A kind of safe internet of things data communication means of new generation
Technical field
The present invention relates to a kind of communication means more particularly to a kind of safe internet of things data communication parties of new generation
Method.
Background technique
Forwarding and routing by intermediate node are communicated between node in Internet of Things of new generation to realize, therefore, are realized
It is exactly to reduce data transfer delay that Internet of Things of new generation, which needs one of the key technology solved, to allow users to quick obtaining
Network service.With the development of technology of Internet of things of new generation, Internet of Things of new generation can become future network and provide one kind of service
Mode.
Currently, the implementation pattern of Internet of Things of new generation is to be realized by broadcasting, therefore delay and cost are all bigger, drop
Low network service performance.Therefore, how to reduce Internet of Things of new generation and provide the delay serviced and cost as Recent study
Hot issue.
Summary of the invention
Goal of the invention: a kind of safe the technical problem to be solved by the present invention is in view of the deficiencies of the prior art, provide
Internet of things data communication means of new generation.
Technical solution: the invention discloses a kind of safe internet of things data communication means of new generation, which is characterized in that institute
Stating Internet of Things includes more than two routers, more than two servers and more than two nodes;
A kind of data are by a title unique identification;Node is divided into consumption node and production node;Consumption node is to have the right
Limit obtains a kind of node of data, such as obtains TV play video data;Node is produced to have permission publication and updating a kind of number
According to node, such as publication and update TV play video data;
One production node is authorized to publication and updates the data of more than one types, and a type of data can be by two
The publication of production node and update of a above authorization;
The consumption node and production nodal information of the data of one type can only be stored in the server of an authorization, and one
A server can authorize the consumption node for saving a kind of or more than two categorical datas and production nodal information;
One consumption node is authorized to the data for obtaining more than one Class Types;
The corresponding private key of a type of data and a public key, public key be the title of the mark data, private key the
Tripartite's authentication agency issues, such as e-business certification authorized organization (CA, Certificate Authority);
When a consumption node, which is authorized to, obtains a type of data, the private key and public affairs of the type data can be obtained
Key consumes node using the public key of private key encryption the type data of the type data and obtains encrypted title, encrypted
Title is known as privacy title, and Encryption Algorithm can use any rivest, shamir, adelman, such as RSA;When a production node quilt
When authorization issues and updates a type of data, the private key and public key of the type data can be obtained, production node utilizes should
The public key of private key encryption the type data of categorical data obtains the privacy title of the data;It is saved when a server is authorized to
When a kind of consumption node of categorical data and production nodal information, the private key and public key of the type data, the service can be obtained
Device obtains the privacy title of the data using the public key of private key encryption the type data of the type data;
One production node, consumption node and server save a key list respectively;One cipher key list items is by private key, public affairs
Key and privacy title are constituted;
One production node executes operations described below: the production for oneself having permission each type data of publication and update
Node creates a cipher key list items, and the private key thresholding of the cipher key list items is the private key of the type data, and public key thresholding is that mark should
The title of categorical data, privacy title thresholding are the privacy title of the type data;
One consumption node executes operations described below for oneself having permission each type data of acquisition: the consumption node is created
A cipher key list items are built, the private key thresholding of the cipher key list items is the private key of the type data, and public key thresholding is mark the type number
According to title, privacy title thresholding be the type data privacy title;
If a server has permission the consumption node for saving a kind of categorical data and the information for producing node, execute
Operations described below: the server creates a cipher key list items, and the private key thresholding of the cipher key list items is the private key of the type data, public key
Thresholding is to identify the title of the type data, and privacy title thresholding is the privacy title of the type data;
One node or server configure an interface, the more than two interfaces of configuration of routers, the interface
It is divided into Upstream Interface and downstream interface;One Upstream Interface is connected with a router, a downstream interface and a node or
Person's server is connected;
For one interface by an interface ID unique identification, the interface that an interface ID is x is abbreviated as interface x;
Node is communicated by message, and a kind of message is by type of message unique identification;
Value of message types is as follows:
Type of message title |
Value of message types |
Server gives out information |
1 |
Consume message |
2 |
Produce message |
3 |
Request message |
4 |
Response message |
5 |
PUSH message |
6 |
Each router safeguards that a server table, a server list item include the domain interface ID, privacy title-domain and life
Order period region;Server is given out information by sending server come safeguard service device table, and a server gives out information comprising disappearing
Cease type and privacy name set;Server S 1 is connected with router R1, and is periodically executed operations described below with safeguard service device table:
Step 101: starting;
