CN110505224B - Building communication system and communication method thereof - Google Patents

Building communication system and communication method thereof Download PDF

Info

Publication number
CN110505224B
CN110505224B CN201910767992.3A CN201910767992A CN110505224B CN 110505224 B CN110505224 B CN 110505224B CN 201910767992 A CN201910767992 A CN 201910767992A CN 110505224 B CN110505224 B CN 110505224B
Authority
CN
China
Prior art keywords
random code
equipment
server
ciphertext
plaintext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910767992.3A
Other languages
Chinese (zh)
Other versions
CN110505224A (en
Inventor
石庆谱
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Chanxintong Technology Co ltd
Original Assignee
Foshan Amplitec Tech Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Foshan Amplitec Tech Development Co ltd filed Critical Foshan Amplitec Tech Development Co ltd
Priority to CN201910767992.3A priority Critical patent/CN110505224B/en
Publication of CN110505224A publication Critical patent/CN110505224A/en
Application granted granted Critical
Publication of CN110505224B publication Critical patent/CN110505224B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Abstract

The invention discloses a building communication system and a method thereof, wherein the system comprises a device end and a server end; the method comprises the following steps: generating a random code, encrypting the random code and an equipment terminal identification code to obtain a ciphertext, sending the ciphertext to a server terminal, disassembling the plaintext to obtain the random code and a user request, comparing the difference between the random code received from the server terminal and the random code generated by the server terminal, and making a corresponding action according to the request; and analyzing the ciphertext, restoring to obtain the random code and the equipment end identification number, matching the equipment end identification number, combining the random code and a user request to form a plaintext, and sending the plaintext and the equipment end identification number to a corresponding equipment end. The method and the system increase the difficulty of decryption, so that the communication between the server side and the equipment side is more secret, and the communication safety between the server side and the equipment side is ensured. The system and the method are mainly used for building communication.

