CN110505242A - The management method of internet of things equipment, apparatus and system - Google Patents
The management method of internet of things equipment, apparatus and system Download PDFInfo
- Publication number
- CN110505242A CN110505242A CN201910874320.2A CN201910874320A CN110505242A CN 110505242 A CN110505242 A CN 110505242A CN 201910874320 A CN201910874320 A CN 201910874320A CN 110505242 A CN110505242 A CN 110505242A
- Authority
- CN
- China
- Prior art keywords
- internet
- things equipment
- certificate
- portable servicer
- digital certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3265—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of management methods of internet of things equipment, applied to portable servicer, the portable servicer is connect with the internet of things equipment by data transmission interface, for the management method of the internet of things equipment the following steps are included: in the access instruction for receiving mobile terminal, the portable servicer feeds back set interface to the mobile terminal;After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, the setting data encrypted are decrypted;Setting data after decryption are sent to the internet of things equipment of the portable servicer connection.The invention also discloses a kind of managing device of internet of things equipment and systems, when user carries out data interaction by mobile terminal and portable servicer, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is safer.
Description
Technical field
The present invention relates to internet of things equipment technical field more particularly to the management methods of internet of things equipment, apparatus and system.
Background technique
Interaction between current various internet of things equipment and user terminal is all by the way of browsing device net page interface.With
Family is managed internet of things equipment by the login account in browsing device net page interface.
In the process, the transmission of data is all based on hypertext transfer protocol (HTTP, Hyper Text Transfer
Protocol it) carries out, but hypertext transfer protocol belongs to plaintext agreement, causes data transmission very dangerous, so that object
Networked devices and user terminal can all have security risk.
Above content is only used to facilitate the understanding of the technical scheme, and is not represented and is recognized that above content is existing skill
Art.
Summary of the invention
The main purpose of the present invention is to provide a kind of management methods of internet of things equipment, apparatus and system, it is intended to user
When carrying out data interaction by mobile terminal and portable servicer, data are transmitted by way of encryption, make total
Safer according to transmitting, internet of things equipment management is safer.
To achieve the above object, the present invention provides a kind of management method of internet of things equipment, is applied to portable servicer,
The portable servicer is connect with the internet of things equipment by data transmission interface, the management method of the internet of things equipment
The following steps are included:
In the access instruction for receiving mobile terminal, the portable servicer feeds back setting circle to the mobile terminal
Face;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, encrypted to described
Setting data be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for described
Internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
Optionally, the portable servicer to the mobile terminal feed back set interface the step of include:
The digital certificate that the portable servicer stores is sent to the mobile terminal by the portable servicer,
In, the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and encrypted key is sent to
The portable servicer;
The encrypted key received is decrypted according to the digital certificate, and stores the key that decryption obtains,
In, the setting data encrypted described in the key pair by storage are decrypted;
The set interface is encrypted according to the key of storage, and encrypted set interface is sent to the movement
Terminal.
Optionally, the digital certificate that the portable servicer stores is sent to the movement by the portable servicer
Before the step of terminal, the management method of the internet of things equipment further include:
In the portable servicer First Contact Connections local area network, obtain the portable servicer device certificate and
Device private;
The device private of the portable servicer is called to generate certificate chain according to the device certificate;
It calls the device private to generate the digital certificate according to the certificate chain and the device certificate, and stores institute
State digital certificate.
Optionally, described that the digital certificate is generated according to the certificate chain, the device certificate and the device private
The step of include:
Obtain the corresponding default mark of the portable servicer;
The device private is called to generate the number according to the default mark, the certificate chain and the device certificate
Certificate.
To achieve the above object, the present invention provides a kind of management method of internet of things equipment, is applied to mobile terminal, described
The management method of internet of things equipment the following steps are included:
When detecting the access instruction of user's triggering, the access instruction is sent to portable servicer, wherein institute
It states portable servicer and is connect with the internet of things equipment by data transmission interface;
In the set interface for receiving the portable servicer feedback, the set interface is shown, and according to the use
Family obtains setting data based on the operation of the set interface;
The setting data are encrypted, and give the setting data feedback encrypted to the portable servicer,
In, the setting data encrypted are decrypted in the portable servicer, and the setting data after decryption are sent to
The internet of things equipment of connection sets so that the internet of things equipment carries out Internet of Things according to the setting data after the decryption
It sets.
Optionally, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, the movement is encrypted according to the digital certificate
The key of terminal, wherein the setting data are encrypted by the key;
Encrypted key is sent to the portable servicer, wherein the portable servicer is according to the number
Word certificate decrypts the encrypted key received, and stores the key that decryption obtains, and passes through the key pair of storage
The setting data encrypted are decrypted.
