CN110581888A - management method, gateway and system for terminal security session of Internet of things - Google Patents

management method, gateway and system for terminal security session of Internet of things Download PDF

Info

Publication number
CN110581888A
CN110581888A CN201910843790.2A CN201910843790A CN110581888A CN 110581888 A CN110581888 A CN 110581888A CN 201910843790 A CN201910843790 A CN 201910843790A CN 110581888 A CN110581888 A CN 110581888A
Authority
CN
China
Prior art keywords
internet
connection
things
service end
session
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910843790.2A
Other languages
Chinese (zh)
Inventor
廖统浪
张晓玮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Fangyan Mohang Technology Co Ltd
Original Assignee
Beijing Fangyan Mohang Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Fangyan Mohang Technology Co Ltd filed Critical Beijing Fangyan Mohang Technology Co Ltd
Priority to CN201910843790.2A priority Critical patent/CN110581888A/en
Publication of CN110581888A publication Critical patent/CN110581888A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/142Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer And Data Communications (AREA)

Abstract

the application discloses a management method, a gateway and a system for a terminal security session of the Internet of things, and belongs to the field of Internet of things security. The method comprises the following steps: establishing connection with the Internet of things terminal and the service end respectively by using a preset key exchange algorithm and an encryption algorithm; conducting a session over the established connection; and carrying out security monitoring on the session, and providing a session management interface to display a monitoring state. The gateway includes: the device comprises a connection module, a session module and a monitoring module. The system comprises: the system comprises an Internet of things terminal, a service end and a gateway. According to the method and the system, a mode of uniformly managing the network connection session is adopted, the network security of the terminal of the Internet of things is improved, the risk of being attacked by the network is reduced, meanwhile, the development cost of a service end is also reduced, and the workload is reduced.