Description

Building communication system and communication method thereof
Technical Field
The invention relates to the technical field of communication, in particular to a building communication system and a communication method thereof.
Background
In the current intelligent building communication system, data acquisition is an indispensable important link, and the safety of data exchange between equipment ends of the intelligent building communication system is often of great importance. In order to protect key parameters of the intelligent building communication system and ensure that the normal operation of the equipment end is not maliciously changed and attacked, data transmitted on the intelligent building communication system must be encrypted and protected. However, in current practical application, communication data of a plurality of intelligent building communication systems all adopt a single software encryption mode or even no encryption mode, and the communication data are easy to crack and leak.
Disclosure of Invention
The invention aims to provide an intelligent building communication system and a communication method which are difficult to crack and divulge secret.
The solution of the invention for solving the technical problem is as follows: a communication method of a building communication system is applied to the building communication system with a device end-server end architecture, and comprises the following steps:
step 1, generating a random code by an equipment end;
step 2, the equipment end encrypts the random code and the equipment end identification code to obtain a ciphertext;
step 3, the equipment end sends the ciphertext to the server end;
step 4, the server side analyzes the ciphertext and restores the ciphertext to obtain the random code and the equipment side identification number;
step 5, the server side matches the equipment side identification number obtained by the reduction in the step 4, if the matching is successful, the step 6 is executed, and if the matching is failed, the step 7 is executed;
step 6, the server combines the random code and the user request to form a plaintext;
step 7, the server side does not process the operation;
step 8, the server side sends the plaintext and the equipment side identification number to a corresponding equipment side;
step 9, the equipment terminal disassembles the plaintext to obtain a random code and a user request;
step 10, the equipment end compares the random code obtained in the step 9 with the random code generated by the equipment end in the step 1, if the random code is consistent with the random code, the step 11 is executed, and if the random code is not consistent with the random code, the step 12 is executed;
step 11, the equipment terminal makes corresponding action according to the user request;
and step 12, the equipment end does not process the request.
Further, the communication method further includes step 13, where the step 13 is executed after the step 11 is executed, and the step 13 is: and the equipment side deletes the random code.
Further, the server side is a cloud server side.
Further, an intermediate server is arranged between the server and the equipment, and the intermediate server is used for transmitting information between the equipment and the server.
A building communication system comprises a device end and a server end; the device side is used for comprising: generating a random code, encrypting the random code and an equipment terminal identification code to obtain a ciphertext, sending the ciphertext to a server terminal, disassembling the plaintext to obtain the random code and a user request, comparing the difference between the random code received from the server terminal and the random code generated by the server terminal, and making a corresponding action according to the request; the server side is used for comprising: and analyzing the ciphertext, restoring to obtain the random code and the equipment end identification number, matching the equipment end identification number, combining the random code and a user request to form a plaintext, and sending the plaintext and the equipment end identification number to a corresponding equipment end.
Further, the server side is a cloud server side.
The invention has the beneficial effects that: the method and the system increase the difficulty of decryption, so that the communication between the server side and the equipment side is more secret, and the communication safety between the server side and the equipment side is ensured.
Drawings
In order to more clearly illustrate the technical solution in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is clear that the described figures are only some embodiments of the invention, not all embodiments, and that a person skilled in the art can also derive other designs and figures from them without inventive effort.
Fig. 1 is a flow chart of the steps of the present communication method;
FIG. 2 is a block diagram of communication logic in an industrial application.
Detailed Description
The conception, the specific structure and the technical effects produced by the present invention will be clearly and completely described in conjunction with the embodiments and the attached drawings, so as to fully understand the objects, the features and the effects of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments, and those skilled in the art can obtain other embodiments without inventive effort based on the embodiments of the present invention, and all embodiments are within the protection scope of the present invention. In addition, all the coupling/connection relationships mentioned herein do not mean that the components are directly connected, but mean that a better coupling structure can be formed by adding or reducing coupling accessories according to specific implementation conditions. The technical characteristics in the invention can be combined interactively on the premise of not conflicting with each other.
Embodiment 1, referring to fig. 1, a communication method of a building communication system, where the method is mainly used in a building communication system formed by a device-server architecture, and the method includes:
s100, generating a random code by a device side;
s200, the equipment end encrypts the random code and the equipment end identification code to obtain a ciphertext;
step S300, the equipment side sends the ciphertext to the server side;
s400, the server side analyzes the ciphertext and restores the ciphertext to obtain the random code and the equipment side identification number;
step S500, the server side matches the equipment side identification number obtained by the restoration in the step S400; in step S500, if the matching is successful, step S600 is executed, and if the matching is failed, step S700 is executed;
step S600, the server combines the random code and the user request to form a plaintext;
step S700, the server side does not process the operation;
step S800, the server side sends the plaintext and the equipment side identification number to a corresponding equipment side;
step S900, the equipment terminal disassembles the plaintext to obtain a random code and a user request;
s1000, comparing the random code obtained in the S900 with the random code generated by the equipment in the S100 by the equipment; in step S1000, if the comparison is consistent, step S1100 is executed, and if the comparison is inconsistent, step S1200 is executed;
step S1100, the equipment terminal makes corresponding action according to the user request; when the step S1100 is completed, go to step S1300;
and step S1200, the equipment end does not process the request.
And step S1300, deleting the random code at the time by the equipment terminal.
The method increases the difficulty of decryption, so that the communication between the server side and the equipment side is more secret, and the communication safety between the server side and the equipment side is ensured.
It should be noted that: the communication system of the device side-server side architecture refers to: the communication system is provided with a device side and a server side, and the device side and the server side are communicated with each other. In step S500, the server-side matching step S400 restores the obtained device-side identification number, where the matching method is the prior art, and in an embodiment, the matching method is to pre-enter a number having a mapping relationship with the device-side identification number through the server side, and through the mapping relationship, it can be known whether the device-side identification number obtained by the server side is the pre-entered and mapped identification number is established, so as to determine whether the device-side identification number is legal.
As a further preferred mode of the foregoing embodiment, the server is a cloud server. The analyzed work is put into the cloud server side, and the resources of local computing can be solved.
As a further preferred mode of the above embodiment, an intermediate server is provided between the server and the device, and the intermediate server is configured to transmit information between the device and the server. The intermediate server can be a local server, and the whole equipment-server architecture is more complete by using the intermediate server as a bridge for transmitting information.
To better illustrate the industrial applicability of the method, a practical example is described below. For example: referring to fig. 2, a user attempts to communicate with a device, logs into the client via a computer, and sends an instruction. After receiving the instruction, the cloud server sends an activation instruction corresponding to the equipment to a local server of the floor according to the floor bound by the corresponding equipment, the local server receives the instruction and sends the equipment code identified by the instruction message header to the specified equipment, the equipment generates a section of random code after receiving the instruction, then the random code and a preset equipment identification number are encrypted (by the existing encryption method) to obtain a ciphertext, the ciphertext is returned to the local server, the local server sends the ciphertext to the cloud server, and the cloud server decrypts by using a corresponding decryption method (by the existing decryption method) to obtain the random code and the equipment identification number. And comparing the obtained equipment identification number with the equipment identification number in the cloud database, if the equipment identification number is successfully matched, recombining the analyzed random code and the user instruction into a plaintext, sending the plaintext and the equipment identification number back to the local server, and sending the plaintext to the specified equipment by the local server according to the equipment identification number. And after receiving the plaintext, the equipment disassembles the plaintext to obtain the random code and the user request. The equipment compares the received random code with the random code generated by the equipment, judges whether the two random codes are consistent, and if the random codes are not consistent, the equipment does not reason for the inconsistency; and if the random codes are consistent, the equipment makes corresponding action according to the user request and deletes the random codes. After the device executes the completion action, the device information is returned to the local server, the local server records the device information and uploads the device information to the cloud server, and the cloud server also records the device information and feeds the device information back to the user PC terminal to display that the operation is successful.
A building communication system comprises a device end and a server end; the device side is used for comprising: generating a random code, encrypting the random code and an equipment terminal identification code to obtain a ciphertext, sending the ciphertext to a server terminal, disassembling the plaintext to obtain the random code and a user request, comparing the difference between the random code received from the server terminal and the random code generated by the server terminal, and making a corresponding action according to the request; the server side is used for comprising: and analyzing the ciphertext, restoring to obtain the random code and the equipment end identification number, matching the equipment end identification number, combining the random code and a user request to form a plaintext, and sending the plaintext and the equipment end identification number to a corresponding equipment end. The server side is a cloud server side. The communication system is used for executing the communication method of any of the above embodiments, so that the communication system has the advantages of the above communication method, and the description is not repeated here.
While the preferred embodiments of the present invention have been illustrated and described, it will be understood by those skilled in the art that the present invention is not limited to the details of the embodiments shown and described, but is capable of numerous equivalents and substitutions without departing from the spirit of the invention and its scope is defined by the claims appended hereto.

