IoT 110 receives pair code, then it can use the code as key pair IoT Communication on the local wireless channel of device 101 is encrypted.

Similarly, at 101 aspect of IoT devices, paired data is stored in instruction and the centers IoT by Local Communication Module 1590 In the local secure storage device 1595 of pairing.Paired data 1295 may include identified in bar code/QR codes 1201 it is pre- The pair code of programming.Paired data 1295 can also include establishing on the slave centers IoT 110 needed for secure local communication channel Local Communication Module 1280 receive paired data (for example, for pair with the communication at the centers IoT 110 be encrypted add Key).

Because pair code is not by air transmission, therefore bar code/QR codes 1201 can be used for than current wireless pairing The safer mode of agreement executes local pairing.In addition, in one embodiment, the identical item for pairing can be used Shape code/QR codes 1201 come identify encryption key with establish from IoT devices 101 to the centers IoT 110 and from the centers IoT 110 to The secure connection of IoT services 120.

Figure 13 shows the method for programming SIM card of an embodiment according to the present invention.This method can be upper Implement in the system architecture stated, but is not limited to any particular system framework.

At 1301, user receives the new IoT devices with blank SIM card, and at 1602, user is by blank SIM Card is inserted into the centers IoT.At 1303, user is programmed blank SIM card with one group of one or more encryption key.Example Such as, as described above, in one embodiment, the centers IoT can generate public private key pair at random, and will be privately owned close Key stores on the sim card, and public keys is stored in its local secure storage device.In addition, at 1304, it is at least public close Key is transferred to IoT services, so that it can be used for identifying IoT devices and establish the coded communication with IoT devices.Institute as above It states, the programmable device other than " SIM " blocks can be used to execute in one embodiment, in the method shown in Figure 13 Function identical with SIM card.

Figure 14 shows the method for being integrated into new IoT devices in network.This method can be in above-mentioned system tray Implement in structure, but is not limited to any particular system framework.

At 1401, user receives the new IoT devices for having pre-allocated encryption key.At 1402, key is by safety Ground is supplied to the centers IoT.As described above, in one embodiment, this be related to reading bar code associated with IoT devices with The public keys of the public private key pair of the device is distributed in identification.Bar code can be directly read by the centers IoT, also may be used To be captured via application program or browser by mobile device.In alternative embodiment, can in IoT devices and Secure communication channel such as bluetooth LE channels, near-field communication (NFC) channel or safe WiFi channels are established between the centers IoT to hand over Change key.No matter how key transmits, once being received, is stored in the secure keystore of IoT center fixtures In.As described above, can store and protect key using various safe execution technologies on the centers IoT, such as safety zone, Credible execution technology (TXT) and/or Trustzone.In addition, at 803, key is safely transferred to IoT services, the IoT Service is by key storage in the secure keystore of their own.Then its can use the communication of the key pair and IoT devices into Row encryption.Again, it can be exchanged using the key of certificate/signature to realize.In center 110, modification/addition/removal is prevented The key stored is especially important.

Figure 15 shows the method for using public private key that command/data is safely transmitted to IoT devices. This method can be implemented in above-mentioned system architecture, but be not limited to any particular system framework.

At 1501, IoT services are encrypted data-/ command using IoT devices public keys to create IoT device numbers According to packet.Then the IoT device data packets are encrypted using the public keys at the centers IoT to create IoT centre data packet (examples Such as, the centers IoT packaging is created around IoT device data packets).At 1502, IoT centre data packets are transferred to by IoT services The centers IoT.At 1503, the centers IoT are decrypted using the private cipher key pair IoT centre data packets at the centers IoT to generate IoT Device data packet.Then at 1504, IoT device data packets are transferred to IoT devices, it is private using IoT devices at 1505 There are key pair IoT device data packets to be decrypted to generate data-/ command.At 1506, IoT devices handle data-/ command.

It, can be between each device (for example, each between device and center in the embodiment using symmetric key And between center and service) negotiate symmetric key exchange.Once completing key to exchange, each transmitting device is by data transmission It is encrypted and/or signs to transmitting every time using symmetric key before to reception device.

For being established in Internet of Things (IoT) system

The device and method of secure communication channel

In one embodiment of the invention, regardless of for supporting the intermediate device of communication channel (for example, such as The mobile device 611 of user and/or the centers IoT 110), it will be serviced in IoT and execute number between 120 and each IoT devices 101 According to encryption and decryption.Figure 16 A show that the embodiment communicated by the centers IoT 110, Figure 16 B are shown not Need another embodiment at the centers IoT.

Figure 16 A are tuning firstly to, IoT services 120 include the crypto engine 1660 of one group of " service conversation key " 1650 of management, And each IoT devices 101 include that communication of the management between IoT devices 101 and IoT services 120 is encrypted/decrypts One group of " device session key " 1651 crypto engine 1661.When executing secure/encrypted technology as described herein, encryption is drawn It holds up and may rely on different hardware modules, which includes close for (among other) generation session public private Key pair and prevent the hardware security module 1630-1631, Yi Jiyong that access to the private conversation key of the cipher key pair In the key stream generation module 1640-1641 for generating key stream using the password obtained.In one embodiment, service conversation Key 1650 and device session key 1651 include relevant public private key pair.For example, in one embodiment, IoT Device session key 1651 on device 101 includes the private cipher key of the public keys and IoT devices 101 of IoT services 120.Such as It is discussed in detail below, in one embodiment, in order to establish secure communication session, each crypto engine 1660 and 1661 points Identical password is not generated using public private session key pair 1650 and 1651, then the password is by SKGM 1640- 1641 are used for generating key stream is encrypted and decrypted with servicing the communication between 120 and IoT devices 101 to IoT.It is provided below The generation with password of an embodiment according to the present invention and use associated additional detail.

In Figure 16 A, once generating password using key 1650-1651, then client will always pass through IoT services 120 send message to IoT devices 101, as removed shown in affairs 1611." removing " used herein means to indicate that bottom message does not have Have and is encrypted using encryption technology as described herein.However, as shown, in one embodiment, in client terminal device Security socket layer (SSL) channel or other safe lanes are established between 611 and IoT services 120 (for example, Internet protocol is pacified (IPSEC) channel entirely) to protect communication.Then the crypto engine 1660 in IoT services 120 uses generated password to message It is encrypted, and encrypted message is transferred to the centers IoT 110 at 1602.In one embodiment, using password and Counter Value generates the key stream for each message packets to be encrypted, rather than use password directly to message into Row encryption.The details of the embodiment is described below in conjunction with Figure 17.

As shown, SSL connections or other safe lanes can be established between IoT services the centers 120 and IoT 110. The centers IoT 110 (it does not have the ability that message is decrypted in one embodiment) are at 1603 (for example, passing through indigo plant Tooth low-power consumption (BTLE) communication channel) encrypted message is transferred to IoT devices.Then the crypto engine on IoT devices 101 1661 can be decrypted message and be handled message content using password.In the embodiment party for generating key stream using password In case, crypto engine 1661 can generate key stream using password and Counter Value, then use key stream to message data Packet is decrypted.

Message itself may include any type of communication between IoT 120 and IoT of service devices 101.For example, message May include that 101 execution specific function of instruction IoT devices such as measures and result is reported back to the life of client terminal device 611 Data packet is enabled, or may include the configuration data of the operation for configuring IoT devices 101.

If necessary to respond, then at 1604, crypto engine 1661 on IoT devices 101 is using password or obtains Key stream is encrypted response and encrypted response is transferred to the centers IoT 110, which will response at 1605 It is forwarded to IoT services 120.Then at 1606 (for example, passing through SSL or other secure communication channels), in IoT services 120 Crypto engine 1660 is decrypted response using password or the key stream obtained and the response of decryption is transferred to client Device 611.

Figure 16 B show the embodiment for not needing the centers IoT.On the contrary, in this embodiment, 101 He of IoT devices By client terminal device 611 (for example, above in association with as described in Fig. 6 to Fig. 9 B) occurs for the communication between IoT services 120.At this In embodiment, in order to transmit message to IoT devices 101, client terminal device 611 passes the unencryption version of message at 1611 It is defeated to service 120 to IoT.At 1612, crypto engine 1660 is encrypted message using password or the key stream obtained, and Encrypted message is transmitted back to client terminal device 611.Then encrypted message is forwarded to by client terminal device 611 at 1613 IoT devices 101, and crypto engine 1661 is decrypted message using password or the key stream obtained.Then IoT devices 101 can handle message as described herein.If necessary to respond, then crypto engine 1661 uses password to response at 1614 It is encrypted and encrypted response is transferred to client terminal device 611, the client terminal device is at 1615 by encrypted response It is forwarded to IoT services 120.Then at 1616, crypto engine 1660 is decrypted the response and passes the response of decryption It is defeated to arrive client terminal device 611.