Description

Management method, gateway and system for terminal security session of Internet of things
Technical Field
the application relates to the field of security of the Internet of things, in particular to a management method, a gateway and a system for a terminal security session of the Internet of things.
Background
The internet of things is a network which connects any article with the internet according to an agreed protocol through information sensing equipment such as radio frequency identification, infrared sensors, a global positioning system and a laser scanner to exchange and communicate information so as to realize intelligent identification, positioning, tracking, monitoring and management of the article. The system is a network which is extended and expanded on the basis of the Internet, and combines various information sensing devices with the Internet to form a huge network, thereby realizing the interconnection and intercommunication of people, machines and objects at any time and any place.
As an emerging product, the Internet of things has a complex equipment networking environment and an irregular networking function, is easily attacked from the network or easily forged, and is a problem to be solved for information security.
disclosure of Invention
it is an object of the present application to overcome the above problems or to at least partially solve or mitigate the above problems.
According to one aspect of the application, a management method for a terminal security session of the internet of things is provided, and the management method comprises the following steps:
Establishing connection with the Internet of things terminal and the service end respectively by using a preset key exchange algorithm and an encryption algorithm;
Conducting a session over the established connection;
and carrying out security monitoring on the session, and providing a session management interface to display a monitoring state.
optionally, establishing a connection with the internet of things terminal and the service end respectively by using a preset key exchange algorithm and an encryption algorithm, including:
establishing connection with an Internet of things terminal and a service end respectively by using a key exchange algorithm and an encryption algorithm set in a TLS (transport layer Security) protocol; or the like, or, alternatively,
and establishing connection with the terminal and the service end of the Internet of things respectively by using a key exchange algorithm ECDHE or SM9 and an encryption algorithm AES or SM 4.
Optionally, the establishing of the connection with the internet of things terminal and the service end respectively includes:
when a request sent by an Internet of things terminal is received, connection with the Internet of things terminal is established first, and then connection with a service end is established;
When a request sent by a service end is received, connection is established with the service end firstly, and then connection is established with an Internet of things terminal.
optionally, performing security monitoring on the session includes:
the duration of each session is monitored and keys are changed if the session times out.
Optionally, providing a session management interface to display the monitoring state includes:
providing a session management interface for displaying at least one of the following information: the number of terminals of the internet of things which are connected currently, the use condition of a key exchange algorithm or the use condition of an encryption algorithm.
According to another aspect of the present application, there is provided a gateway comprising:
the connection module is configured to establish connection with the terminal of the Internet of things and the service end respectively by using a preset key exchange algorithm and an encryption algorithm;
A session module configured to conduct a session over an established connection;
and the monitoring module is configured to perform security monitoring on the session and provide a session management interface to display a monitoring state.
optionally, the connection module is specifically configured to:
Establishing connection with an Internet of things terminal and a service end respectively by using a key exchange algorithm and an encryption algorithm set in a TLS (transport layer Security) protocol; or the like, or, alternatively,
and establishing connection with the terminal and the service end of the Internet of things respectively by using a key exchange algorithm ECDHE or SM9 and an encryption algorithm AES or SM 4.
Optionally, the connection module is specifically configured to:
when a request sent by an Internet of things terminal is received, connection with the Internet of things terminal is established first, and then connection with a service end is established;
when a request sent by a service end is received, connection is established with the service end firstly, and then connection is established with an Internet of things terminal.
Optionally, the monitoring module is specifically configured to:
the duration of each session is monitored and keys are changed if the session times out.
according to another aspect of the present application, there is provided a management system for a terminal security session of an internet of things, including: the terminal of the internet of things, the service end and the gateway are provided;
the Internet of things terminal is configured to carry out conversation with the service end through the gateway;
the service end is configured to perform a session with the internet of things terminal through the gateway.
According to yet another aspect of the application, there is provided a computing device comprising a memory, a processor and a computer program stored in the memory and executable by the processor, wherein the processor implements the method as described above when executing the computer program.
According to yet another aspect of the application, a computer-readable storage medium, preferably a non-volatile readable storage medium, is provided, having stored therein a computer program which, when executed by a processor, implements a method as described above.
According to yet another aspect of the application, there is provided a computer program product comprising computer readable code which, when executed by a computer device, causes the computer device to perform the method described above.
The technical scheme that this application provided through using preset's key exchange algorithm and encryption algorithm, establishes connection with thing networking terminal and service end respectively, carries out the conversation through the connection that has established, it is right the security control is carried out to the conversation to provide session management interface show monitoring state, this kind adopts the mode of unified management network connection conversation, replaces the tradition by the mode that the service end managed alone separately, has improved the network security at thing networking terminal, has reduced the risk that receives the cyber attack, uses preset safe key exchange algorithm and encryption algorithm, has further improved the network security at thing networking terminal. In addition, the logic of the service end does not need to be changed, the development cost of the service end is reduced, the workload is reduced, and the development efficiency is improved.