Step 102: server S 1 constructs a key title lumped parameter PNS1, checks cipher key list items and by each key
Privacy title thresholding in list item is added in parameter PNS1, is sent a server and is given out information, which gives out information
Value of message types be 1, privacy name set thresholding be parameter PNS1 value;
Step 103: router R1 is received after the server gives out information from downstream interface f1 and is checked server table;For
Each element E1 in the key name set that the server gives out information, router R1 execute operations described below: if there is one
A server list item, the interface ID of the server list item are equal to f1, and privacy title is equal to element E1 and life cycle is not less than most
The difference of big Lifetime values M1 and threshold value T1, then follow the steps 113, no to then follow the steps 104;Maximum lifetime value M1 and threshold
Value T1 is preset, and M1 is much larger than T1, such as M1 can be 1s with value, and T1 value is 100ms;
Step 104: router R1 judges whether there is a server list item, and the interface ID of the server list item is equal to f1
And privacy title is equal to element E1, it is no to then follow the steps 106 if it is thening follow the steps 105;
Step 105: router R1 selects a server list item, and the interface ID of the server list item is equal to f1 and privacy name
Claim to be equal to element E1, sets maximum lifetime value for the life cycle of the server list item, execute step 107;
Step 106: router R1 creates a server list item, and the interface ID of the server list item is equal to f1, privacy name
Claim to be equal to element E1, life cycle is set as maximum lifetime value;
Step 107: router R1 gives out information from the server that the forwarding of each Upstream Interface receives;
Step 108: router receives after the server gives out information from Upstream Interface f2 and checks server table;For this
Each element E2 in the key name set that server gives out information, the router execute operations described below: if there is one
Server list item, the interface ID of the server list item are equal to f2, and privacy title is equal to element E2 and life cycle is not less than maximum
The difference of Lifetime values M1 and threshold value T1, then follow the steps 113, no to then follow the steps 109;
Step 109: receiving the router that the server gives out information from Upstream Interface f2 and judge whether there is a clothes
It being engaged in device list item, the interface ID of the server list item is equal to f2 and privacy title is equal to element E2, if it is thening follow the steps 110,
It is no to then follow the steps 111;
Step 110: the router that the server gives out information, which is received, from Upstream Interface f2 selects a server list item,
The interface ID of the server list item is equal to f2 and privacy title is equal to element E2, sets the life cycle of the server list item to
Maximum lifetime value executes step 112;
Step 111: the router that the server gives out information, which is received, from Upstream Interface f2 creates a server list item,
The interface ID of the server list item is equal to f2, and privacy title is equal to element E2, and life cycle is set as maximum lifetime value;
Step 112: receiving router that the server gives out information from other than interface f2 from Upstream Interface f2
The server that each Upstream Interface forwarding receives gives out information, and executes step 108;
Step 113: terminating.
Server can be established to the routed path of oneself by the above process, since each router only handles first
A server received gives out information, and is given out information according to the server and is established to the routed path of server, therefore really
Protected router reach the server path performance be it is optimal, to reduce data communication cost and delay.
In the method for the invention, a server safeguards a consumption schedule, and each consumption list item is gathered by interface ID, hidden
Private title and life cycle are constituted;It consumes node and consumption schedule is safeguarded by consumption message;One consumption message includes type of message,
Interface ID set and privacy title;Consumption node CS1 is periodically executed operations described below maintenance consumption schedule:
Step 201: starting;
Step 202: consumption node CS1 checks key list, for each cipher key list items, consumes node CS1 and executes following behaviour
Make: consumption node CS1 sends a consumption message, and the value of message types of the consumption message is 2, and interface ID collection is combined into sky, privacy
Title is equal to the privacy title of the cipher key list items;
Step 203: judgement is that server or router from interface f3 receive the consumption message, then if it is server
Step 205 is executed, it is no to then follow the steps 204;
Step 204: after router receives the consumption message from interface f3, interface f3 being added to connecing for the consumption message
In mouth ID set and as the last one element;The router selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the consumption message, the interface identified from the interface ID thresholding of the server list item forwards the consumption to disappear
Breath executes step 203;
Step 205: after server receives the consumption message, checking consumption schedule, if there is a consumption list item, this disappears
The privacy title and interface ID set thresholding for taking list item are respectively equal to the privacy title and interface ID set thresholding of the consumption message,
Then maximum value is set by the life cycle of the consumption list item;Otherwise, which creates a consumption list item, the consumption list item
Privacy title and interface ID set thresholding be respectively equal to the consumption message privacy title and interface ID set thresholding, Life Cycle
Phase is set as maximum value;
Step 206: terminating.
Consumer establishes the routed path that server reaches oneself by the above process, since consumer reaches server
Routed path is realized by server table, and server table constructs the optimal routing road that server reaches each router
Diameter, therefore it is also optimal that server, which reaches the performance of the routed path of consumer, to reduce the generation that consumer obtains data
Valence and delay.