Optionally, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, tested according to the certificate chain in the digital certificate
Demonstrate,prove the validity of the digital certificate, wherein the portable servicer calls described portable in First Contact Connections local area network
The device private of formula server generates the certificate chain according to device certificate, call the device private according to the certificate chain and
The device certificate generates the digital certificate;
When the digital certificate is effective, the key of the mobile terminal is encrypted according to the digital certificate.
Optionally, the digital certificate further includes default mark, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, detect in the digital certificate with the presence or absence of institute
State default mark, wherein the portable servicer calls the device private corresponding pre- according to the portable servicer
Bidding is known, the certificate chain and the device certificate generate the digital certificate;
When there are the default mark, executes the certificate chain verifying number according in the digital certificate and demonstrate,prove
The step of validity of book.
In addition, to achieve the above object, the present invention also provides a kind of managing device of internet of things equipment, the Internet of Things is set
Standby managing device includes: memory, processor and is stored in the number that can be run on the memory and on the processor
According to transmission method program, when the transmission method program of the data is executed by the processor realize as described above any one of
The step of transmission method of the data.
In addition, to achieve the above object, the present invention also provides a kind of management system of internet of things equipment, the Internet of Things is set
Standby management system includes:
The managing device of internet of things equipment, the managing device of the internet of things equipment are internet of things equipment as described above
Managing device;
The managing device of internet of things equipment, the internet of things equipment and the internet of things equipment is connected by data transmission interface
It connects.
The management method for the internet of things equipment that the embodiment of the present invention proposes is applied to portable servicer, described portable
Server is connect with the internet of things equipment by data transmission interface, described in the access instruction for receiving mobile terminal
Portable servicer feeds back set interface to the mobile terminal, receives what the mobile terminal was fed back by the set interface
After the setting data encrypted, the setting data encrypted are decrypted, the setting data after decryption are sent to institute
The internet of things equipment of portable servicer connection is stated, so that the internet of things equipment is according to the setting data after the decryption
Carry out Internet of Things setting.In the present invention, when user carries out data interaction by mobile terminal and portable servicer, by adding
Close mode transmits data, so that data transmission is safer, internet of things equipment management is safer.
Detailed description of the invention
Fig. 1 is the terminal structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to;
Fig. 2 is the flow diagram of an embodiment of the management method of internet of things equipment of the present invention;
Fig. 3 is the refinement flow diagram of step S10 in Fig. 2;
Fig. 4 is the flow diagram of the management method another embodiment of internet of things equipment of the present invention;
Fig. 5 is the flow diagram of the another embodiment of management method of internet of things equipment of the present invention.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The primary solutions of the embodiment of the present invention are:
In the access instruction for receiving mobile terminal, the portable servicer feeds back setting circle to the mobile terminal
Face;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, encrypted to described
Setting data be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for described
Internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
Since in the prior art, the data transmission between internet of things equipment and user terminal is all based on Hyper text transfer association
(HTTP, Hyper Text Transfer Protocol) progress is discussed, but hypertext transfer protocol belongs to plaintext agreement, leads
Cause data transmission very dangerous, so that internet of things equipment and user terminal can all have security risk.
The present invention provides a solution, carries out data interaction by mobile terminal and portable servicer in user
When, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is safer.
As shown in Figure 1, Fig. 1 is the terminal structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to.
First terminal of the embodiment of the present invention is portable servicer.
As shown in Figure 1, the terminal may include: processor 1001, such as CPU, network interface 1004, user interface
1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these components.
User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user interface
1003 can also include standard wireline interface and wireless interface.Network interface 1004 optionally may include that the wired of standard connects
Mouth, wireless interface (such as WI-FI interface).Memory 1005 can be high speed RAM memory, be also possible to stable memory
(non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processor
1001 storage device.
It will be understood by those skilled in the art that the restriction of the not structure paired terminal of terminal structure shown in Fig. 1, can wrap
It includes than illustrating more or fewer components, perhaps combines certain components or different component layouts.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage medium
Believe module, the management program of Subscriber Interface Module SIM and internet of things equipment, processor 1001 can be used for calling memory 1005
The management program of the internet of things equipment of middle storage, and execute following operation:
In the access instruction for receiving mobile terminal, the portable servicer feeds back setting circle to the mobile terminal
Face;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, encrypted to described
Setting data be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for described
Internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also
Execute following operation:
The digital certificate that the portable servicer stores is sent to the mobile terminal by the portable servicer,
In, the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and encrypted key is sent to
The portable servicer;
The encrypted key received is decrypted according to the digital certificate, and stores the key that decryption obtains,
In, the setting data encrypted described in the key pair by storage are decrypted;
The set interface is encrypted according to the key of storage, and encrypted set interface is sent to the movement
Terminal.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also
Execute following operation:
In the portable servicer First Contact Connections local area network, obtain the portable servicer device certificate and
Device private;
The device private of the portable servicer is called to generate certificate chain according to the device certificate;
It calls the device private to generate the digital certificate according to the certificate chain and the device certificate, and stores institute
State digital certificate.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also
Execute following operation:
Obtain the corresponding default mark of the portable servicer;
The device private is called to generate the number according to the default mark, the certificate chain and the device certificate
Certificate.