Figure 17 shows can initially be serviced in IoT, the key executed between 120 and IoT devices 101 exchanges and key stream is given birth to At.In one embodiment, it can perform the key whenever IoT is serviced when 120 and IoT devices 101 establish new communication session It exchanges.Alternatively, key exchange can be executed, and the session key exchanged can use the specified period (for example, one It, one week etc.).Although being not shown intermediate device in Figure 17 for the sake of simplicity, communication can by the centers IoT 110 and/or Client terminal device 611 occurs.

In one embodiment, IoT service 120 crypto engine 1660 to HSM 1630 (for example, it can be such as The CloudHSM provided by Amazon) order is sent to generate session public private key pair.Then, HSM 1630 can be to prevent Only access to the private conversation key in the secret key pair.Similarly, the crypto engine on IoT devices 101 can be to HSM 1631 (for example, derive from AtmelAtecc508HSM) transmission order, HSM 1631 generate session it is public/ It private cipher key pair and prevents from accessing to the session private cipher key in the secret key pair.Certainly, basic principle of the invention is not It is limited to any certain types of crypto engine or manufacturer.

In one embodiment, at 1701, IoT services the 120 session public keys that HSM 1630 will be used to generate It is transferred to IoT devices 101.IoT devices generate the session public private key pair of their own using its HSM 1631, and The public keys in its secret key pair is transferred to IoT services 120 at 1702.In one embodiment, crypto engine 1660- 1661 establish shared password using elliptic curve Diffie-Hellman (ECDH) agreements, which is to allow both sides with ellipse The Anonymity Key of public-privately owned secret key pair of circular curve is reached an agreement on.In one embodiment, using these technologies, at 1703, The crypto engine 1660 of IoT services 120 is generated close using IoT device session public keys and the session private cipher key of their own Code.Similarly, at 1704, the crypto engine 1661 of IoT devices 101 services 120 session public keys and their own using IoT Session private cipher key be separately generated identical password.More particularly, in one embodiment, in IoT services 120 Crypto engine 1660 generates password according to following formula：Password=IoT device session public keys * IoT service conversations are privately owned close Key, wherein " * " indicates that IoT device session public keys is multiplied by IoT service conversation private cipher keys in a point-to-point fashion.IoT is filled The crypto engine 1661 set on 101 generates password according to following formula：Password=IoT service conversation public keys * IoT device meetings Private cipher key is talked about, wherein IoT service conversations public keys is multiplied by IoT device session private cipher keys in a point-to-point fashion.Finally, As described below, IoT services 120 and IoT devices 101 and has generated for communicating the identical password being encrypted.One In a embodiment, it is above-mentioned to execute that crypto engine 1660-1661 respectively depends on hardware module such as KSGM 1640-1641 Operation for generating password.

Once secret has been determined, engine 1660 and 1661 can be encrypted and be used for that reconciliation directly is encrypted to data It is close.Alternatively, in one embodiment, crypto engine 1660-1661 is sent to KSGM1640-1641 and is generated newly using password The order of key stream is to be encrypted/decrypt to each data packet (that is, generating new key flow data knot for each data packet Structure).In particular, an embodiment of key stream generation module 1640-1641 implements Galois/ counter mode (GCM), Wherein Counter Value is incremented by for each data packet, and is used with cipher key combinations to generate key stream.Therefore, in order to by data The crypto engine 1661 that packet is transferred to IoT 120, IoT of service devices 101 makes KSGM using password and present counter value 1640-1641 generates new key stream and Counter Value is made to be incremented by generate next key stream.Then, it is being transferred to IoT Before service 120, newly-generated key stream be used to that data packet be encrypted.In one embodiment, key stream and number According to progress exclusive or (XOR) to generate encrypted data packet.In one embodiment, IoT devices 101 will have encrypted data The Counter Value of packet is transferred to IoT services 120.Then the crypto engine 1660 in IoT services is communicated with KSGM 1640, KSGM 1640 use received Counter Value and password generate key stream (due to the use of be identical password and Counter Value, Should be identical key stream) and data packet is decrypted using the key stream generated.

In one embodiment, the data packet for being transferred to IoT devices 101 from IoT services 120 is added in an identical manner It is close.In particular, counter is incremented by each data packet, and it is used together with password to generate new key stream.Then The key stream is used to that data are encrypted (for example, executing the XOR operation of data and key stream), and encrypted data packet With IoT devices 101 are transferred to together with Counter Value.Then the crypto engine 1661 on IoT devices 101 and KSGM 1641 are logical Letter, KSGM 1641 generate the identical key stream for data packet to be decrypted using Counter Value and password.Therefore, exist In the embodiment, crypto engine 1660-1661 is generated using the Counter Value of themselves for data to be encrypted Key stream, and generate the key for data to be decrypted using the Counter Value being received together with encrypted data packet Stream.

In one embodiment, each crypto engine 1660-1661 tracks what it was received from another crypto engine Last Counter Value, and include whether receiving or whether repeatedly receiving identical out of order for detection counter value Counter Value sequence logic.If a Counter Value receives out of order, or if repeatedly receives identical counting Device value, this, which may indicate that, is try to Replay Attack.In response, crypto engine 1660-1661 can be disconnected from communication channel And/or safety alarm can be generated.

Figure 18 show employed in one embodiment of the invention include 4 byte counter values 1800, can become larger The exemplary encryption data packet of small encryption data field 1801 and 6 byte tags 1802.In one embodiment, label 1802 include checksum value to verify the data (once the data decrypted) of decryption.

As described above, in one embodiment, the hair of each new communication session can be periodically and/or in response to Get up to generate and services the session public private key pair 1650-1651 exchanged between 120 and IoT devices 101 in IoT.

One embodiment of the invention is realized for verifying the attached of the session between IoT 120 and IoT of service devices 101 Add technology.In particular, in one embodiment, using the hierarchical structure of public private key pair, including master key to, One group of factory's key pair and one group of IoT service key pair and one group of IoT device keys pair.In one embodiment, master is close Key is maintained at single highly safe position (for example, realizing herein to including the root of trust of every other key pair Under the control of the tissue of the IoT systems).Main private cipher key can be used for giving birth to various other key pairs such as factory's key pair At signature (and thus being verified).Then main public keys can be used to veritify signature.In one embodiment, it manufactures Each factory of IoT devices is assigned factory's key pair of their own, then can verify IoT service key and IoT with it Device keys.For example, in one embodiment, being generated to IoT service public keys and IoT dresses using factory's private cipher key Set the signature of public keys.Then corresponding factory's public keys can be used to veritify these signatures.It note that these IoT take " session " public keys/private cipher key described in business/device public keys Figure 16 A to Figure 16 B above in conjunction is different.Above-mentioned meeting Words public keys/private cipher key is interim (that is, being generated for service/device session), and IoT services/device keys are to being Permanent (that is, being generated in factory).

In view of the above-mentioned relation between master key, factory's key, service/device keys, one embodiment of the present invention Case executes following operation to provide additional verification and safe floor between IoT 120 and IoT of service devices 101：

A. in one embodiment, IoT services 120 are initially generated the message comprising the following contents：

Unique ID of 1.IoT services：

The sequence number of IoT services；

Timestamp；

ID for the factory's key for signing this unique ID；

The classification (that is, service) of unique ID；

The public keys of IoT services

To the signature of unique ID.