the above and other objects, advantages and features of the present application will become more apparent to those skilled in the art from the following detailed description of specific embodiments thereof, taken in conjunction with the accompanying drawings.
Drawings
some specific embodiments of the present application will be described in detail hereinafter by way of illustration and not limitation with reference to the accompanying drawings. The same reference numbers in the drawings identify the same or similar elements or components. Those skilled in the art will appreciate that the drawings are not necessarily drawn to scale. In the drawings:
fig. 1 is a flowchart of a method for managing secure sessions of terminals of the internet of things according to an embodiment of the present application;
Fig. 2 is a flowchart of a method for managing secure sessions of terminals of the internet of things according to another embodiment of the present application;
FIG. 3 is a diagram of a gateway architecture according to another embodiment of the present application;
fig. 4 is a block diagram of a management system for secure sessions of terminals of the internet of things according to another embodiment of the present application;
FIG. 5 is a block diagram of a computing device according to another embodiment of the present application;
fig. 6 is a diagram of a computer-readable storage medium structure according to another embodiment of the present application.
Detailed Description
fig. 1 is a flowchart of a management method for a terminal security session of the internet of things according to an embodiment of the application.
Referring to fig. 1, the method includes:
101: establishing connection with the Internet of things terminal and the service end respectively by using a preset key exchange algorithm and an encryption algorithm;
102: conducting a session over the established connection;
103: and carrying out security monitoring on the session, and providing a session management interface to display a monitoring state.
Optionally, establishing a connection with the internet of things terminal and the service end respectively by using a preset key exchange algorithm and an encryption algorithm, including:
establishing connection with an Internet of things terminal and a service end respectively by using a key exchange algorithm and an encryption algorithm set in a TLS (transport layer Security) protocol; or the like, or, alternatively,
And establishing connection with the terminal and the service end of the Internet of things respectively by using a key exchange algorithm ECDHE or SM9 and an encryption algorithm AES or SM 4.
Optionally, the establishing of the connection with the internet of things terminal and the service end respectively includes:
When a request sent by an Internet of things terminal is received, connection is established with the Internet of things terminal firstly, and then connection is established with a service end;
when a request sent by a service end is received, connection is established with the service end firstly, and then connection is established with the terminal of the Internet of things.
optionally, the security monitoring of the session includes:
the duration of each session is monitored and keys are changed if the session times out.
optionally, providing a session management interface to display the monitoring state includes:
providing a session management interface for displaying at least one of the following information: the number of terminals of the internet of things which are connected currently, the use condition of a key exchange algorithm or the use condition of an encryption algorithm.
According to the method provided by the embodiment, the preset key exchange algorithm and the preset encryption algorithm are used for respectively establishing connection with the terminal of the internet of things and the service end, conversation is carried out through the established connection, the security monitoring is carried out on the conversation, the conversation management interface is provided for displaying the monitoring state, the mode of uniformly managing the network connection conversation is adopted, the traditional mode that the service end is independently managed is replaced, the network security of the terminal of the internet of things is improved, the risk of network attack is reduced, and the network security of the terminal of the internet of things is further improved by using the preset secure key exchange algorithm and the preset secure encryption algorithm. In addition, the logic of the service end does not need to be changed, the development cost of the service end is reduced, the workload is reduced, and the development efficiency is improved.
Fig. 2 is a flowchart of a management method for a terminal security session of the internet of things according to another embodiment of the present application.
Referring to fig. 2, the method includes:
201: establishing connection with an Internet of things terminal and a service end respectively by using a key exchange algorithm and an encryption algorithm set in a TLS (transport layer Security) protocol;
Wherein, this step can be replaced by the following steps:
And establishing connection with the terminal and the service end of the Internet of things respectively by using a key exchange algorithm ECDHE or SM9 and an encryption algorithm AES or SM 4.
in addition, the session in this embodiment may be initiated by the terminal of the internet of things actively, or may be initiated by the service end actively, so that the establishing of the connection with the device of the internet of things and the service end respectively may specifically include:
When a request sent by the Internet of things equipment is received, connection with the Internet of things equipment is established first, and then connection with a service end is established; or when receiving the request sent by the service end, establishing connection with the service end firstly, and then establishing connection with the internet of things equipment.
202: conducting a session over the established connection;
203: monitoring the duration of each session, and if the session is overtime, replacing a key;
204: providing a session management interface for displaying at least one of the following information: the number of terminals of the internet of things which are connected currently, the use condition of a key exchange algorithm or the use condition of an encryption algorithm.