In the method for the invention, a consumption node and production node save a tables of data respectively;Each tables of data
Item includes privacy title, data field and timestamp;One server safeguards a production table, and each production list item is by interface ID collection
Conjunction, privacy title, timestamp and life cycle are constituted;It produces node and passes through production message maintenance production table;One production message
Comprising type of message, interface ID set and privacy title and timestamp;Production node P1 is periodically executed operations described below maintenance production
Table:
Step 301: starting;
Step 302: production node P1 checks key list, for each cipher key list items, produces node P1 and executes operations described below:
It produces node P1 and selects a data table items, the privacy title of the data table items is equal to the privacy title of the cipher key list items, sends
One production message, the value of message types of the production message are 3, and interface ID collection is combined into sky, and privacy title and timestamp are respectively etc.
In the privacy title and timestamp of the data table items;
Step 303: judgement is that server or router from interface x1 receive the production message, then if it is router
Step 305 is executed, it is no to then follow the steps 304;
Step 304: after router receives the production message from interface x1, interface x1 being added to connecing for the production message
In mouth ID set and as the last one element;The router selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the production message, the interface identified from the interface ID thresholding of the server list item forwards the production to disappear
Breath executes step 303;
Step 305: after server receives the production message, production table is checked, if there is a production list item, the life
The privacy title and interface ID set thresholding for producing list item are respectively equal to the privacy title and interface ID set thresholding of the production message,
Then it is the timestamp thresholding of the production message by the time stamp setting of the production list item, sets maximum value for life cycle;It is no
Then, which creates a production list item, and privacy title and interface ID the set thresholding of the production list item are respectively equal to the life
The privacy title and interface ID for producing message gather thresholding, and time stamp setting is the timestamp thresholding of the production message, by Life Cycle
Phase is set as maximum value;
Step 306: terminating.
The producer establishes the routed path that server reaches oneself by the above process, while server also saves production
Person issues the newest time of perhaps more new data in this way, consumer can be from the production section for issuing or updating latest data
Point obtains data, it is ensured that the real-time and validity of data;In addition, the routed path that the producer reaches server is based on server
Table realizes that, since server table constructs optimal routed path that server reaches each router, server reaches
The performance of the routed path of the producer is also optimal, to reduce propelling data and obtain the cost and delay of data.
In the method for the invention, consumption node obtains data, request message and sound using request message and response message
Answer message by type of message, interface ID set, privacy title and load are constituted;Acquisition title is had permission in consumption node CS1
The data that NA1 is identified, under conditions of the entitled PNA1 of the privacy of title NA1, consumption node CS1 passes through following processes acquisition name
The data for claiming NA1 to be identified:
Step 401: starting;
Step 402: consumption node CS1 sends request message, and the value of message types of the request message is 4, interface ID set
For sky, the entitled PNA1 of privacy is loaded as sky;
Step 403: judgement is that server or router from interface y1 receive the request message, then if it is server
Step 405 is executed, it is no to then follow the steps 404;
Step 404: after router receives the request message from interface y1, interface y1 being added to connecing for the request message
In mouth ID set and as the last one element;The router selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the request message, which is forwarded by the interface that the interface ID thresholding of the server list item is identified
Message executes step 403;
Step 405: after server receives the request message, selecting a consumption list item, the privacy name of the consumption list item
Identical and timestamp is referred to as newest with the privacy title of the request message, one interface ID lumped parameter a1 of the server construction,
The interface ID that the value of parameter a1 is equal to the request message gathers, and sets the consumption schedule for the interface ID set of the request message
The interface ID set of item, load are set as parameter a1, send the request message;
Step 406: if node receives the request message, then follow the steps 410, it is no to then follow the steps 407;
Step 407: if router receives the request message from downstream interface, thening follow the steps 409, otherwise execute step
Rapid 408;
Step 408: router receives the request message from Upstream Interface y2, and interface y2 is added to the request message and is born
In the parameter a1 of load and as the last one element;
Step 409: the router for receiving request message selects the last one element in request message interface ID set
The interface of mark deletes the last one element from request message interface ID set, sends the request from the interface chosen and disappear
Breath executes step 406;
Step 410: the node for receiving request message selects a data table items, and the privacy title of the data table items is equal to
The privacy title of the request message, selects a cipher key list items, and the privacy title of the cipher key list items is equal to the hidden of the request message
Private title;The node obtains encrypted data using the data field value in the public key encryption of the cipher key list items data table items;
The node sends a response message, and the value of message types of the response message is 5, and interface ID set is equal to the request message and loads
In parameter a1, privacy title is equal to the privacy title of the request message, loads as in encrypted data and the data table items
Timestamp;
Step 411: judgement is that node or router receive the response message, thens follow the steps 413 if it is node,
It is no to then follow the steps 412;
Step 412: after router receives the response message, selecting the last one member in response message interface ID set
The interface of element mark deletes the last one element from response message interface ID set, sends the response from the interface chosen
Message executes step 411;
Step 413: node selects a cipher key list items after receiving response message, and the privacy title of the cipher key list items is equal to
The privacy title of the response message is decrypted the data encrypted in response message load using the private key of the cipher key list items and is solved
Data after close;The node judges whether there is a data table items, and the privacy title of the data table items is equal to the response message
Privacy title, if it does, the node then by the data thresholding of the data table items be updated to decryption after data, by timestamp
The timestamp being set as in response message load;Otherwise, which creates a data table items, the privacy name of the data table items
Claim the privacy title for being equal to the response message, data thresholding is equal to the data after decryption, and time stamp setting is negative for the response message
Timestamp in load;
Step 414: terminating.