Second terminal of the embodiment of the present invention is mobile terminal.
As shown in Figure 1, the terminal may include: processor 1001, such as CPU, network interface 1004, user interface
1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these components.
User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user interface
1003 can also include standard wireline interface and wireless interface.Network interface 1004 optionally may include that the wired of standard connects
Mouth, wireless interface (such as WI-FI interface).Memory 1005 can be high speed RAM memory, be also possible to stable memory
(non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processor
1001 storage device.
It will be understood by those skilled in the art that the restriction of the not structure paired terminal of terminal structure shown in Fig. 1, can wrap
It includes than illustrating more or fewer components, perhaps combines certain components or different component layouts.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage medium
Believe module, the management program of Subscriber Interface Module SIM and internet of things equipment, processor 1001 can be used for calling memory 1005
The management program of the internet of things equipment of middle storage, and execute following operation:
When detecting the access instruction of user's triggering, the access instruction is sent to portable servicer, wherein institute
It states portable servicer and is connect with the internet of things equipment by data transmission interface;
In the set interface for receiving the portable servicer feedback, the set interface is shown, and according to the use
Family obtains setting data based on the operation of the set interface;
The setting data are encrypted, and give the setting data feedback encrypted to the portable servicer,
In, the setting data encrypted are decrypted in the portable servicer, and the setting data after decryption are sent to
The internet of things equipment of connection sets so that the internet of things equipment carries out Internet of Things according to the setting data after the decryption
It sets.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also
Execute following operation:
When receiving the digital certificate that the portable servicer is sent, the movement is encrypted according to the digital certificate
The key of terminal, wherein the setting data are encrypted by the key;
Encrypted key is sent to the portable servicer, wherein the portable servicer is according to the number
Word certificate decrypts the encrypted key received, and stores the key that decryption obtains, and passes through the key pair of storage
The setting data encrypted are decrypted.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also
Execute following operation:
When receiving the digital certificate that the portable servicer is sent, tested according to the certificate chain in the digital certificate
Demonstrate,prove the validity of the digital certificate, wherein the portable servicer calls described portable in First Contact Connections local area network
The device private of formula server generates the certificate chain according to device certificate, call the device private according to the certificate chain and
The device certificate generates the digital certificate;
When the digital certificate is effective, the key of the mobile terminal is encrypted according to the digital certificate.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also
Execute following operation:
When receiving the digital certificate that the portable servicer is sent, detect in the digital certificate with the presence or absence of institute
State default mark, wherein the portable servicer calls the device private corresponding pre- according to the portable servicer
Bidding is known, the certificate chain and the device certificate generate the digital certificate;
When there are the default mark, executes the certificate chain verifying number according in the digital certificate and demonstrate,prove
The step of validity of book.
Referring to Fig. 2, in one embodiment, it is applied to portable servicer, the management method of the internet of things equipment includes
Following steps:
Step S10, in the access instruction for receiving mobile terminal, the portable servicer is anti-to the mobile terminal
Present set interface;
In the present embodiment, portable servicer is connect with internet of things equipment by data transmission interface, and user passes through shifting
Dynamic terminal access portable servicer, so that portable servicer controls internet of things equipment by data transmission interface, thus real
Now pass through the purpose of mobile terminal administration internet of things equipment.Due to portable servicer be for managing internet of things equipment,
It is lower for the performance requirement of portable servicer, portable servicer can be integrated in system level chip (System on Chip,
SoC in), to reduce production cost.Due to the small volume of system level chip, portable servicer can be built in Internet of Things
In net equipment, and user can insert or pull out system level chip at any time so that portable servicer using more convenient.Just
Formula server is taken when receiving the access instruction of mobile terminal transmission, portable servicer feeds back to set interface mobile whole
End, so that user manages internet of things equipment in the set interface that mobile terminal receives, wherein set interface be with it is portable
Server connection the corresponding equipment management interface of internet of things equipment, and set interface be stored in advance in portable servicer or
In internet of things equipment.