Claims (3)

1. A communication method of a building communication system, the method is applied to the building communication system with a device end-server end architecture, and is characterized by comprising the following steps:
step 1, after receiving a user request, a server end sends an instruction to an equipment end, and the equipment end generates a random code;
step 2, the equipment end encrypts the random code and the equipment end identification code to obtain a ciphertext;
step 3, the equipment end sends the ciphertext to the server end;
step 4, the server side analyzes the ciphertext and restores the ciphertext to obtain the random code and the equipment side identification number;
step 5, the server side matches the equipment side identification number obtained by the reduction in the step 4, if the matching is successful, the step 6 is executed, and if the matching is failed, the step 7 is executed;
step 6, the server combines the random code and the user request to form a plaintext; executing the step 8;
step 7, the server side does not process the operation; the flow is finished;
step 8, the server side sends the plaintext and the equipment side identification number to a corresponding equipment side;
step 9, the equipment terminal disassembles the plaintext to obtain a random code and a user request;
step 10, the equipment end compares the random code obtained in the step 9 with the random code generated by the equipment end in the step 1, if the random code is consistent with the random code, the step 11 is executed, and if the random code is not consistent with the random code, the step 12 is executed;
step 11, the equipment terminal makes corresponding action according to the user request; executing step 13;
step 12, the equipment end does not process the request; the flow is finished;
step 13, the equipment side deletes the random code; the server side is a cloud server side.
2. A communication method for building communication system as claimed in claim 1, characterized in that there is an intermediate server side between the server side and the device side, said intermediate server side being used for transferring information between the device side and the server side.
3. A building communication system is characterized by comprising an equipment end and a server end;
the device side is used for comprising: generating a random code after receiving an instruction sent by a server, encrypting the random code and an equipment terminal identification code to obtain a ciphertext, sending the ciphertext to the server, receiving a plaintext and an equipment terminal identification code sent by the server, disassembling the plaintext to obtain a random code and a user request, comparing the difference between the random code received from the server and the random code generated by the server, and if the random code is consistent with the equipment terminal identification code, making a corresponding action according to the request; the server side is used for comprising: receiving a user request sent by a user, sending an instruction to an equipment end, receiving a ciphertext sent by the equipment end, analyzing the ciphertext, restoring to obtain the random code and an equipment end identification number, matching the equipment end identification number, and combining the random code and the user request to form a plaintext when the matching is successful,
sending the plaintext and the equipment end identification number to a corresponding equipment end;
the server side is a cloud server side.
CN201910767992.3A 2019-08-20 2019-08-20 Building communication system and communication method thereof Active CN110505224B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910767992.3A CN110505224B (en) 2019-08-20 2019-08-20 Building communication system and communication method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910767992.3A CN110505224B (en) 2019-08-20 2019-08-20 Building communication system and communication method thereof

Publications (2)