Data needed for consumption node obtains by the above process, since data communication is realized using consumption schedule and production table,
And consumption schedule establishes the optimal path that consumption node reaches server, production table establishes production node and reaches the optimal of server
Path, therefore consuming node can be by optimal path from production node acquisition data, to effectively reduce data communication
Delay and cost;It is issued or the newest time of more new data in addition, server saves the producer, in this way, consumer can
To obtain data from the production node for issuing or updating latest data, the real-time and validity of data are ensured that, into
One step reduces the cost and delay that consumption node obtains data.
In the method for the invention, production node is using PUSH message publication and more new data, and PUSH message is by message class
Type, interface ID set, privacy title and load are constituted;Have permission what publication was identified with more newname NA1 in production node P1
Data, under conditions of the entitled PNA1 of the privacy of title NA1, if production node P1 publication or have updated is marked by title NA1
The data of knowledge then execute following processes:
Step 501: starting;
Step 502: production node P1 selects a data table items, and the privacy title of the data table items is equal to PNA1, selection
The privacy title of one cipher key list items, the cipher key list items is equal to PNA1;Produce the public key encryption that node P1 uses the cipher key list items
Data field value in the data table items obtains encrypted data;The node sends a PUSH message, which disappears
Ceasing types value is 6, and interface ID set is equal to sky, and privacy title is equal to PNA1, loads as encrypted data and the data table items
In timestamp;
Step 503: if server receives the PUSH message, then follow the steps 505, it is no to then follow the steps 504;
Step 504: after router receives the PUSH message from interface z1, interface z1 being added to connecing for the PUSH message
In mouth ID set and as the last one element, which selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the PUSH message, which is forwarded by the interface that the interface ID thresholding of the server list item is identified
Message executes step 503;
Step 505: after server receives the PUSH message, selecting a consumption list item, the privacy name of the consumption list item
Claim and interface ID set is respectively equal to the privacy title of the PUSH message and interface ID gathers, more by the timestamp of the consumption list item
It is newly the timestamp in PUSH message load, sets maximum value for life cycle;The server selects all privacy titles
Thresholding is equal to the consumption list item of the PUSH message privacy title, and for each consumption list item chosen, which executes following
Operation: the server gathers the interface ID that the interface ID set of the PUSH message is updated to the consumption list item, sends the push
Message;
Step 506: after node receives the PUSH message, step 508 is executed, it is no to then follow the steps 507;
Step 507: after router receives the PUSH message, selecting the last one member in PUSH message interface ID set
The interface of element mark deletes the last one element from PUSH message interface ID set, sends the push from the interface chosen
Message executes step 506;
Step 508: node selects a cipher key list items after receiving PUSH message, and the privacy title of the cipher key list items is equal to
The privacy title of the PUSH message is decrypted the data encrypted in PUSH message load using the private key of the cipher key list items and is solved
Data after close;The node checks whether that, there are a data table items, the privacy title of the data table items is equal to the PUSH message
Privacy title, if it does, the node then by the data thresholding of the data table items be updated to decryption after data, by timestamp
The timestamp being set as in PUSH message load;Otherwise, which creates a data table items, the privacy name of the data table items
Claim the privacy title for being equal to the PUSH message, data thresholding is equal to the data after decryption, and time stamp setting is negative for the PUSH message
Timestamp in load;
Step 509: terminating.
It produces node and gives publication or the data-pushing updated to consumption node, above-mentioned data-pushing mistake by the above process
Cheng Liyong produces table and consumption schedule is realized, production table establishes the optimal path that production node reaches server, and consumption schedule is established
Consumption node reaches the optimal path of server, therefore produces node and push data into consumption node by optimal path,
To effectively reduce the delay and cost of data-pushing;Meanwhile above-mentioned push process ensures that consumer can be fast at the first time
Speed obtains the data of newest publication or update, it is ensured that the real-time and validity of data.
The utility model has the advantages that the present invention provides a kind of safe internet of things data communication means of new generation, and in the present invention, section
Point can quick obtaining data, considerably reduce data communication delays, improve data communication quality.Present invention can apply to
The numerous areas such as traffic prosecution and agricultural engineerization, are with a wide range of applications.
Detailed description of the invention
The present invention is done with reference to the accompanying drawings and detailed description and is further illustrated, of the invention is above-mentioned
And/or otherwise advantage will become apparent.
Fig. 1 is safeguard service device table flow diagram of the present invention.