Step S20, after receiving the setting data encrypted that the mobile terminal is fed back by the set interface, to institute
The setting data encrypted are stated to be decrypted;
In the present embodiment, portable servicer is after feeding back to mobile terminal for set interface, if receiving mobile whole
When holding the setting data encrypted fed back by set interface, the setting data encrypted are decrypted, to obtain user
For the setting data of internet of things equipment.The encryption that data are arranged is based on Hyper text transfer security protocol (Hypertext
Transfer Protocol Secure, HTTPS), it can specifically use symmetric cryptography or asymmetric encryption.It needs to illustrate
It is that portable servicer is sent to the set interface of mobile terminal and mobile terminal is sent to the setting of portable servicer
Data can be encrypted, so that data transmission is safer, and improve the safety of LAN system.
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection by step S30,
So that the internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
In the present embodiment, portable servicer is after the setting data deciphering that will have been encrypted, by the setting number after decryption
According to being sent in the internet of things equipment being connected to portable servicer.Setting data of the internet of things equipment after receiving decryption
Afterwards, according to corresponding setting in the setting data change internet of things equipment after decryption, to realize that user passes through mobile terminal pipe
Manage the purpose of internet of things equipment.
Disclosed in the present embodiment in technical solution, data friendship is carried out by mobile terminal and portable servicer in user
When mutual, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is more pacified
Entirely.
In another embodiment, as shown in figure 3, on the basis of above-mentioned embodiment shown in Fig. 2, step S10 includes:
The digital certificate that the portable servicer stores is sent to the shifting by step S11, the portable servicer
Dynamic terminal,
Wherein, the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and will be encrypted
Key is sent to the portable servicer;
In the present embodiment, the communication encryption mode of portable servicer and mobile terminal can be symmetric cryptography or non-
Symmetric cryptography.For example, portable servicer is in the access instruction for receiving mobile terminal transmission when using asymmetric encryption
When, the digital certificate stored in portable servicer is sent to mobile terminal.Wherein, data certificate can be SSL (Secure
Socket layer) certificate, and the digital certificate is different from traditional digital certificate, and which is according to portable clothes
The device certificate that business device prestores generates, to avoid the need for the Shen certification authority (CA, Certificate Authority)
Digital certificate and correlative charges please be paid, to further decrease the production cost of portable servicer.Due to traditional number card
There are the limitations of validity period for book, so also needing to pay more management service cost when using traditional digital certificate, and lead to
It crosses the digital certificate that the device certificate prestored according to portable servicer generates and is then not necessarily to payment management maintenance cost, to reduce
The maintenance cost of portable servicer.Mobile terminal is obtained and is moved when receiving the digital certificate of portable servicer transmission
The key of dynamic terminal, and according to the key of the digital certificate encryption mobile terminal received, and encrypted key is sent to just
Take formula server.In symmetric cryptography, it can pass through mobile end in the data communication of subsequent portable servicer and mobile terminal
The key at end is encrypted, to ensure the safety of data transmission.
In addition, when that is, portable servicer enables, can detect portable in portable servicer First Contact Connections local area network
Whether it is stored with digital certificate in formula server, if not stored have digital certificate, generates certificate in portable servicer and ask
File (Certificate Signing Request, CSR) is asked, and obtains the pre-stored device certificate of portable servicer,
The device private for calling portable servicer, according to certificate request file generated digital certificate, and digital certificate, wherein
Also embeddable device certificate and special certificate chain in digital certificate, the special certificate chain by call device private according to
Device certificate generates.After digital certificate generation, by digital certificate store in portable servicer, in order to subsequent portable
Use when server and mobile terminal carry out data transmission.It may also include default mark and portable servicer in digital certificate
Internet protocol address (Internet Protocol Address, IP) etc., wherein default mark for traditional number
Certificate is distinguished, and Internet protocol address is used to verify the validity of device certificate.Device certificate and device private are preparatory
It is stored in portable servicer, and does not allow to be modified, export and delete, so that can be private by equipment in device certificate
The signature of key identifies the portable servicer, and the operation that the portable servicer executes can be traced.
Step S12 decrypts the encrypted key received according to the digital certificate, and stores what decryption obtained
Key,
Wherein, the setting data encrypted described in the key pair by storage are decrypted;
In the present embodiment, since encrypted key is encrypted according to the digital certificate of portable servicer,
Portable servicer can be demonstrate,proved when receiving the encrypted key of mobile terminal transmission according to the number in portable servicer
Book decrypts the encrypted key received, to obtain the key of mobile terminal, and stores the key that decryption obtains, in order to
Portable servicer encrypts and decrypts the encryption data transmitted between portable servicer and mobile terminal according to the key.Example
Such as, portable servicer, can be by the key pair of storage after the setting data encrypted for receiving mobile terminal feedback
The data of encryption are decrypted.