Publication Number Publication Date
CN110505224A CN110505224A (en) 2019-11-26
CN110505224B true CN110505224B (en) 2022-05-20

Family

ID=68588880

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910767992.3A Active CN110505224B (en) 2019-08-20 2019-08-20 Building communication system and communication method thereof

Country Status (1)

Country Link
CN (1) CN110505224B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103383784A (en) * 2012-05-05 2013-11-06 Abb股份公司 Method for communicating securely between mobile terminal and apparatus for building system technology or door communication
CN106101097A (en) * 2016-06-08 2016-11-09 美的集团股份有限公司 Home appliance and with the communication system of Cloud Server and method, Cloud Server
CN106603496A (en) * 2016-11-18 2017-04-26 新智数字科技有限公司 Data transmission protection method, intelligent card, server, and communication system
CN106656481A (en) * 2016-10-28 2017-05-10 美的智慧家居科技有限公司 Identity authentication method, apparatus and system
CN107710674A (en) * 2015-06-26 2018-02-16 三菱电机大楼技术服务株式会社 Verification System
CN109391468A (en) * 2017-08-14 2019-02-26 杭州萤石网络有限公司 A kind of authentication method and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107404461B (en) * 2016-05-19 2021-01-26 阿里巴巴集团控股有限公司 Data secure transmission method, client and server method, device and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103383784A (en) * 2012-05-05 2013-11-06 Abb股份公司 Method for communicating securely between mobile terminal and apparatus for building system technology or door communication
CN107710674A (en) * 2015-06-26 2018-02-16 三菱电机大楼技术服务株式会社 Verification System
CN106101097A (en) * 2016-06-08 2016-11-09 美的集团股份有限公司 Home appliance and with the communication system of Cloud Server and method, Cloud Server
CN106656481A (en) * 2016-10-28 2017-05-10 美的智慧家居科技有限公司 Identity authentication method, apparatus and system
CN106603496A (en) * 2016-11-18 2017-04-26 新智数字科技有限公司 Data transmission protection method, intelligent card, server, and communication system
CN109391468A (en) * 2017-08-14 2019-02-26 杭州萤石网络有限公司 A kind of authentication method and system

Also Published As

Publication number Publication date
CN110505224A (en) 2019-11-26

Similar Documents

Publication Publication Date Title
CN103595718B (en) A kind of POS terminal Activiation method, system, service platform and POS terminal
EP1748594A1 (en) Method for realizng transmission of syncml synchronous data
CN111884811B (en) Block chain-based data evidence storing method and data evidence storing platform
CN109995530B (en) Safe distributed database interaction system suitable for mobile positioning system
CN112367164B (en) Service request processing method and device, computer equipment and storage medium
CN105450658A (en) System login method and device
CN115022101B (en) Account data changing method and device, computer equipment and storage medium
US10419212B2 (en) Methods, systems, apparatuses, and devices for securing network communications using multiple security protocols
CN112751851A (en) SSH login success behavior judgment method, device and storage medium
CN108319857A (en) Trusted application adds unlocking method and system
CN114143117A (en) Data processing method and device
US20140038650A1 (en) Short message backup method, mobile terminal, and server
CN110505184B (en) Enterprise network disk safe login authentication system and method
CN112261002B (en) Data interface docking method and device
JPH10242957A (en) User authentication method, system therefor and storage medium for user authentication
CN110505224B (en) Building communication system and communication method thereof
CN116502732B (en) Federal learning method and system based on trusted execution environment
CN110166460B (en) Service account registration method and device, storage medium and electronic device
CN100561913C (en) A kind of method of access code equipment
CN115988468A (en) Bluetooth transmission method and system based on linkage of software, terminal equipment and server
CN113051585B (en) Data verification method and device, electronic equipment and storage medium
CN113709128A (en) IROS system communication method and device based on block chain
CN111327600A (en) Manufacturing service resource integration system and method based on SaaS cloud platform
CN115001719B (en) Private data processing system, method, device, computer equipment and storage medium
CN113411316A (en) MES system data communication method and system based on WCF protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 528000 area a, 3rd floor, workshop 1, No. 68, Taoyuan East Road, Shishan town, Nanhai District, Foshan City, Guangdong Province (residence declaration)

Patentee after: Guangdong chanxintong Technology Co.,Ltd.

Address before: 528000 area a, 3rd floor, workshop 1, No. 68, Taoyuan East Road, Shishan town, Nanhai District, Foshan City, Guangdong Province (residence declaration)

Patentee before: FOSHAN AMPLITEC TECH DEVELOPMENT Co.,Ltd.