Fig. 2 is maintenance consumption schedule flow diagram of the present invention.
Fig. 3 is that maintenance of the present invention produces table flow diagram.
Fig. 4 is acquisition data flow diagram of the present invention.
Fig. 5 is that data of the present invention update flow diagram.
Specific embodiment:
The present invention provides a kind of safe internet of things data communication means of new generation, and in the present invention, node can be fast
Speed obtains data, considerably reduces data communication delays, improves data communication quality.Present invention can apply to traffics
The numerous areas such as prosecution and agricultural engineerization, are with a wide range of applications.
Fig. 1 is safeguard service device table flow diagram of the present invention.The Internet of Things includes more than two routings
Device, more than two servers and more than two nodes;
A kind of data are by a title unique identification;Node is divided into consumption node and production node;Consumption node is to have the right
Limit obtains a kind of node of data, such as obtains TV play video data;Node is produced to have permission publication and updating a kind of number
According to node, such as publication and update TV play video data;
One production node is authorized to publication and updates the data of more than one types, and a type of data can be by two
The publication of production node and update of a above authorization;
The consumption node and production nodal information of the data of one type can only be stored in the server of an authorization, and one
A server can authorize the consumption node for saving a kind of or more than two categorical datas and production nodal information;
One consumption node is authorized to the data for obtaining more than one Class Types;
The corresponding private key of a type of data and a public key, public key be the title of the mark data, private key the
Tripartite's authentication agency issues, such as e-business certification authorized organization (CA, Certificate Authority);
When a consumption node, which is authorized to, obtains a type of data, the private key and public affairs of the type data can be obtained
Key consumes node using the public key of private key encryption the type data of the type data and obtains encrypted title, encrypted
Title is known as privacy title, and Encryption Algorithm can use any rivest, shamir, adelman, such as RSA;When a production node quilt
When authorization issues and updates a type of data, the private key and public key of the type data can be obtained, production node utilizes should
The public key of private key encryption the type data of categorical data obtains the privacy title of the data;It is saved when a server is authorized to
When a kind of consumption node of categorical data and production nodal information, the private key and public key of the type data, the service can be obtained
Device obtains the privacy title of the data using the public key of private key encryption the type data of the type data;
One production node, consumption node and server save a key list respectively;One cipher key list items is by private key, public affairs
Key and privacy title are constituted;
One production node executes operations described below: the production for oneself having permission each type data of publication and update
Node creates a cipher key list items, and the private key thresholding of the cipher key list items is the private key of the type data, and public key thresholding is that mark should
The title of categorical data, privacy title thresholding are the privacy title of the type data;
One consumption node executes operations described below for oneself having permission each type data of acquisition: the consumption node is created
A cipher key list items are built, the private key thresholding of the cipher key list items is the private key of the type data, and public key thresholding is mark the type number
According to title, privacy title thresholding be the type data privacy title;
If a server has permission the consumption node for saving a kind of categorical data and the information for producing node, execute
Operations described below: the server creates a cipher key list items, and the private key thresholding of the cipher key list items is the private key of the type data, public key
Thresholding is to identify the title of the type data, and privacy title thresholding is the privacy title of the type data;
One node or server configure an interface, the more than two interfaces of configuration of routers, the interface
It is divided into Upstream Interface and downstream interface;One Upstream Interface is connected with a router, a downstream interface and a node or
Person's server is connected;
For one interface by an interface ID unique identification, the interface that an interface ID is x is abbreviated as interface x;
Node is communicated by message, and a kind of message is by type of message unique identification;
Value of message types is as follows:
Type of message title |
Value of message types |
Server gives out information |
1 |
Consume message |
2 |
Produce message |
3 |
Request message |
4 |
Response message |
5 |
PUSH message |
6 |
Each router safeguards that a server table, a server list item include the domain interface ID, privacy title-domain and life
Order period region;Server is given out information by sending server come safeguard service device table, and a server gives out information comprising disappearing
Cease type and privacy name set;Server S 1 is connected with router R1, and is periodically executed operations described below with safeguard service device table:
Step 101: starting;
Step 102: server S 1 constructs a key title lumped parameter PNS1, checks cipher key list items and by each key
Privacy title thresholding in list item is added in parameter PNS1, is sent a server and is given out information, which gives out information
Value of message types be 1, privacy name set thresholding be parameter PNS1 value;
Step 103: router R1 is received after the server gives out information from downstream interface f1 and is checked server table;For
Each element E1 in the key name set that the server gives out information, router R1 execute operations described below: if there is one
A server list item, the interface ID of the server list item are equal to f1, and privacy title is equal to element E1 and life cycle is not less than most
The difference of big Lifetime values M1 and threshold value T1, then follow the steps 113, no to then follow the steps 104;Maximum lifetime value M1 and threshold