Step S13 encrypts the set interface according to the key of storage, and encrypted set interface is sent to
The mobile terminal.
In the present embodiment, when receiving the access instruction of mobile terminal transmission, if portable servicer has been got
The key of mobile terminal then encrypts set interface according to key, and encrypted set interface is sent to mobile terminal, with reality
The encrypted transmission of existing portable servicer and mobile terminal.
Disclosed in the present embodiment in technical solution, digital certificate is sent to mobile terminal by portable servicer, with
So that mobile terminal is fed back key, portable servicer and mobile terminal and encrypted data transmission is carried out by key, so that office
Domain net system data transmission is safer.
In another embodiment, as shown in figure 4, being applied to mobile terminal, the management method of the internet of things equipment includes
Following steps:
The access instruction is sent to Portable service when detecting the access instruction of user's triggering by step S40
Device, wherein the portable servicer is connect with the internet of things equipment by data transmission interface;
In the present embodiment, portable servicer is connect with internet of things equipment by data transmission interface, and user passes through shifting
Dynamic terminal access portable servicer, so that portable servicer controls internet of things equipment by data transmission interface, thus real
Now pass through the purpose of mobile terminal administration internet of things equipment.Mobile terminal will be visited when detecting the access instruction of user's triggering
Ask that instruction is sent to portable servicer, so that the corresponding set interface of portable feedback internet of things equipment.Specifically, mobile whole
End access portable servicer is generally by the way of browsing device net page interface, so that user is passing through mobile terminal administration Internet of Things
It is more efficient when net equipment.After access instruction is sent to portable servicer by mobile terminal, portable servicer is to movement
Terminal feeds back the digital certificate of portable servicer storage, in order to which mobile terminal encrypts the close of mobile terminal according to digital certificate
Key, and the key encrypted is fed back into portable servicer.Portable servicer has added according to digital certificate to what is received
Close key decryption, obtains the key of mobile terminal.It should be noted that mobile terminal is sent to the setting of portable servicer
Number can be encrypted according to the key, and the setting data that portable servicer received encrypted can also be decrypted according to the key.
Step S50 shows the set interface, and root in the set interface for receiving the portable servicer feedback
Setting data are obtained based on the operation of the set interface according to the user;
In the present embodiment, after access instruction is sent to portable servicer by mobile terminal, if receiving portable
The set interface of server feedback then shows set interface in the browsing device net page of mobile terminal, so that user is on setting circle
Change is directed to the setting of internet of things equipment in face.Operation of the mobile terminal by detection user in set interface, generates and corresponds to
Setting data.
Step S60 encrypts the setting data, and gives the setting data feedback encrypted to the portable clothes
Business device,
Wherein, the setting data encrypted are decrypted in the portable servicer, and by the setting after decryption
Data are sent to the internet of things equipment of connection, so that the internet of things equipment is carried out according to the setting data after the decryption
Internet of Things setting.
In the present embodiment, mobile terminal encrypts setting data after getting setting data, and will be after encryption
Setting data be sent to portable servicer.Portable servicer is in the setting number encrypted for receiving mobile terminal transmission
According to when, to the setting data deciphering encrypted, and the data after decryption are sent to the Internet of Things being connected to portable servicer
Equipment, to realize the purpose for passing through mobile terminal administration internet of things equipment.The encryption that data are arranged is pacified based on Hyper text transfer
Full agreement (Hypertext Transfer Protocol Secure, HTTPS), can specifically use symmetric cryptography or asymmetric
Encryption.It should be noted that portable servicer be sent to the set interface of mobile terminal and mobile terminal be sent to it is portable
The setting data of formula server can be encrypted, so that data transmission is safer, and improve the safety of LAN system
Property.
Disclosed in the present embodiment in technical solution, data friendship is carried out by mobile terminal and portable servicer in user
When mutual, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is more pacified
Entirely.