2. mill certification includes：

Timestamp

The ID of master key for self-signing certificate

The public keys of factory

The signature of mill certification

3.IoT service conversations public keys (as described in above in association with Figure 16 A to Figure 16 B)

4.IoT service conversations public key signature (for example, being signed using the private cipher key of IoT services)

B. in one embodiment, message is sent to IoT devices (as described below) in negotiated channel.IoT devices Parse message simultaneously：

1. veritifying the signature of mill certification (only when it is present in message payload)

2. veritifying the signature of unique ID using the key by Unique ID

3. veritifying IoT service conversation public key signatures using the public keys of the IoT services from unique ID

4. preserving the public keys of IoT services and the session public keys of IoT services

5. generating IoT device session keys pair

Then C.IoT devices generate the message for including the following contents：

Unique ID of 1.IoT devices

IoT device sequence numbers

Between time stamp

ID for the factory's key for signing this unique ID

The classification (that is, IoT devices) of unique ID

The public keys of IoT devices

The signature of unique ID

The session public keys of 2.IoT devices

3. the label of the key signature (IoT device session public keys+IoT service conversations public keys) using IoT devices Name

D. the message is sent back to IoT services.IoT service parsings message is simultaneously：

1. veritifying the signature of unique ID using factory's public keys

2. veritifying the signature of session public keys using the public keys of IoT devices

3. preserving the session public keys of IoT devices

E.IoT services are subsequently generated comprising key signature (the IoT device session public keys+IoT services serviced with IoT Session public keys) signature message.

F.IoT devices parse message simultaneously：

1. veritifying the signature of session public keys using the public keys of IoT services

2. generating key stream by IoT device session private cipher keys and IoT service conversation public keys

Then 3.IoT devices send " messaging is available " message.

Then G.IoT services execute following operation：

1. generating key stream by the session public keys of IoT device session private cipher keys and IoT devices

2. creating the new information for including the following contents in message transfer channel：

It generates and stores 2 random byte values

It is set a property message with Cyclic dart (boomerang) attribute Id (as described below) and random value

H.IoT devices receive the message simultaneously：

1. attempting to decrypt the message

2. sending out update using identical value on specified attribute Id

I.IoT services are identified comprising the newer message payload of Cyclic dart attribute simultaneously：

1. its pairing state is set as true

2. sending pairing in negotiated channel completes message

J.IoT devices receive the message and its pairing state are set as true

Although describing above-mentioned technology about " IoT services " and " IoT devices ", the basic principle of the present invention can be by It is embodied as including establishing secure communication letter between subscription client device, server and any two of Internet service device Road.

Above-mentioned technology is highly safe, because private cipher key is never shared (in contrast, current in the air Password is transferred to another party from a side in Bluetooth pairing technology).It eavesdrops the attacker that entirely talks with and there was only public keys, and these Public keys is not enough to generate shared password.These technologies also prevent go-between from attacking by exchanging signed public keys It hits.In addition, due to all using GCM and individual counter on each device, it can prevent that any kind of " playback is attacked Hit " (in this case, go-between captures data and sends again).Some embodiments are also by using asymmetric counter To prevent Replay Attack.

In the case of not formal contrast means

Technology for exchanging data and order

GATT is the acronym of general-purpose attribute configuration file, it defines two Bluetooth Low Energy (BTLE) devices The mode of data is sent in passback.It using referred to as attribute agreement (ATT) Universal Data Protocol, the agreement for that will service, feature It is stored in simple look-up table with related data, 16 characteristic IDs is used for each entry in table.It note that, however " feature " is sometimes referred to as " attribute ".

On blue-tooth device, most common feature is device " title " (having characteristic ID 10752 (0 × 2A00)).Example Such as, blue-tooth device can be identified by using " title " feature that GATT readings are issued by those other blue-tooth devices near it Other blue-tooth devices.Therefore, blue-tooth device has the capability for exchanging data, without formally matching/binding device (note Meaning, " pairing " and " binding " may be used interchangeably sometimes；The rest part of this discussion will use term " pairing ").

One embodiment of the invention is communicated using this ability with the IoT devices for having enabled BTLE, without It is formally matched with these devices.Due to the time quantum required with the pairing of each device, and once only establishes a pairing and connect It connects, so will be very inefficient with each individual IoT devices pairing.

Figure 19 is shown in which that bluetooth (BT) device 1910 and the BT communication modules 1901 of IoT devices 101 establish network set It is abstract without a particular embodiment of the BT connections for formally establishing pairing to connect word.BT devices 1910 can be included in such as figure In the centers IoT 110 and/or client terminal device 611 shown in 16A.As shown, BT communication modules 1901 are safeguarded comprising below The data structure of list：The value of characteristic ID, title associated with these characteristic IDs and these characteristic IDs.According to current The value of BT standards, each feature is storable in 20 byte buffers identified by characteristic ID.However, the basic principle of the present invention It is not limited to any specific buffer size.

In the example of Figure 19, " title " is characterized in being assigned to the feature that the BT of the particular value of " IoT devices 14 " is defined. One embodiment of the invention is specified to be used for BT devices 1910 negotiate secure communication channel first group of supplementary features and It is used for second group of supplementary features with the coded communication of BT devices 1910.In particular, by characteristic ID in the example of illustration< 65532>" negotiating write-in " feature of mark can be used for transmitting outflow negotiation message, and by characteristic ID<65533>" the association of mark Quotient's reading " feature can be used for receiving incoming negotiation message." negotiation message " may include by BT devices 1910 and BT communication modules 1901 are used for establishing the message of secure communication channel as described herein.For example, in fig. 17, IoT devices 101 can be via " negotiating to read " feature<65533>To receive IoT service conversations public keys 1701.Key 1701 can service 120 transmission from IoT To the centers IoT 110 or client terminal device 611 for having enabled BTLE, then GATT can be used that key 1701 is written by characteristic ID< 65533>The negotiation reading value buffering area of mark.Then, IoT devices application logic 1902 can be from by characteristic ID<65533>Mark Value buffering area in read key 1701 and handle it as described above (for example, generating password using it and using this is close Code generates key stream etc.).

If key 1701 is more than 20 bytes (being maximum buffer size in some current specific implementations), the key It can be written with 20 byte sections.For example, can be by BT communication modules 1903 by preceding 20 byte write feature ID<65533>, And read by IoT device applications logic 1902, then which can will confirm that message write-in by characteristic ID< 65532>The negotiation write-in value buffering area of mark.Using GATT, BT communication modules 1903 can be from characteristic ID<65532>Read this really Recognize, and responsively next 20 bytes of key 1701 are written by characteristic ID<65533>The negotiation reading value of mark Buffering area.In this way, it establishes by characteristic ID<65532>With<65533>The web socket of definition is abstract, is used for exchanging Establish the negotiation message of secure communication channel.

In one embodiment, once establishing secure communication channel, characteristic ID is just used<65534>(for being filled from IoT Set the encrypted data packet of 101 transmission) and characteristic ID<65533>(for receiving encrypted data packet by IoT devices) establishes the Two web sockets are abstract.That is, when BT communication modules 1903 have the encryption data packet being used for transmission (for example, such as The encryption message 1603 of Figure 16 A) when, its use is by characteristic ID<65533>The message reading value buffering area of mark starts write-in and adds Ciphertext data packet, every time 20 bytes.IoT device applications logic 1902 then will read encryption data from reading value buffering area It wraps, every time 20 bytes, as needed via characteristic ID<65532>The write-in value buffering area identified is to BT communication modules 1903 Send confirmation message.

In one embodiment, the order of GET, SET and UPDATE described below are in two BT communication modules 1901 and 1903 swapping data and order.For example, identification characteristics ID can be transmitted in BT communication modules 1903<65533>And it wraps The data packet of the order containing SET is to be written by characteristic ID<65533>Value field/buffering area of mark, the data packet then can be by IoT Device application logic 1902 is read.In order to retrieve data from IoT devices 101, BT communication modules 1903 can be transmitted and are pointed to by spy Levy ID<65534>The GET command of value field/buffering area of mark.In response to GET command, BT communication modules 1901 can to comprising Carry out free characteristic ID<65534>The BT communication modules 1903 of the data of value field/buffering area of mark transmit UPDATE data packets. In addition, in response to the change of the particular community on IoT devices 101, UPDATE data packets can be transmitted automatically.For example, if IoT Device is associated with lighting system and user opens lamp, then can send UPDATE data packets to reflect and illuminate using related The change of the ON/OFF attribute of connection.

Figure 20 shows the example data packet for GET, SET and UPDATE of an embodiment according to the present invention Format.In one embodiment, these data packets are written by message after the negotiation<65534>Channel and message are read< 65533>Transmission.In GET data packets 2001, it is GET data that the field of first 1 byte, which includes by the package identification, The value (0X10) of packet.The field of second 1 byte includes request ID, it uniquely identifies current GET command (that is, mark GET Order the current transaction being associated).For example, each example of the GET command transmitted from service or device can be assigned not Same request ID.This can be completed for example, by count-up counter and using Counter Value as request ID.However, of the invention Basic principle be not limited to setting request ID any ad hoc fashion.