According to the method provided by the embodiment, the preset key exchange algorithm and the preset encryption algorithm are used for respectively establishing connection with the terminal of the internet of things and the service end, conversation is carried out through the established connection, the security monitoring is carried out on the conversation, the conversation management interface is provided for displaying the monitoring state, the mode of uniformly managing the network connection conversation is adopted, the traditional mode that the service end is independently managed is replaced, the network security of the terminal of the internet of things is improved, the risk of network attack is reduced, and the network security of the terminal of the internet of things is further improved by using the preset secure key exchange algorithm and the preset secure encryption algorithm. In addition, the logic of the service end does not need to be changed, the development cost of the service end is reduced, the workload is reduced, and the development efficiency is improved.
In addition, on the premise of safety of a key exchange algorithm, the session time of each Internet of things terminal is managed, and the key is replaced after the session is overtime, so that the same key can be prevented from being used for too long time, and the network safety is further improved.
fig. 3 is a diagram of a gateway architecture according to another embodiment of the present application. Referring to fig. 3, the gateway includes:
a connection module 301 configured to establish connection with the internet of things terminal and the service end respectively using a preset key exchange algorithm and an encryption algorithm;
A session module 302 configured to conduct a session over an established connection;
and the monitoring module 303 is configured to perform security monitoring on the session and provide a session management interface to display a monitoring state.
In this embodiment, optionally, the connection module is specifically configured to:
Establishing connection with an Internet of things terminal and a service end respectively by using a key exchange algorithm and an encryption algorithm set in a TLS (transport layer Security) protocol; or the like, or, alternatively,
and establishing connection with the terminal and the service end of the Internet of things respectively by using a key exchange algorithm ECDHE or SM9 and an encryption algorithm AES or SM 4.
in this embodiment, optionally, the connection module is specifically configured to:
When a request sent by an Internet of things terminal is received, connection is established with the Internet of things terminal firstly, and then connection is established with a service end;
when a request sent by a service end is received, connection is established with the service end firstly, and then connection is established with the terminal of the Internet of things.
In this embodiment, optionally, the monitoring module is specifically configured to:
the duration of each session is monitored and keys are changed if the session times out.
the gateway provided in this embodiment may execute the method provided in any of the above method embodiments, and details of the process are described in the method embodiments and are not described herein again.
According to the gateway provided by the embodiment, the preset key exchange algorithm and the preset encryption algorithm are used for respectively establishing connection with the terminal of the internet of things and the service end, conversation is carried out through the established connection, security monitoring is carried out on the conversation, and a conversation management interface is provided for displaying the monitoring state. In addition, the logic of the service end does not need to be changed, the development cost of the service end is reduced, the workload is reduced, and the development efficiency is improved.
fig. 4 is a structural diagram of a management system for secure sessions of terminals of the internet of things according to another embodiment of the present application. Referring to fig. 4, the system includes: an internet of things terminal 401, a service terminal 402 and a gateway 403 provided in the above embodiment;
The internet of things terminal 401 is configured to perform a session with a service end through a gateway;
A service end 402 configured to perform a session with the terminal of the internet of things through the gateway.
The functions of the gateway 403 are described in the above gateway embodiment, and are not described herein again.
according to the system provided by the embodiment, the preset key exchange algorithm and the preset encryption algorithm are used for respectively establishing connection with the terminal of the internet of things and the service end, conversation is carried out through the established connection, security monitoring is carried out on the conversation, and a conversation management interface is provided for displaying the monitoring state. In addition, the logic of the service end does not need to be changed, the development cost of the service end is reduced, the workload is reduced, and the development efficiency is improved.
the above and other objects, advantages and features of the present application will become more apparent to those skilled in the art from the following detailed description of specific embodiments thereof, taken in conjunction with the accompanying drawings.
embodiments also provide a computing device, referring to fig. 5, comprising a memory 1120, a processor 1110 and a computer program stored in said memory 1120 and executable by said processor 1110, the computer program being stored in a space 1130 for program code in the memory 1120, the computer program, when executed by the processor 1110, implementing the method steps 1131 for performing any of the methods according to the invention.
the embodiment of the application also provides a computer readable storage medium. Referring to fig. 6, the computer readable storage medium comprises a storage unit for program code provided with a program 1131' for performing the steps of the method according to the invention, which program is executed by a processor.
the embodiment of the application also provides a computer program product containing instructions. Which, when run on a computer, causes the computer to carry out the steps of the method according to the invention.
in the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed by a computer, cause the computer to perform, in whole or in part, the procedures or functions described in accordance with the embodiments of the application. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the above embodiments may be implemented by a program, and the program may be stored in a computer-readable storage medium, where the storage medium is a non-transitory medium, such as a random access memory, a read only memory, a flash memory, a hard disk, a solid state disk, a magnetic tape (magnetic tape), a floppy disk (floppy disk), an optical disk (optical disk), and any combination thereof.
the above description is only for the preferred embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (10)