In another embodiment, it as shown in figure 5, on the basis of above-mentioned embodiment shown in Fig. 4, after step S20, also wraps
It includes:
Step S70, when receiving the digital certificate that the portable servicer is sent, according in the digital certificate
Certificate chain verifies the validity of the digital certificate,
Wherein, the portable servicer is in First Contact Connections local area network, the equipment for calling the portable servicer
Private key generates the certificate chain according to device certificate, calls the device private raw according to the certificate chain and the device certificate
At the digital certificate;
In the present embodiment, the communication encryption mode of portable servicer and mobile terminal can be symmetric cryptography or non-
Symmetric cryptography.For example, portable servicer needs to send after receiving the access instruction of mobile terminal in symmetric cryptography
The digital certificate of portable servicer to obtain the key of mobile terminal, and then realizes data according to key to mobile terminal
Encrypted transmission.Mobile terminal needs the body to portable servicer when receiving the digital certificate of portable servicer transmission
Part is verified, that is, verifies the validity of digital certificate.Since the digital certificate is different from traditional digital certificate, In
When verifying digital certificate validity, can first it detect in the digital certificate with the presence or absence of default mark, and if it exists, then identify the number
Word certificate is not traditional digital certificate, otherwise should be demonstrate,proved according to conventional digital according to new rule verification digital certificate validity
The verification process of book is verified.Wherein, default mark can be any friendly name, for differentiating with conventional digital certificate
Come.Since internet of things equipment can be assigned to an internal address after access to LAN, as the address of internet of things equipment, and
Since internet of things equipment can generally be used for a long time, internal address is generally also fixed, therefore internal address can also be made
For default mark.
When according to new rule verification digital certificate validity, the certificate chain in digital certificate is parsed, thus according to
Certificate chain verifies digital certificate validity, it can verifies whether certificate signature is tampered by certificate chain.It certainly, can also basis
Root certificate in browser of mobile terminal judge the device certificate in digital certificate whether trust, and judge Portable service
The Internet protocol address (Internet Protocol Address, IP) of device whether with the address matching etc. in digital certificate.
Wherein, judging that the device certificate in digital certificate, can whether before trust according to the root certificate in browser of mobile terminal
Device certificate is preset in the root certificate in browser of mobile terminal, in order to verify device certificate whether trust.Also,
Portable servicer obtains the device certificate prestored in portable servicer in First Contact Connections local area network, and calls portable
The device private of formula server generates a special certificate chain according to device certificate.Portable servicer can be set by calling
Standby private key generates digital certificate according to device certificate, and avoids to certification authority (CA, Certificate Authority)
Application digital certificate simultaneously pays correlative charges, to reduce the production cost of portable servicer.And it can be in digital certificate
It is embedded in certificate chain, for verifying the validity of digital certificate according to certificate chain in the browser of mobile terminal, to reach mobile
The browser of terminal can normally identify the purpose of digital certificate.
Step S80 encrypts the key of the mobile terminal according to the digital certificate when the digital certificate is effective.
In the present embodiment, mobile terminal is encrypted when verifying digital certificate is effective according to effective digital certificate is verified
Encrypted key is sent to portable servicer by the key of mobile terminal, is added to realize and carry out data according to key
The purpose of close transmission.Wherein, the key of mobile terminal can be by generating at random and being stored in the terminal.
Disclosed in the present embodiment in technical solution, when receiving the digital certificate of portable servicer transmission, verifying
The validity of digital certificate, and when digital certificate is effective, feedback key to portable servicer, thus guarantee mobile terminal with
The safety that data are transmitted between portable servicer.
In addition, the embodiment of the present invention also proposes a kind of managing device of internet of things equipment, the management of the internet of things equipment
Device includes: memory, processor and the transmission for being stored in the data that can be run on the memory and on the processor
Method program, the transmission method program of the data realize the biography of data described in embodiment as above when being executed by the processor
The step of transmission method.
In addition, the embodiment of the present invention also proposes a kind of management system of internet of things equipment, the management of the internet of things equipment
System includes:
The managing device of internet of things equipment, the managing device of the internet of things equipment are Internet of Things described in embodiment as above
The managing device of equipment;
The managing device of internet of things equipment, the internet of things equipment and the internet of things equipment is connected by data transmission interface
It connects.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, method, article or the system that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, method of element, article or system.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art
The part contributed out can be embodied in the form of software products, which is stored in one as described above
In storage medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that terminal device (it can be mobile phone,
Computer, server, air conditioner or network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of management method of internet of things equipment, which is characterized in that be applied to portable servicer, the portable servicer
Connect with the internet of things equipment by data transmission interface, the management method of the internet of things equipment the following steps are included:
In the access instruction for receiving mobile terminal, the portable servicer feeds back set interface to the mobile terminal;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, to it is described encrypted set
Data are set to be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for the Internet of Things
Net equipment carries out Internet of Things setting according to the setting data after the decryption.
2. the management method of internet of things equipment as described in claim 1, which is characterized in that the portable servicer is to described
Mobile terminal feed back set interface the step of include:
The digital certificate that the portable servicer stores is sent to the mobile terminal by the portable servicer, wherein
The mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and encrypted key is sent to described
Portable servicer;
The encrypted key received is decrypted according to the digital certificate, and stores the key that decryption obtains, wherein logical
The setting data encrypted described in the key pair for crossing storage are decrypted;
The set interface is encrypted according to the key of storage, and encrypted set interface is sent to the movement eventually
End.