The attribute specific to application pointed by the Property ID identification data packet of 2 bytes.For example, if GET command just quilt IoT devices 101 shown in Figure 19 are sent to, then Property ID can be used for identifying requested specifically specific to the value of application. Above example is returned to, GET command can be pointed to the power state specific to the Property ID such as lighting system of application comprising The value that mark lamp is on or off (for example, 1=is opened, 0=is closed).If IoT devices 101 are peaces associated with door Full equipment, then value field can identify door current state (for example, 1=open, 0=close).In response to GET command, can be transmitted Include the response of the current value identified by Property ID.

SET data packets 2002 and UPDATE data packets 2003 as shown in figure 20 further include mark data Packet type (that is, SET and UPDATE) first 1 byte field, include request ID second 1 byte field and mark application definition attribute 2 byte attribute id fields.In addition, SET data packets include 2 words of the data length that mark is included in n byte Value data fields Save length value.Value data field may include the order to be executed on IoT devices and/or for configuration IoT dress in some way The configuration data for the operation (for example, parameter, closing IoT devices etc. it is expected in setting) set.For example, if IoT devices 101 control wind The speed of fan, then value field can reflect current fan speed.

UPDATE data packets 2003 can be transmitted the update of the result to provide SET orders.UPDATE data packets 2003 are wrapped 2 byte length value fields are included, the length of the n byte Value data fields of data related with the result of SET orders is may include with mark Degree.In addition, the more new status field of 1 byte can identify the current state just in newer variable.For example, if SET orders try Figure closes the light controlled by IoT devices, then more new status field may indicate that just no be closed successfully.

Figure 21 shows IoT services 120 and the transaction that is related between SET orders and the IoT devices 101 of UPDATE orders Exemplary sequence.The mobile device at the mediating device such as centers IoT and user is not shown, to avoid the substantially former of the fuzzy present invention Reason.At 2101, SET orders 2101 are received from IoT service transmissions to IoT devices 101 by BT communication modules 1901, should The GATT value buffering areas identified by characteristic ID in 2102 updates to SET command responses.At 2103, pass through low power microcontroller (MCU) 200 (or the program code by being executed on low-power MCU, IoT device application logics shown in such as Figure 19 1902) the SET orders are read from value buffering area.At 2104, MCU 200 or program code are executed in response to the SET orders Operation.For example, SET orders may include the Property ID of the specified new configuration such as new temperature of parameter, or it may include state value such as ON/OFF (so that IoT devices enter "ON" or low power state).Therefore, new value is centered in IoT dresses at 2104, and And UPDATE orders are returned at 2105, at 2106 actual value is updated in GATT value fields.In some cases, actual value Desired value will be equal to.In other cases, newer value may be different (that is, because IoT devices 101 may need the time to come more New certain form of value).Finally, at 2107, UPDATE orders are communicated back to comprising the actual value from GATT value fields IoT services 120.

Figure 22 shows the peace of an embodiment according to the present invention serviced for realizing IoT between IoT devices The method of full communication channel.This method can be implemented in the environment of the above-mentioned network architecture, but be not limited to any certain architectures.

At 2201, IoT service using elliptic curve digital signature algorithm (ECDSA) certificate create for the centers IoT The encryption channel of communication.At 2202, IoT services are using the data-/ command in session password encryption IoT device data packets to create Build encrypted device data packet.As described above, session password can be independently generated by IoT devices and IoT services.At 2203, IoT Encrypted device data packet is transferred to the centers IoT by service by encryption channel.At 2204, in the case of non-decrypting, IoT Encrypted device data packet is passed to IoT devices by center.At 2205, IoT devices are decrypted encrypted using session password Device data packet.As described above, in one embodiment, this can be accomplished by the following way：Use password and counter Value (being provided with together with encrypted device data packet) generates key stream, then carrys out decrypted data packet using the key stream. At 2206, then IoT devices extract and handle the data in device data packet and/or order.

Therefore, using above-mentioned technology, two-way, safe network socket is established between the device that BT can have been enabled at two Word is abstract, without using standard matching technology formally to match BT devices.Although above for what is communicated with IoT services 120 IoT devices 101 describe these technologies, but the basic principle of the present invention may be implemented as having enabled BT's in any two Negotiate between device and establishes secure communication channel.

Figure 23 A to Figure 23 C show the method detailed for contrast means of an embodiment according to the present invention.It should Method can be implemented in the environment of above system framework, but be not limited to any particular system framework.

At 2301, IoT service-creations include the data packet of the sequence number and public keys of IoT services.At 2302, IoT services sign data packet using factory's private cipher key.At 2303, IoT services are sent the data packet by encryption channel To the centers IoT, and at 2304, which is forwarded a packet to IoT devices by IoT centrally through unencryption channel.At 2305, IoT devices veritify the signature of the data packet, and at 2306, and IoT devices are generated comprising the sequence number of IoT devices and public close The data packet of key.At 2307, IoT devices sign the data packet using factory's private cipher key, and at 2308, IoT devices The data packet is sent to the centers IoT by unencryption channel.

At 2309, which is forwarded a packet to IoT services by IoT centrally through encryption channel, and at 2310, IoT The signature of the data packet is veritified in service.At 2311, IoT service creation session keys pair, and at 2312, IoT waiter At the data packet for including session public keys.Then IoT services sign the data at 2313 using IoT service private cipher keys Packet, and the data packet is sent to the centers IoT by IoT services by encryption channel at 2314.

Go to Figure 23 B, which is forwarded a packet to IoT devices by the centers IoT at 2315 by unencryption channel, and At 2316, IoT devices veritify the signature of data packet.At 2317, it is close that IoT devices (for example, using above-mentioned technology) generate session Key pair, and at 2318, generate the IoT device data packets for including IoT device session public keys.At 2319, IoT devices IoT device data packets are signed using IoT device private cipher keys.At 2320, IoT devices are by unencryption channel by the data packet The centers IoT are sent to, and at 2321, which is forwarded a packet to IoT services by IoT centrally through encryption channel.

At 2322, the signature (for example, using IoT devices public keys) of the IoT service veritifications data packet, and At 2323, IoT services service private cipher key and IoT devices public keys to generate session password (as institute is detailed above using IoT Description).At 2324, IoT devices generate session password (again using IoT devices private cipher key and IoT service public keys It is secondary as described above), and at 2325, IoT devices are generated random digit and simultaneously it are encrypted using session password.2326 Encrypted data packet is sent to the centers IoT by place, IoT services by encryption channel.At 2327, IoT is centrally through unencryption Encrypted data are forwarded a packet to IoT devices by channel.At 2328, IoT devices decrypt the data packet using session password.

Figure 23 C are gone to, at 2329, IoT devices use the session password re-encrypted data packet, and at 2330, Encrypted data packet is sent to the centers IoT by IoT devices by unencryption channel.At 2331, IoT is centrally through encryption channel Encrypted data are forwarded a packet into IoT services.At 2332, IoT services decrypt the data packet using session password.2333 Place, IoT services veritify whether the random digit matches with the random digit that it sends.IoT services, which are then sent at 2334, to be referred to Show the completed data packet of pairing, and uses all subsequent messages of session password encryption at 2335.

For changing packet interval

Timing is to identify the device and method of data transmission conditions

Bluetooth Low Energy (BTLE) device sends the notification data packet separated by " advertisement interval " to establish between the devices Connection.BTLE peripheral units use advertisement interval to surrounding each devices broadcasting notification data packet.Receiving BTLE devices can Then this information is operated or connected to receive more information.

2.4GHz frequency spectrums for BTLE expand to 2480MHz from 2402MHz, and are using the number of 40 1MHz wide 0 to 39 channel.Each channel spacing 2MHz.Channel 37,38 and 39 is only used for sending notification data packet.Remaining channel is for connecting Data exchange during connecing.During BTLE is noticed, BTLE peripheral units are in succession in 3 announcement channel transmitting data packets.With Those channels for notification data packet will be intercepted in the central means of scanning means or beacon, to help it to find neighbouring Device.Channel 37,38 and 39 is spread in entire 2.4GHz frequency spectrums intentionally (that is, channel 37 and 39 is first letter in frequency band Road and the last one channel, and channel 38 is intermediate channels).If any single announcement channel is prevented from, other channels May be idle, because they are separated by the bandwidth of several MHz.