Value T1 is preset, and M1 is much larger than T1, such as M1 can be 1s with value, and T1 value is 100ms;
Step 104: router R1 judges whether there is a server list item, and the interface ID of the server list item is equal to f1
And privacy title is equal to element E1, it is no to then follow the steps 106 if it is thening follow the steps 105;
Step 105: router R1 selects a server list item, and the interface ID of the server list item is equal to f1 and privacy name
Claim to be equal to element E1, sets maximum lifetime value for the life cycle of the server list item, execute step 107;
Step 106: router R1 creates a server list item, and the interface ID of the server list item is equal to f1, privacy name
Claim to be equal to element E1, life cycle is set as maximum lifetime value;
Step 107: router R1 gives out information from the server that the forwarding of each Upstream Interface receives;
Step 108: router receives after the server gives out information from Upstream Interface f2 and checks server table;For this
Each element E2 in the key name set that server gives out information, the router execute operations described below: if there is one
Server list item, the interface ID of the server list item are equal to f2, and privacy title is equal to element E2 and life cycle is not less than maximum
The difference of Lifetime values M1 and threshold value T1, then follow the steps 113, no to then follow the steps 109;
Step 109: receiving the router that the server gives out information from Upstream Interface f2 and judge whether there is a clothes
It being engaged in device list item, the interface ID of the server list item is equal to f2 and privacy title is equal to element E2, if it is thening follow the steps 110,
It is no to then follow the steps 111;
Step 110: the router that the server gives out information, which is received, from Upstream Interface f2 selects a server list item,
The interface ID of the server list item is equal to f2 and privacy title is equal to element E2, sets the life cycle of the server list item to
Maximum lifetime value executes step 112;
Step 111: the router that the server gives out information, which is received, from Upstream Interface f2 creates a server list item,
The interface ID of the server list item is equal to f2, and privacy title is equal to element E2, and life cycle is set as maximum lifetime value;
Step 112: receiving router that the server gives out information from other than interface f2 from Upstream Interface f2
The server that each Upstream Interface forwarding receives gives out information, and executes step 108;
Step 113: terminating.
Server can be established to the routed path of oneself by the above process, since each router only handles first
A server received gives out information, and is given out information according to the server and is established to the routed path of server, therefore really
Protected router reach the server path performance be it is optimal, to reduce data communication cost and delay.
Fig. 2 is maintenance consumption schedule flow diagram of the present invention.One server safeguards a consumption schedule, each disappears
Expense list item is gathered by interface ID, and privacy title and life cycle are constituted;It consumes node and consumption schedule is safeguarded by consumption message;One
Consuming message includes type of message, interface ID set and privacy title;Consumption node CS1 is periodically executed operations described below maintenance consumption
Table:
Step 201: starting;
Step 202: consumption node CS1 checks key list, for each cipher key list items, consumes node CS1 and executes following behaviour
Make: consumption node CS1 sends a consumption message, and the value of message types of the consumption message is 2, and interface ID collection is combined into sky, privacy
Title is equal to the privacy title of the cipher key list items;
Step 203: judgement is that server or router from interface f3 receive the consumption message, then if it is server
Step 205 is executed, it is no to then follow the steps 204;
Step 204: after router receives the consumption message from interface f3, interface f3 being added to connecing for the consumption message
In mouth ID set and as the last one element;The router selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the consumption message, the interface identified from the interface ID thresholding of the server list item forwards the consumption to disappear
Breath executes step 203;
Step 205: after server receives the consumption message, checking consumption schedule, if there is a consumption list item, this disappears
The privacy title and interface ID set thresholding for taking list item are respectively equal to the privacy title and interface ID set thresholding of the consumption message,
Then maximum value is set by the life cycle of the consumption list item;Otherwise, which creates a consumption list item, the consumption list item
Privacy title and interface ID set thresholding be respectively equal to the consumption message privacy title and interface ID set thresholding, Life Cycle
Phase is set as maximum value;
Step 206: terminating.
Consumer establishes the routed path that server reaches oneself by the above process, since consumer reaches server
Routed path is realized by server table, and server table constructs the optimal routing road that server reaches each router
Diameter, therefore it is also optimal that server, which reaches the performance of the routed path of consumer, to reduce the generation that consumer obtains data
Valence and delay.
Fig. 3 is that maintenance of the present invention produces table flow diagram.One consumption node and production node save respectively
One tables of data;Each data table items include privacy title, data field and timestamp;One server safeguards a production table,
Each production list item is made of interface ID set, privacy title, timestamp and life cycle;It produces node and passes through production message dimension
Probationer nurse produces table;One production message includes type of message, interface ID set and privacy title and timestamp;It is regular to produce node P1
It executes operations described below and safeguards consumption schedule:
Step 301: starting;
Step 302: production node P1 checks key list, for each cipher key list items, produces node P1 and executes operations described below:
It produces node P1 and selects a data table items, the privacy title of the data table items is equal to the privacy title of the cipher key list items, sends
One production message, the value of message types of the production message are 3, and interface ID collection is combined into sky, and privacy title and timestamp are respectively etc.