3. the management method of internet of things equipment as claimed in claim 2, which is characterized in that the portable servicer will be described
Before the step of digital certificate of portable servicer storage is sent to the mobile terminal, the manager of the internet of things equipment
Method further include:
In the portable servicer First Contact Connections local area network, the device certificate of the portable servicer is obtained;
The device private of the portable servicer is called to generate certificate chain according to the device certificate;
It calls the device private to generate the digital certificate according to the certificate chain and the device certificate, and stores the number
Word certificate.
4. the management method of internet of things equipment as claimed in claim 3, which is characterized in that described according to the certificate chain, institute
Stating the step of device certificate and the device private generate the digital certificate includes:
Obtain the corresponding default mark of the portable servicer;
It calls the device private to generate the number according to the default mark, the certificate chain and the device certificate to demonstrate,prove
Book.
5. a kind of management method of internet of things equipment, which is characterized in that be applied to mobile terminal, the management of the internet of things equipment
Method the following steps are included:
Detect user triggering access instruction when, the access instruction is sent to portable servicer, wherein it is described just
It takes formula server and is connect with the internet of things equipment by data transmission interface;
In the set interface for receiving the portable servicer feedback, the set interface is shown, and according to user's base
Setting data are obtained in the operation of the set interface;
The setting data are encrypted, and give the setting data feedback encrypted to the portable servicer, wherein institute
It states portable servicer the setting data encrypted are decrypted, and the setting data after decryption is sent to connection
The internet of things equipment, so that the internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
6. the management method of internet of things equipment as claimed in claim 5, which is characterized in that the manager of the internet of things equipment
Method further include:
When receiving the digital certificate that the portable servicer is sent, the mobile terminal is encrypted according to the digital certificate
Key, wherein the setting data are encrypted by the key;
Encrypted key is sent to the portable servicer, wherein the portable servicer is demonstrate,proved according to the number
Book decrypts the encrypted key received, and stores the key that decryption obtains, described in the key pair by storage
The setting data encrypted are decrypted.
7. the management method of internet of things equipment as claimed in claim 6, which is characterized in that the manager of the internet of things equipment
Method further include:
When receiving the digital certificate that the portable servicer is sent, institute is verified according to the certificate chain in the digital certificate
State the validity of digital certificate, wherein the portable servicer calls the portable clothes in First Contact Connections local area network
The device private of device of being engaged in generates the certificate chain according to device certificate, calls the device private according to the certificate chain and described
Device certificate generates the digital certificate;
When the digital certificate is effective, the key of the mobile terminal is encrypted according to the digital certificate.
8. the management method of internet of things equipment as claimed in claim 7, which is characterized in that the digital certificate further includes presetting
Mark, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, detect in the digital certificate with the presence or absence of described pre-
Bidding is known, wherein the portable servicer calls the device private according to the corresponding pre- bidding of the portable servicer
Know, the certificate chain and the device certificate generate the digital certificate;
When there are the default mark, executes the certificate chain according in the digital certificate and verify the digital certificate
The step of validity.
9. a kind of managing device of internet of things equipment, which is characterized in that the managing device of the internet of things equipment includes: storage
Device, processor and the transmission method program for being stored in the data that can be run on the memory and on the processor, it is described
The biography such as data described in any item of the claim 1 to 8 is realized when the transmission method program of data is executed by the processor
The step of transmission method.