When IoT devices have data to be transmitted, it is typically included the mark of the part as its notification data packet Note, is sent so that designation date is ready.In one embodiment of the invention, IoT devices are marked without using this, and It is to adjust advertisement interval to indicate that it has the data of hang-up.For example, if T be no data hang up when notification data packet between when Between, then different advertisement interval such as 0.75T, 0.5T or 1.25T may be selected and carry out designation date hang-up.In an embodiment In, two different intervals can be programmed based on the specific requirement of application, and make it difficult to determine which interval is which state.

Figure 24 shows that an embodiment of IoT devices 101, wherein BTLE communication interfaces 2410 are included in data preparation It is ready to select logic 2411 for adjusting the advertisement interval of advertisement interval when being transmitted.In addition, the BTLE on the centers IoT 110 Communication interface 2420 includes that advertisement interval detection logic 2421 confirms and receive number to detect the variation of advertisement interval, provide According to.

In particular, in the embodiment of illustration, the application 2401 on IoT devices 101 indicates it with to be sent Data.In response, advertisement interval selection logic 2411 will change advertisement interval to notify 110 data of the centers IoT that will be transmitted (for example, interval is changed to 0.75T or some other values).When advertisement interval detection logic 2421 detects variation, BTLE Communication interface 2420 is connected to the BTLE communication interfaces 2410 of IoT devices 101, indicates its ready reception data.IoT devices 101 BTLE communication interfaces 2410 then transfer data to the BTLE communication interfaces 2420 at the centers IoT.The centers IoT then can Pass data to IoT services 120 and/or subscription client device (not shown).After data are transmitted, advertisement interval choosing Normal advertisement interval (for example, AI=T) then can be reverted to by selecting logic 2411.

In one embodiment of the invention, using one or more of above-mentioned secure/encrypted technology (referring to example Such as Figure 16 A to Figure 23 C and related text), establish secure communication channel between IoT devices 101 and IoT services 120.For example, In one embodiment, IoT services 120 execute as described above exchanges with the key of IoT devices 101, to encrypt IoT devices All communications between 101 and IoT services 120.

The method that an embodiment according to the present invention is shown in Figure 25.This method can be in the ring of above system framework It is domestic to implement, but it is not limited to any specific system architecture.

At 2500, IoT devices use standard advertisement interval (for example, interval time T) when generating notice grouping.IoT Device keeps standard advertisement interval at 2502, until it has data transmission, is determined at 2501.Then, at 2503, IoT Device switches advertisement interval to indicate that it has data transmission.At 2504, the centers IoT or other network equipments are established and are filled with IoT The connection set, to allow IoT devices to transmit its data.Finally, at 2505, the data transmission that IoT devices are hung up arrives The centers IoT.

Although should be pointed out that the advertisement interval technology described in the context of BTLE agreements herein, the present invention's Basic principle is not limited to BTLE.In fact, the basic principle of the present invention can be in selection for establishing wireless communication between the devices Advertisement interval any system on realize.

Although in addition, showing the dedicated centers IoT 110 in above-mentioned many embodiments, dedicated IoT is not needed Central hardware platform come follow the present invention basic principle.For example, can be various other by above-mentioned various IoT center implementations Net device is (such asWithDevice) in execute software.In fact, the above-mentioned centers IoT can be can be with (for example, using BTLE or other local wireless protocols) is realized on any device of IoT devices communication and is established on the internet Connection (services) for example, being connected to IoT using WiFi or cellular data.

When the centers IoT are connected to IoT devices

System and method for reducing channel radio traffic

When specific position configure multiple centers IoT when, single IoT devices can in each IoT in range The heart connects.As described above, IoT devices can be used announcement channel that it is notified " can to connect " any centers IoT in range, thus make It obtains the centers IoT and may be connected to the IoT devices to transmit order and/or data.When multiple centers IoT are located at the range of IoT devices When interior, IoT services can attempt the command/data that IoT is addressed to by each transmission in these centers IoT, to waste Wireless bandwidth simultaneously reduces performance (for example, due to interference from multiple transmission).

In order to solve this problem, one embodiment of the invention implements technology to ensure once the success of the specific centers IoT IoT devices are connected to, then another center IoT will be notified to cease attempt to transmission command/data.This embodiment will be with reference to figure 26A to 26C is described, and it illustrates one group of exemplary center IoT 110 to 112, all of which is located at the range of IoT devices 101 It is interior.Therefore, the secure wireless communication module 2610 of IoT devices 101 is it can be seen that and be connected to each centers IoT 110 to 112 Secure wireless communication module 2650 to 2652.In one embodiment, secure wireless communication module includes above-mentioned safe BTLE Module.However, the basic principle of the present invention is not limited to any special communication protocol.

As shown in fig. 26, in one embodiment, the secure wireless communication module 2610 of IoT devices 101 includes notice Control logic 2610 indicates its " can connect " (that is, can periodically to transmit advertising beacon to neighbouring wireless communication device It is connected by any device in range).Then recognize IoT devices in any centers IoT 110 to 112 for receiving advertising beacon 101, and secure wireless communication module 2650 to 2652 is when command/data is by IoT service addressings to IoT devices 101 It may be connected to the secure wireless communication module 2610 of IoT devices 101.

As shown in fig. 26b, in one embodiment, when IoT services have the data-/ command for IoT devices 101 When, data-/ command can be transferred to all centers IoT 110 to 112 in specific position (for example, associated with user account by it And/or all centers IoT in 101 range of IoT devices).As shown, each in the centers IoT 110 to 112 then can Trial is connect with IoT devices 101 to provide command/data.

As shown in Figure 26 C, in one embodiment, only single centers IoT 111 will be successfully connected to IoT devices 101 simultaneously Command/data is provided for the processing of IoT devices 101.For certain wireless communication protocols, such as BTLE, once connection is established, peace Full Wireless communication module 2610 will stop transmitting advertising beacon.Therefore, other centers IoT 110,112 will be unable to know IoT devices 101 have been properly received the data from the centers IoT 111, and will continue to attempt to transmission command/data, to which consumption is without tape Width simultaneously generates interference.

To solve the limitation, an embodiment of secure wireless communication module 2610 includes connection manager 2611, should Connection manager causes notice to control detecting with after being successfully connected of the secure wireless communication module 2651 at the centers IoT 111 Molding block 2612 continues to transmit advertising beacon.However, new advertising beacon is not instruction IoT devices 101 " can connect ", and refer to Show IoT devices 101 " can not connect ".In one embodiment, it is indicated in response to " can not connect ", the centers IoT 110,112 Secure wireless communication module 2650,2652 will cease attempt to command/data being transferred to IoT devices, unnecessary to reduce Channel radio traffic.

Above-mentioned technology is undesirable wireless communication using the technology that can be easy to implement on the top layer of existing wireless protocols Amount provides high-quality solution.For example, in one embodiment, implement " can connect " in BTLE standard environments and " can not Connection " instruction.However, as described above, a variety of different wireless network protocols can be used to implement the basic principle of the present invention.

The method that an embodiment according to the present invention is shown in Figure 27.This method can be in the ring of above system framework It is domestic to implement, but it is not limited to any specific system architecture.

At 2701, order and/or data are by two or more centers IoT from IoT service transmissions.For example, user It can attempt to control IoT devices via the application program being connected in user's mobile device of IoT services.At 2702, in IoT The heart attempts to connect to IoT devices, and one of centers IoT be successfully connected to IoT devices and to IoT devices provide order/ Data.As described above, the centers IoT may be transmitted " can connect " instruction in advertising beacon due to IoT devices and recognize IoT and fill It sets.

At 2703, in response to successfully connecting, IoT devices start to transmit " can not connect " advertising beacon, to notify Any centers IoT IoT devices in range can no longer connect.It is other after receiving " can not connect " beacon at 2704 The centers IoT cease attempt to command/data being transferred to IoT devices.

For protecting Internet of Things (IoT) device

Preset system and method

As described above, in one embodiment, when device notices the centers IoT, it is used for using center and IoT services 8 bytes " device ID " of unique mark IoT devices.Device ID may include the unique barcode printed on IoT devices or QR codes It is interior, it is read and is transferred to IoT services with preset/registration IoT devices in systems.After carrying out preset/registration, device ID It is used to address IoT devices in systems.