In the privacy title and timestamp of the data table items;
Step 303: judgement is that server or router from interface x1 receive the production message, then if it is router
Step 305 is executed, it is no to then follow the steps 304;
Step 304: after router receives the production message from interface x1, interface x1 being added to connecing for the production message
In mouth ID set and as the last one element;The router selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the production message, the interface identified from the interface ID thresholding of the server list item forwards the production to disappear
Breath executes step 303;
Step 305: after server receives the production message, production table is checked, if there is a production list item, the life
The privacy title and interface ID set thresholding for producing list item are respectively equal to the privacy title and interface ID set thresholding of the production message,
Then it is the timestamp thresholding of the production message by the time stamp setting of the production list item, sets maximum value for life cycle;It is no
Then, which creates a production list item, and privacy title and interface ID the set thresholding of the production list item are respectively equal to the life
The privacy title and interface ID for producing message gather thresholding, and time stamp setting is the timestamp thresholding of the production message, by Life Cycle
Phase is set as maximum value;
Step 306: terminating.
The producer establishes the routed path that server reaches oneself by the above process, while server also saves production
Person issues the newest time of perhaps more new data in this way, consumer can be from the production section for issuing or updating latest data
Point obtains data, it is ensured that the real-time and validity of data;In addition, the routed path that the producer reaches server is based on server
Table realizes that, since server table constructs optimal routed path that server reaches each router, server reaches
The performance of the routed path of the producer is also optimal, to reduce propelling data and obtain the cost and delay of data.
Fig. 4 is acquisition data flow diagram of the present invention.Consumption node is obtained using request message and response message
Evidence, request message and response message fetch by type of message, interface ID set, privacy title and load are constituted;It is saved in consumption
Point CS1, which has permission, obtains the data that title NA1 is identified, and under conditions of the entitled PNA1 of the privacy of title NA1, consumes node
CS1 obtains the data that title NA1 is identified by following processes:
Step 401: starting;
Step 402: consumption node CS1 sends request message, and the value of message types of the request message is 4, interface ID set
For sky, the entitled PNA1 of privacy is loaded as sky;
Step 403: judgement is that server or router from interface y1 receive the request message, then if it is server
Step 405 is executed, it is no to then follow the steps 404;
Step 404: after router receives the request message from interface y1, interface y1 being added to connecing for the request message
In mouth ID set and as the last one element;The router selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the request message, which is forwarded by the interface that the interface ID thresholding of the server list item is identified
Message executes step 403;
Step 405: after server receives the request message, selecting a consumption list item, the privacy name of the consumption list item
Identical and timestamp is referred to as newest with the privacy title of the request message, one interface ID lumped parameter a1 of the server construction,
The interface ID that the value of parameter a1 is equal to the request message gathers, and sets the consumption schedule for the interface ID set of the request message
The interface ID set of item, load are set as parameter a1, send the request message;
Step 406: if node receives the request message, then follow the steps 410, it is no to then follow the steps 407;
Step 407: if router receives the request message from downstream interface, thening follow the steps 409, otherwise execute step
Rapid 408;
Step 408: router receives the request message from Upstream Interface y2, and interface y2 is added to the request message and is born
In the parameter a1 of load and as the last one element;
Step 409: the router for receiving request message selects the last one element in request message interface ID set
The interface of mark deletes the last one element from request message interface ID set, sends the request from the interface chosen and disappear
Breath executes step 406;
Step 410: the node for receiving request message selects a data table items, and the privacy title of the data table items is equal to
The privacy title of the request message, selects a cipher key list items, and the privacy title of the cipher key list items is equal to the hidden of the request message
Private title;The node obtains encrypted data using the data field value in the public key encryption of the cipher key list items data table items;
The node sends a response message, and the value of message types of the response message is 5, and interface ID set is equal to the request message and loads
In parameter a1, privacy title is equal to the privacy title of the request message, loads as in encrypted data and the data table items
Timestamp;
Step 411: judgement is that node or router receive the response message, thens follow the steps 413 if it is node,
It is no to then follow the steps 412;
Step 412: after router receives the response message, selecting the last one member in response message interface ID set
The interface of element mark deletes the last one element from response message interface ID set, sends the response from the interface chosen
Message executes step 411;
Step 413: node selects a cipher key list items after receiving response message, and the privacy title of the cipher key list items is equal to
The privacy title of the response message is decrypted the data encrypted in response message load using the private key of the cipher key list items and is solved
Data after close;The node judges whether there is a data table items, and the privacy title of the data table items is equal to the response message
Privacy title, if it does, the node then by the data thresholding of the data table items be updated to decryption after data, by timestamp
The timestamp being set as in response message load;Otherwise, which creates a data table items, the privacy name of the data table items
Claim the privacy title for being equal to the response message, data thresholding is equal to the data after decryption, and time stamp setting is negative for the response message
Timestamp in load;
Step 414: terminating.