10. a kind of management system of internet of things equipment, which is characterized in that the management system of the internet of things equipment includes:
The managing device of internet of things equipment, the managing device of the internet of things equipment are internet of things equipment described in any one of claim 10
Managing device;
Internet of things equipment, the internet of things equipment are connect with the managing device of the internet of things equipment by data transmission interface.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910874320.2A CN110505242A (en) | 2019-09-11 | 2019-09-11 | The management method of internet of things equipment, apparatus and system |
| PCT/CN2019/108202 WO2021046926A1 (en) | 2019-09-11 | 2019-09-26 | Method and apparatus for managing internet of things device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910874320.2A CN110505242A (en) | 2019-09-11 | 2019-09-11 | The management method of internet of things equipment, apparatus and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110505242A true CN110505242A (en) | 2019-11-26 |
Family
ID=68591989
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910874320.2A Pending CN110505242A (en) | 2019-09-11 | 2019-09-11 | The management method of internet of things equipment, apparatus and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110505242A (en) |
| WO (1) | WO2021046926A1 (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571804A (en) * | 2012-01-20 | 2012-07-11 | 美的集团有限公司 | Internet of things center first login method based on product identification code |
| CN105635174A (en) * | 2016-02-03 | 2016-06-01 | 武汉天梯极客网络科技有限公司 | Intelligent device sharing method |
| CN107094107A (en) * | 2017-05-09 | 2017-08-25 | 捷开通讯(深圳)有限公司 | Intelligent domestic system and control method, mobile terminal, with store function device |
| WO2018136059A1 (en) * | 2017-01-19 | 2018-07-26 | Nokia Technologies Oy | IoT GATEWAY AND DESTINATION CLOUD SERVER |
| CN108600183A (en) * | 2018-03-28 | 2018-09-28 | 湖南东方华龙信息科技有限公司 | Target device control method |
| CN108833422A (en) * | 2018-06-25 | 2018-11-16 | 无锡南理工科技发展有限公司 | A kind of information sharing system based on Internet of Things |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010144898A1 (en) * | 2009-06-12 | 2010-12-16 | General Instrument Corporation | Certificate status information protocol (csip) proxy and responder |
| CN105791359A (en) * | 2014-12-24 | 2016-07-20 | 慧贤网智有限公司 | Internet of things system and data interaction method |
| JP7448220B2 (en) * | 2017-10-19 | 2024-03-12 | オートンハイブ コーポレイション | Key generation/deposit system and method for multipoint authentication |
| CN109347813B (en) * | 2018-09-27 | 2021-09-03 | 广州邦讯信息系统有限公司 | Internet of things equipment login method and system, computer equipment and storage medium |
| CN108833101B (en) * | 2018-09-28 | 2024-04-12 | 腾讯科技(北京)有限公司 | Data transmission method of Internet of things equipment, internet of things equipment and authentication platform |
-
2019
- 2019-09-11 CN CN201910874320.2A patent/CN110505242A/en active Pending
- 2019-09-26 WO PCT/CN2019/108202 patent/WO2021046926A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571804A (en) * | 2012-01-20 | 2012-07-11 | 美的集团有限公司 | Internet of things center first login method based on product identification code |
| CN105635174A (en) * | 2016-02-03 | 2016-06-01 | 武汉天梯极客网络科技有限公司 | Intelligent device sharing method |
| WO2018136059A1 (en) * | 2017-01-19 | 2018-07-26 | Nokia Technologies Oy | IoT GATEWAY AND DESTINATION CLOUD SERVER |
| CN107094107A (en) * | 2017-05-09 | 2017-08-25 | 捷开通讯(深圳)有限公司 | Intelligent domestic system and control method, mobile terminal, with store function device |
| CN108600183A (en) * | 2018-03-28 | 2018-09-28 | 湖南东方华龙信息科技有限公司 | Target device control method |
| CN108833422A (en) * | 2018-06-25 | 2018-11-16 | 无锡南理工科技发展有限公司 | A kind of information sharing system based on Internet of Things |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021046926A1 (en) | 2021-03-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108512846B (en) | Bidirectional authentication method and device between terminal and server | |
| US9838205B2 (en) | Network authentication method for secure electronic transactions | |
| US9231925B1 (en) | Network authentication method for secure electronic transactions | |
| CN105072125B (en) | A kind of http communication system and method | |
| EP2859489B1 (en) | Enhanced 2chk authentication security with query transactions | |
| AU2013272182B2 (en) | Enterprise triggered 2CHK association | |
| CN104954386B (en) | A kind of network anti-hijacking method and device | |
| CN108322416B (en) | Security authentication implementation method, device and system | |
| US20160241536A1 (en) | System and methods for user authentication across multiple domains | |
| TW201813361A (en) | Method and device for providing and obtaining graphic code information, and terminal | |
| CN107743067A (en) | Awarding method, system, terminal and the storage medium of digital certificate | |
| US20140359741A1 (en) | Mutually Authenticated Communication | |
| CN107800675A (en) | A kind of data transmission method, terminal and server | |
| CN107872447A (en) | Electronic device, server, communication system and communication method | |
| JP2012247992A (en) | Information processing apparatus and information processing method | |
| KR20150059347A (en) | Mobile terminal, terminal and method for authentication using security cookie | |
| CN111628871B (en) | Block chain transaction processing method and device, electronic equipment and storage medium | |
| CN107342966B (en) | Authority credentials distribution method and device | |
| CN113949566B (en) | Resource access method, device, electronic equipment and medium | |
| US20160212123A1 (en) | System and method for providing a certificate by way of a browser extension | |
| CN107948186A (en) | A kind of safety certifying method and device | |
| JP2020120173A (en) | Electronic signature system, certificate issuing system, certificate issuing method, and program | |
| WO2015109958A1 (en) | Data processing method based on negotiation key, and mobile phone | |
| CN109981677A (en) | A kind of credit management method and device | |
| CN109495458A (en) | A kind of method, system and the associated component of data transmission |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191126 |