This safety worries implemented is, can be with since bar code/QR codes data can be without encrypted transmission The wireless transmission of device ID is detected to damage system, to allow another user that device ID is associated with its account.

In one embodiment, in order to solve this misgivings, " association ID " is associated with each device ID, and preset It uses in the process, to ensure that device ID is never transmitted in removing.As shown in figure 28, in this embodiment, it is associated with ID 2812 Include in the bar code/QR codes printed on IoT devices 101, and device ID 2811 is retained securely in and implements above-mentioned technology In secure wireless communication module 2810 to ensure to service 120 secure communication with IoT.In one embodiment, it is associated with ID 2812 are analogous to the 8 byte ID of device ID, and are unique for each IoT devices.As preset new IoT in systems When device 101, user includes association ID 2812 using the scanning of user apparatus 135 for being equipped with IoT application programs or application thereon Bar code/QR codes.Alternatively or additionally, it includes the bar shaped for being associated with ID that the centers IoT 110, which can be used for capturing, Code/QR codes.

In either case, association ID is transferred to the device preset module 2850 in IoT services 120, IoT services exist Including executing lookup in associated facility database 2851 between each association ID and each device ID.Device preset module 2850 Carry out identification device ID 2811 using association ID 2812, then use device ID preset new IoT devices 101 in systems.Tool It says to body, after 2851 determining device ID of facility database, device preset module 2850 transfers the command to the centers IoT 110 (it may include user apparatus 135), to authorize 110 use device ID 2811 of the centers IoT to be communicated with IoT devices 101.

In one embodiment, when manufacturing IoT devices 101 (that is, in preset secure wireless communication module 2810), Association ID 2812 is generated in factory.Device ID 2811 is serviced and is stored with being associated with ID 2812 and be both subsequently fed to IoT In facility database 2851.As shown, facility database 2851 may include designating whether the instruction of preset each device. For example, this can be the binary value with the first value (for example, 1) and second value (for example, 0), and the first value indicates IoT devices 101 is preset, and second value instruction IoT devices are not preset.After system intialization/registration IoT devices 101, you can use device ID, because the communication that IoT is serviced between 120 and IoT devices 101 is protected using above-mentioned safe practice.

In one embodiment, when user sells IoT devices, user can by log on to IoT service 120 and from Family account release IoT devices carry out release device ID.New user then can carry out preset IoT using the preset technology of device as described herein IoT devices are simultaneously associated with by device with its account.

The method that an embodiment according to the present invention is shown in Figure 29.This method can be in the ring of above system framework It is domestic to implement, but it is not limited to any specific system architecture.

At 2901, association is generated (for example, in the work of manufacture IoT devices with being associated between ID in the device ID of IoT devices Factory and office).Association ID can be embedded in the bar code/QR codes printed on IoT devices.At 2902, device ID and the pass being associated between ID Connection is stored in IoT services.At 2903, user buys new IoT devices and scans the bar code/QR codes for including association ID (for example, via the user's mobile device for being equipped with application program or application thereon or via in the IoT with barcode reader The heart).

At 2904, association ID is transferred to IoT services, and at 2905, carrys out identification device ID using association ID. At 2906, the preset IoT devices of use device ID.For example, renewable IoT facility databases are to indicate that specific device ID is pre- It sets, and device ID can be transferred to the centers IoT by IoT services, the instruction centers IoT are communicated with new IoT devices.

For being executed in Internet of Things (IoT) system

The system and method for flow control

Local wireless network operational network traffic will be increased based on the IoT devices quantity in given position.In addition, in some cases Under, in view of the function that IoT devices execute, IoT devices may the reasonable more data of transfer ratio.For example, soft on IoT devices Part/hardware may break down or IoT devices may continuously be serviced to IoT so as to cause IoT devices and passed by hacker attack Defeated unwanted data.

One embodiment of the invention solves these problems, and concrete mode is that flow control is executed at the centers IoT, from And effectively ignore data traffic when specific IoT devices reach specified data threshold value.In one embodiment, each IoT devices are configured to the specified collection with flow control parameter, with indicate IoT devices be allowed to transmission period in number According to amount.Flow control parameter can be based on the type of IoT devices.For example, certain IoT devices such as door locks and thermostat usually answer week Only transmit to phase property short packages, and other IoT devices such as video camera may be transmitted in a manner of aperiodicity it is a greater amount of Data.Therefore, flow control parameter can be set to provide the bandwidth of sufficient amount based on the expected operation of related IoT devices. In one embodiment, each IoT devices are distributed to particular flow rate control " class " by the data demand based on the IoT devices.

One such embodiment is shown in Figure 30, and it illustrates with secure wireless communication module 2810,3030,3040 Multiple IoT devices 101 to 103, the secure wireless communication module be each configured with different flow control parameter collection 3015, 3031、3041.In one embodiment, flow control parameter specifies each IoT devices it is contemplated that transmission in designated time period Data frequency and/or amount (for example, 0.25Mb/ hours, 50Mb/ hours, 100Mb/ days, 10 communication trial/days etc.). In one embodiment, can 120 target flow control parameters 3015,3031,3041 be serviced by IoT, as shown, the IoT Service includes device management module 3021 to manage the flow control parameter 3020 of each device in IoT facility databases 2851 Collection.For example, after determining the data transportation requirements for each IoT devices, each Row control parameter 3020 can be carried out It is updated to reflect that these requirements.

As described above, in one embodiment, facility database 2851 includes being directed to multiple and different flow controls " class " The data transportation requirements of (for example, audiovisual appliances, temperature device, control device, safety device etc.).It introduces in systems newly When IoT devices, then according to the requirement of the IoT devices and/or the type of IoT devices, the IoT devices and particular flow rate are controlled Class is associated.

The flow control parameter 3020 of each device can be assigned to that the centers IoT 110, which includes flow control Logic 2811 is managed, the copy 3010 of the flow control parameter of each device is stored in local data base.Implement at one In scheme, flow control management 2811 can monitor received from and/or be transferred to the data communication of each IoT devices 101 to 103 Amount.If data traffic reaches specified threshold (as indicated by each device flow control parameter 3010), the centers IoT 110 It may indicate that IoT devices stop transmission a period of time and/or can only prevent the flow from IoT devices.

If specific IoT devices are in horizontal transport/reception higher than specified threshold, this may indicate that IoT devices have event Barrier.Therefore, in one embodiment, IoT services 120 can transmit order to reset IoT devices.If device is still higher than threshold Software upgrading such as patch can be transferred to IoT devices by the Horizontal communication of value, then IoT services 120.Install update software it Afterwards, IoT devices will reset and use new software initialization.In addition, can user apparatus be sent to from IoT services for notice, with logical Know that there are failures for user IoT devices.

In one embodiment, although having reached data communication threshold, the centers IoT 110 still allow certain types Data traffic.For example, in one embodiment, even if IoT devices allow certain if having reached center 110 its threshold value IoT " high priority " notice of a little types.For example, if IoT devices are door lock or gate inhibition's detector, under certain conditions (for example, when house is monitored), the centers IoT 110 can transmit instruction someone and open the door that IoT devices are wherein used Data.Similarly, if IoT devices are heat and/or smoke detector, the centers IoT 110 can transmit instruction alert consitions Data (for example, since temperature has reached threshold value).No matter current flow regulation state why, can all be passed by the centers IoT 110 Pass " high priority " notice (for example, indicating the notice of potential danger condition) of various other types.In one embodiment, Identify that these " high priorities " notify using different attribute as described below.

The method that an embodiment according to the present invention is shown in Figure 31.This method can be in the ring of above system framework It is domestic to implement, but it is not limited to any specific system architecture.

It is each IoT devices target flow control parameter at 3101.In one embodiment, and IoT can be filled It sets and distributes to the specific IoT devices " class " with target flow control parameter collection associated there.At 3102, flow control Parameter is stored on the centers IoT in IoT systems.In one embodiment, each center can store all IoT devices ginsengs Several subsets (for example, only local those of preset IoT devices parameter).

If IoT Spot detections are operated to specific IoT devices with the target flow control parameter for not being the determination at 3103, Then at 3104, the centers IoT will temporarily avoid further being communicated with IoT devices (for example, between preventing IoT devices and IoT from servicing Communication).In addition, as described above, IoT service and/or the centers IoT can take measures, by restart IoT devices and/or Software upgrading is installed on IoT devices to solve the problems, such as.