1. A management method for a secure session of an Internet of things terminal comprises the following steps:
establishing connection with the Internet of things terminal and the service end respectively by using a preset key exchange algorithm and an encryption algorithm;
conducting a session over the established connection;
And carrying out security monitoring on the session, and providing a session management interface to display a monitoring state.
2. the method of claim 1, wherein establishing connections with the terminal and the service end of the internet of things respectively by using a preset key exchange algorithm and an encryption algorithm comprises:
establishing connection with an Internet of things terminal and a service end respectively by using a key exchange algorithm and an encryption algorithm set in a TLS (transport layer Security) protocol; or the like, or, alternatively,
and establishing connection with the terminal and the service end of the Internet of things respectively by using a key exchange algorithm ECDHE or SM9 and an encryption algorithm AES or SM 4.
3. the method of claim 2, wherein the establishing the connection with the terminal of the internet of things and the service end respectively comprises:
When a request sent by an Internet of things terminal is received, connection with the Internet of things terminal is established first, and then connection with a service end is established;
when a request sent by a service end is received, connection is established with the service end firstly, and then connection is established with an Internet of things terminal.
4. The method of claim 1, wherein security monitoring the session comprises:
The duration of each session is monitored and keys are changed if the session times out.
5. The method of any one of claims 1-4, wherein providing the session management interface exposes the monitoring state, comprising:
providing a session management interface for displaying at least one of the following information: the number of terminals of the internet of things which are connected currently, the use condition of a key exchange algorithm or the use condition of an encryption algorithm.
6. A gateway, comprising:
The connection module is configured to establish connection with the terminal of the Internet of things and the service end respectively by using a preset key exchange algorithm and an encryption algorithm;
A session module configured to conduct a session over an established connection;
and the monitoring module is configured to perform security monitoring on the session and provide a session management interface to display a monitoring state.
7. the gateway according to claim 6, wherein the connection module is specifically configured to:
Establishing connection with an Internet of things terminal and a service end respectively by using a key exchange algorithm and an encryption algorithm set in a TLS (transport layer Security) protocol; or the like, or, alternatively,
And establishing connection with the terminal and the service end of the Internet of things respectively by using a key exchange algorithm ECDHE or SM9 and an encryption algorithm AES or SM 4.
8. The gateway according to claim 7, wherein the connection module is specifically configured to:
When a request sent by an Internet of things terminal is received, connection with the Internet of things terminal is established first, and then connection with a service end is established;
When a request sent by a service end is received, connection is established with the service end firstly, and then connection is established with an Internet of things terminal.
9. the gateway according to claim 6, wherein the monitoring module is specifically configured to:
The duration of each session is monitored and keys are changed if the session times out.
10. a management system for secure sessions of terminals of the Internet of things comprises the following components: an internet of things terminal, a service end and a gateway according to any one of claims 6-9;
The Internet of things terminal is configured to carry out conversation with the service end through the gateway;
the service end is configured to perform a session with the internet of things terminal through the gateway.
CN201910843790.2A 2019-09-06 2019-09-06 management method, gateway and system for terminal security session of Internet of things Pending CN110581888A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910843790.2A CN110581888A (en) 2019-09-06 2019-09-06 management method, gateway and system for terminal security session of Internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910843790.2A CN110581888A (en) 2019-09-06 2019-09-06 management method, gateway and system for terminal security session of Internet of things