Data needed for consumption node obtains by the above process, since data communication is realized using consumption schedule and production table,
And consumption schedule establishes the optimal path that consumption node reaches server, production table establishes production node and reaches the optimal of server
Path, therefore consuming node can be by optimal path from production node acquisition data, to effectively reduce data communication
Delay and cost;It is issued or the newest time of more new data in addition, server saves the producer, in this way, consumer can
To obtain data from the production node for issuing or updating latest data, the real-time and validity of data are ensured that, into
One step reduces the cost and delay that consumption node obtains data.
Fig. 5 is that data of the present invention update flow diagram.It produces node and number is issued and updated using PUSH message
According to PUSH message is made of type of message, interface ID set, privacy title and load;Production node P1 have permission publication and
The data that more newname NA1 is identified, under conditions of the entitled PNA1 of the privacy of title NA1, if production node P1 publication or
Person has updated the data identified by title NA1, then executes following processes:
Step 501: starting;
Step 502: production node P1 selects a data table items, and the privacy title of the data table items is equal to PNA1, selection
The privacy title of one cipher key list items, the cipher key list items is equal to PNA1;Produce the public key encryption that node P1 uses the cipher key list items
Data field value in the data table items obtains encrypted data;The node sends a PUSH message, which disappears
Ceasing types value is 6, and interface ID set is equal to sky, and privacy title is equal to PNA1, loads as encrypted data and the data table items
In timestamp;
Step 503: if server receives the PUSH message, then follow the steps 505, it is no to then follow the steps 504;
Step 504: after router receives the PUSH message from interface z1, interface z1 being added to connecing for the PUSH message
In mouth ID set and as the last one element, which selects a server list item, the privacy name of the server list item
Claim the privacy title for being equal to the PUSH message, which is forwarded by the interface that the interface ID thresholding of the server list item is identified
Message executes step 503;
Step 505: after server receives the PUSH message, selecting a consumption list item, the privacy name of the consumption list item
Claim and interface ID set is respectively equal to the privacy title of the PUSH message and interface ID gathers, more by the timestamp of the consumption list item
It is newly the timestamp in PUSH message load, sets maximum value for life cycle;The server selects all privacy titles
Thresholding is equal to the consumption list item of the PUSH message privacy title, and for each consumption list item chosen, which executes following
Operation: the server gathers the interface ID that the interface ID set of the PUSH message is updated to the consumption list item, sends the push
Message;
Step 506: after node receives the PUSH message, step 508 is executed, it is no to then follow the steps 507;
Step 507: after router receives the PUSH message, selecting the last one member in PUSH message interface ID set
The interface of element mark deletes the last one element from PUSH message interface ID set, sends the push from the interface chosen
Message executes step 506;
Step 508: node selects a cipher key list items after receiving PUSH message, and the privacy title of the cipher key list items is equal to
The privacy title of the PUSH message is decrypted the data encrypted in PUSH message load using the private key of the cipher key list items and is solved
Data after close;The node checks whether that, there are a data table items, the privacy title of the data table items is equal to the PUSH message
Privacy title, if it does, the node then by the data thresholding of the data table items be updated to decryption after data, by timestamp
The timestamp being set as in PUSH message load;Otherwise, which creates a data table items, the privacy name of the data table items
Claim the privacy title for being equal to the PUSH message, data thresholding is equal to the data after decryption, and time stamp setting is negative for the PUSH message
Timestamp in load;
Step 509: terminating.
It produces node and gives publication or the data-pushing updated to consumption node, above-mentioned data-pushing mistake by the above process
Cheng Liyong produces table and consumption schedule is realized, production table establishes the optimal path that production node reaches server, and consumption schedule is established
Consumption node reaches the optimal path of server, therefore produces node and push data into consumption node by optimal path,
To effectively reduce the delay and cost of data-pushing;Meanwhile above-mentioned push process ensures that consumer can be fast at the first time
Speed obtains the data of newest publication or update, it is ensured that the real-time and validity of data.
Embodiment 1
Based on the simulation parameter of table 1, the present embodiment simulates the internet of things data of new generation of one of present invention safety
Communication means, performance evaluation are as follows: when volume of transmitted data increases, data communication delays increase, when volume of transmitted data is reduced,
Data communication delays are reduced, and data communication average retardation is 1205ms.
1 simulation parameter of table
The present invention provides a kind of thinkings of safe internet of things data communication means of new generation, implement the technical side
There are many method and approach of case, the above is only a preferred embodiment of the present invention, it is noted that for the art
For those of ordinary skill, various improvements and modifications may be made without departing from the principle of the present invention, these improvement
It also should be regarded as protection scope of the present invention with retouching.The available prior art of each component part being not known in the present embodiment is subject to
It realizes.