Internet of Things (IoT) device and the traffic are managed for using Attribute class

System and method

Different IoT devices can be used for executing different functions in given position.For example, certain IoT devices can be used for Data such as temperature and state (for example, open/close state) are collected, and this data report is returned into IoT services, data can be in IoT By visit to end user and/or for generating various types of alert consitions in service.In order to realize the implementation, of the invention one A embodiment manages the data being collected into, system data and the data of other forms using different types of Attribute class.

Figure 32 shows an embodiment of the IoT devices including secure wireless communication module 3218, the safe nothing Line communication module passes through serial line interface 3216 (such as serial peripheral interface (SPI) bus) and micro controller unit (MCU) 3215 Communication.Secure wireless communication module 3218 services 120 secure communication, and MCU 3215 using above-mentioned technical management with IoT Program code is executed to execute the function specific to application of IoT devices 101.

In one embodiment, the data collected by IoT devices and and IoT are managed using various different attribute classes The relevant system configuration of device.In particular, in the example shown in Figure 32, attribute includes application attribute 3210, system property 3211 and priority notification attribute 3212.In one embodiment, application attribute 3210 includes being executed with by IoT devices 101 The relevant attribute of the function specific to application.For example, if IoT devices include safety sensor, application attribute 3210 can The binary value whether opened including instruction door or window.If IoT devices include temperature sensor, application attribute 3210 can wrap Include the value of instruction Current Temperatures.It can define other attributes specific to application of virtually limitless quantity.In one embodiment, MCU 3215 executes the program code specific to application and only provides the access to the attribute 3210 specific to application.For example, Application developer can purchase the IoT devices 101 with secure wireless communication module 3218 and design and executed by MCU 3215 Application code.Therefore, application developer will need to access application attribute, but need not access other types described below Attribute.

In one embodiment, system property 3211 is used to define the operation and configuration of IoT devices 101 and IoT systems Attribute.For example, system property may include network configuration setting (for example, flow control parameter as described above), device ID, software Version, advertisement interval selection, security implementation characteristic (as described above) and required various other low level variables, so that IoT devices 101 can be communicated with IoT service safes.

In one embodiment, excellent to define based on importance degree associated with those attributes or seriousness degree First grade notification properties collection 3212.For example, if particular community such as reaches the associated (example of the temperature value of threshold value with unsafe conditions Such as, when user surprisingly leaves cooking stove or when the heat sensor in user family is triggered), then this attribute can distribute to priority Notification properties class.As described above, the mode that priority notification attribute can be different from other attributes is handled.For example, when specific excellent When first grade notification properties reach threshold value, no matter whether present flow rate controlling mechanism is by IoT center implementations, the centers IoT can will all belong to Property value pass to IoT service.In one embodiment, priority notification attribute also can trigger IoT services, in user family Or notice (for example, to warn user there are potential danger conditions) for user and/or alert consitions is generated in company.

As shown in Figure 32, in one embodiment, application attribute 3210, system property 3211 and priority notification category Property 3212 current state IoT service 120 facility database 2851 in be replicated/reflect.For example, when in IoT devices 101 When the one of attribute changes of upper update, change is transmitted to the device pipe in IoT services 120 by secure wireless communication module 3218 Logic 3021 is managed, thus the responsively attribute value in updating device database 2851.In addition, when user updates its of IoT services In attribute (such as adjusting current state or condition, all temperature as required) when, attribute change will be from device management logic 3021 are transferred to secure wireless communication module 3218, and the secure wireless communication module is by its local replica of subsequent Update attribute. In this way, attribute is maintained in a uniform matter between IoT devices 101 and IoT services 120.It also can be via being equipped with IoT application journeys The user apparatus of sequence or application and/or 120 access attributes are serviced from IoT by one or more external services 3270.Institute as above It states, IoT services 120 can expose Application Programming Interface (API) to access a variety of different Attribute class.

In addition, in one embodiment, priority notification processing logic 3022 can perform rule-based operation, with sound It is receivable to arrive and 3212 relevant notice of priority notification attribute.For example, if priority notification attribute indicates unsafe conditions (example Such as, flatiron or cooking stove are left by user), then priority notification processing logic 3022 can code fo practice collection to attempt to close dangerous dress It sets (for example, if it is possible, sending "Off" order to device).In one embodiment, priority notification handles logic 3022 Hazardous device can be determined whether to close (for example, if detecting use using the current location of other related datas such as user Family is away from home when hazardous device is in "On" state).In addition, priority notification processing logic 3022 can be to the client of user Device transmits alert consitions to inform the user correlated condition.Can by priority notification handle logic 3022 come implement it is various its The rule set of its type, to attempt to solve potential danger or other undesirable conditions.

BTLE property sets 3205 and attribute address decoder 3207 are also shown in Figure 32.In one embodiment, BTLE attributes 3205 can be used for establishing above with reference to the reading-writing port described in Figure 19 to Figure 20.Attribute address decoder 3207 is read Which attribute unique ID code associated with each attribute is receiving/is transmitting with determination and correspondingly handling the attribute (for example, recognition property is stored in the where in secure wireless communication module 3218).

Embodiment of the present invention may include various steps described above.These steps, which can be presented as, can be used for causing leading to The machine-executable instruction of these steps is executed with processor or application specific processor.Alternatively, these steps can be by comprising for holding The specific hardware components of the firmware hardwired logic of these steps of row execute, or the computer module by programming and custom hardware components Any combinations execute.

As described herein, instruction can be referred to particular hardware configuration, such as application-specific integrated circuit (ASIC), be configured as holding The certain specific operations of row or be embodied in the predetermined function stored in the memory in non-transitory computer-readable medium or Software instruction.Therefore, it is possible to use storing and holding on one or more electronic devices (for example, terminal station, network element etc.) Capable code and data realizes technology shown in attached drawing.Such electronic device using computer machine readable medium storage and Transmission (inside and/or with other electronic devices on network) code and data, computer machine readable medium such as right and wrong Transient computer machine readable storage medium is (for example, disk；CD；Random access memory；Read-only memory；Flash memory storage Device；Phase transition storage) and transient computer machine readable communication medium (for example, electricity, optics, acoustics or other forms Transmitting signal-carrier wave, infrared signal, digital signal etc.).In addition, this kind of electronic device generally include to be connected to one or The set of the one or more processors of multiple other assemblies, such as one or more storage devices of the other assemblies are (non-temporary State machine readable storage medium), user's input/output device (for example, keyboard, touch screen and/or display) and network connect It connects.The coupling of the processor sets and other assemblies usually passes through one or more buses and bridge (also referred to as total line traffic control Device processed) it carries out.Storage device and the signal of the bearer network traffic indicate respectively one or more machine readable storage mediums and Machine readable communication medium.Therefore, the storage device for giving electronic device would commonly be used for the code and/or data executed storage It is closed in the collection of the one or more processors of the electronic device.Of course, it is possible to use the difference of software, firmware and/or hardware Combine to realize the present invention is one or more parts of embodiment.

In entire specific implementation mode, for illustrative purposes, many specific details are set forth to understand thoroughly this Invention.However, those skilled in the art is readily apparent, can be put into practice in the case of some in not having these specific details The present invention.In some cases, to exempt from fuzzy subject of the present invention, well-known structure and function are not described in detail.Therefore, The scope of the present invention and essence should be determined according to the appended claims.

Claims (40)

1. a kind of method, including：

It generates and is associated between new Internet of Things (IoT) device identifies (ID) code and is associated with ID codes；

By the associated storage in the IoT facility databases that IoT is serviced；

The association ID codes are retrieved from the new IoT devices；

The association ID code transfers are serviced to the IoT, the IoT services are using the association ID codes in the IoT It executes and is searched to determine described device ID codes in facility database；And

The preset new IoT devices are to use described device ID codes and the IoT communication for services.

2. according to the method described in claim 1, the wherein preset IoT devices include taking described device ID from the IoT Business is transferred at least one centers IoT, to instruct the centers IoT to allow to communicate with the IoT devices.

3. according to the method described in claim 2, the wherein described new IoT devices using described device ID codes establish with it is described The secure communication channel of IoT services.

4. according to the method described in claim 1, the wherein described association ID is embodied in QR codes or bar shaped on the new IoT devices In code.

5. according to the method described in claim 4, it includes described on the reading new IoT devices wherein to retrieve the association ID QR codes or bar code.

6. according to the method described in claim 5, the client that operates with for wherein reading the QR codes or bar code fills It the application program set or application and/or is executed using the centers IoT.