Publications (1)

Publication Number Publication Date
CN110581888A true CN110581888A (en) 2019-12-17

Family

ID=68812729

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910843790.2A Pending CN110581888A (en) 2019-09-06 2019-09-06 management method, gateway and system for terminal security session of Internet of things

Country Status (1)

Country Link
CN (1) CN110581888A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112533201A (en) * 2020-11-23 2021-03-19 广州技象科技有限公司 Data hopping transmission link management method and device of Internet of things system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102694786A (en) * 2011-03-25 2012-09-26 株式会社野村综合研究所 Session management system
US20160014078A1 (en) * 2014-07-10 2016-01-14 Sven Schrecker Communications gateway security management
CN107172221A (en) * 2017-07-26 2017-09-15 成都三零盛安信息系统有限公司 Cross-domain conversation managing method and device
CN107734028A (en) * 2017-10-12 2018-02-23 佛山伊贝尔科技有限公司 A kind of things-internet gateway system and its implementation of data safety storage
CN107919956A (en) * 2018-01-04 2018-04-17 重庆邮电大学 End-to-end method for protecting under a kind of internet of things oriented cloud environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102694786A (en) * 2011-03-25 2012-09-26 株式会社野村综合研究所 Session management system
US20160014078A1 (en) * 2014-07-10 2016-01-14 Sven Schrecker Communications gateway security management
CN107172221A (en) * 2017-07-26 2017-09-15 成都三零盛安信息系统有限公司 Cross-domain conversation managing method and device
CN107734028A (en) * 2017-10-12 2018-02-23 佛山伊贝尔科技有限公司 A kind of things-internet gateway system and its implementation of data safety storage
CN107919956A (en) * 2018-01-04 2018-04-17 重庆邮电大学 End-to-end method for protecting under a kind of internet of things oriented cloud environment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112533201A (en) * 2020-11-23 2021-03-19 广州技象科技有限公司 Data hopping transmission link management method and device of Internet of things system
CN112533201B (en) * 2020-11-23 2021-08-06 广州技象科技有限公司 Data hopping transmission link management method and device of Internet of things system

Similar Documents

Publication Publication Date Title
US9781109B2 (en) Method, terminal device, and network device for improving information security
US9374360B2 (en) System and method for single-sign-on in virtual desktop infrastructure environment
EP3869366A1 (en) Method and apparatus for updating password of electronic device, device and storage medium
KR20100021077A (en) Apparatus and method for security management of user terminal
CN102484655B (en) Public robot management method and system in private networks
CN114586314A (en) Block chain transaction control based on private key management
CN112615858B (en) Internet of things equipment monitoring method, device and system
CN104468825B (en) Remote-authorization method and system
CN105379224A (en) Managing data communications based on phone calls between mobile computing devices
CN102420642A (en) Bluetooth device and communication method thereof
CN108123961A (en) Information processing method, apparatus and system
CN112448822A (en) Cross-network awakening method and related equipment
CN111726328B (en) Method, system and related device for remotely accessing a first device
CN108880923A (en) The method and apparatus that policer operation applied to application server is requested
CN110581888A (en) management method, gateway and system for terminal security session of Internet of things
CN111294210B (en) Medical information management method and related equipment
CN115150209B (en) Data processing method, industrial control system, electronic device, and storage medium
CN114726597A (en) Data transmission method, device, system and storage medium
CN110166226B (en) Method and device for generating secret key
CN110941412A (en) Method, system and terminal for realizing multi-terminal animation co-browsing based on imaging
CN108243148B (en) Method and apparatus for authentication
CN116318727B (en) ECU access method, device, equipment and storage medium
CN116015961B (en) Control processing method, security CPE, system and medium of down-hanging terminal equipment
CN115174062B (en) Cloud service authentication method, device, equipment and storage medium
US20230127607A1 (en) Methods, devices, and computer program products for authenticating peripheral device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20191217