7. according to the method described in claim 1, the wherein described IoT services are to update the IoT facility databases to indicate State new IoT devices have been subjected to it is preset.

8. according to the method described in claim 3, wherein establishing the peace between the new IoT devices and IoT services Full communication channel includes：

The communication between the IoT services and the new IoT devices is established by the centers IoT or mobile user devices；

Service public key is generated by the key generation logic of the first crypto engine in the IoT services and is serviced privately owned Key；

It is privately owned come generating means public keys and device by the key generation logic of the second crypto engine on the IoT devices Key；

The service public key is transferred to second crypto engine from first crypto engine, and by described device Public keys is transferred to first crypto engine from second crypto engine；

Password is generated using described device public keys and the service private cipher key；

Identical password is generated using the service public key and described device private cipher key；And

Using the password or using the data structure encryption that is obtained from the password and decryption in first crypto engine and The data packet transmitted between second crypto engine.

9. a kind of Internet of Things (IoT) system, including：

New IoT devices are stored thereon with the association that device identifies (ID) code and is associated between ID codes；

Store the IoT facility databases of the associated IoT services；

Client terminal device and/or the centers IoT, for retrieving the association ID codes from the new IoT devices；

The client terminal device and/or the centers IoT are used for association ID codes described in the IoT service transmissions；

The IoT services, for executing lookup in the IoT facility databases using the association ID codes with described in determination Device ID codes；And

The IoT services, are used for the preset new IoT devices so that the new IoT devices can use described device ID codes With the IoT communication for services.

10. system according to claim 9, wherein the preset IoT devices include taking described device ID from the IoT Business is transferred at least one centers IoT, to instruct the centers IoT to allow to communicate with the IoT devices.

11. system according to claim 10, wherein the new IoT devices using described device ID codes establish with it is described The secure communication channel of IoT services.

12. system according to claim 9, wherein the association ID is embodied in QR codes or item on the new IoT devices In shape code.

13. system according to claim 12, wherein it includes the institute read on the new IoT devices to retrieve the association ID State QR codes or bar code.

14. system according to claim 13, wherein reading the QR codes or the described of bar code operates with client It the application program of device or application and/or is executed using the centers IoT.

15. system according to claim 9, wherein the IoT services are to update the IoT facility databases to indicate State new IoT devices have been subjected to it is preset.

16. system according to claim 3, wherein establishing the peace between the new IoT devices and IoT services Full communication channel includes：

The communication between the IoT services and the new IoT devices is established by the centers IoT or mobile user devices；

Service public key is generated by the key generation logic of the first crypto engine in the IoT services and is serviced privately owned Key；

It is privately owned come generating means public keys and device by the key generation logic of the second crypto engine on the IoT devices Key；

The service public key is transferred to second crypto engine from first crypto engine, and by described device Public keys is transferred to first crypto engine from second crypto engine；

Password is generated using described device public keys and the service private cipher key；

Identical password is generated using the service public key and described device private cipher key；And

Using the password or using the data structure encryption that is obtained from the password and decryption in first crypto engine and The data packet transmitted between second crypto engine.

17. a kind of machine readable media being stored thereon with program code, said program code is worked as to be held by one or more machines When row so that the machine executes following operation：

It generates and is associated between new Internet of Things (IoT) device identifies (ID) code and is associated with ID codes；

By the associated storage in the IoT facility databases that IoT is serviced；

The association ID codes are retrieved from the new IoT devices；

The association ID code transfers are serviced to the IoT, the IoT services are using the association ID codes in the IoT It executes and is searched to determine described device ID codes in facility database；And

The preset new IoT devices are to use described device ID codes and the IoT communication for services.

18. machine readable media according to claim 17, wherein the preset IoT devices include by described device ID from The IoT service transmissions are at least one centers IoT, to indicate that the centers IoT allow to communicate with the IoT devices.

19. machine readable media according to claim 18, wherein the new IoT devices are built using described device ID codes The vertical secure communication channel with IoT services.

20. machine readable media according to claim 17, wherein the association ID is embodied on the new IoT devices In QR codes or bar code.

21. machine readable media according to claim 20, wherein it includes reading the new IoT dresses to retrieve the association ID The QR codes or bar code set.

22. machine readable media according to claim 21, wherein reading the operation of the QR codes or bar code makes With on client terminal device application program or application and/or executed using the centers IoT.

23. machine readable media according to claim 17, wherein the IoT services are the update IoT devices data Library is to indicate that it is preset that the new IoT devices have been subjected to.

24. a kind of system, including：

Multiple IoT devices；

The centers IoT, the centers IoT are established local wireless with the multiple IoT devices and are connect, to fill the multiple IoT It sets and is communicatively coupled to IoT services；

The centers IoT, for storing the flow control parameter of each in the multiple IoT devices, the flow control ginseng Base data communication requirements of each in the IoT devices are determining and indicate one of each in the IoT devices Or multiple data communication thresholds；

The centers IoT are communicated for monitoring with the data of each in the IoT devices, in the determination IoT devices Whether one have reached by the flow control parameter specified data communication threshold, wherein communicating threshold in response to reaching its data First IoT devices of value, the centers IoT temporarily prevent the communication between the first IoT devices and IoT services.

25. system according to claim 24, wherein by the flow control parameter from the IoT service transmissions to described The centers IoT.

26. system according to claim 25, wherein the flow control parameter is defined as multiple flow control classes, and Wherein each IoT devices are associated with one in the flow control class.

27. system according to claim 26, wherein each in the IoT devices is associated with flow control class The flow control class and data be stored in the IoT facility databases in the IoT services.

28. system according to claim 24, wherein monitoring and the data communications packets of each in the IoT devices It includes monitoring and is transferred to data volume and/or each IoT devices that the IoT is serviced one from each IoT devices whithin a period of time The section time interior number with the IoT communication for services.

29. system according to claim 24, wherein it includes ignoring or abandoning the number from the IoT devices temporarily to prevent According to transmission.

30. system according to claim 29, wherein the centers IoT prevent and the IoT within the specified duration Communication for service and the recovery communication after the specified duration.

31. system according to claim 24, wherein the centers IoT are when determination has reached the data communication threshold The IoT services are noticed, IoT services execute software upgrading and/or restarting the first IoT devices with response mode.

32. system according to claim 24, wherein the centers IoT allow from the certain of the first IoT devices The data of specified type communicate, although having reached the data communication threshold.

33. system according to claim 32 fills wherein the data communications packets of certain specified types are included with the IoT The high priority attribute set it is associated those.

34. a kind of method, including：

For each specified attribute in multiple data item for managing in Internet of Things (IoT) device and/or IoT services；

Define multiple Attribute class；

Each in the attribute is associated with one or more of the Attribute class, wherein the Attribute class is specified such as What stores and processs the data item by the component and/or the IoT services of the IoT devices；

The wherein described Attribute class includes priority notification Attribute class, and first group of attribute is based on associated with first group of attribute Importance or severity levels are associated with the priority notification Attribute class；

The notice for attribute associated with the priority notification Attribute class from the IoT devices is sent to described IoT is serviced, and is retransmited later for other notices with the incoherent attribute of priority notification Attribute class；And

After receiving the notice, the IoT service on implement one group of priority notification attribution rule, with attempt processing with It is described to notify associated potential danger or other undesirable conditions.

35. according to the method for claim 34, wherein the IoT devices include：

Micro controller unit, for executing the program code specific to application with execute the IoT devices specific to application Function；And

Secure wireless communication module, for establishing the secure wireless communication channel with IoT services.

36. according to the method for claim 35, wherein the Attribute class, which is included in, executes the program specific to application The application attribute class that the MCU can be used when code.

37. according to the method for claim 36, wherein the Attribute class further include the secure wireless communication module, it is described The system property class for the system property that MCU and/or the IoT services can use.

38. according to the method for claim 37, wherein the system property, application attribute and priority notification attribute are in institute It states synchronous between IoT devices and IoT services.

39. according to the method for claim 38, wherein in the system property, application attribute and priority notification attribute One or more services synchronous between client terminal device and/or one or more external services in the IoT.

40. according to the method for claim 39, being configured to hinder wherein the flow control due to specific IoT devices limits Only with the IoT of the incoherent notice of priority notification Attribute class centrally through from the priority notification Attribute class phase The notice of the associated IoT devices is transmitted.