CN110650477A - Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment - Google Patents

Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment Download PDF

Info

Publication number
CN110650477A
CN110650477A CN201910763598.2A CN201910763598A CN110650477A CN 110650477 A CN110650477 A CN 110650477A CN 201910763598 A CN201910763598 A CN 201910763598A CN 110650477 A CN110650477 A CN 110650477A
Authority
CN
China
Prior art keywords
iot
information
ciphertext
request
platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910763598.2A
Other languages
Chinese (zh)
Other versions
CN110650477B (en
Inventor
杨烨
李波
陆柯峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongchang (hangzhou) Information Technology Co Ltd
China Mobile Communications Group Co Ltd
Original Assignee
Zhongchang (hangzhou) Information Technology Co Ltd
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongchang (hangzhou) Information Technology Co Ltd, China Mobile Communications Group Co Ltd filed Critical Zhongchang (hangzhou) Information Technology Co Ltd
Priority to CN201910763598.2A priority Critical patent/CN110650477B/en
Publication of CN110650477A publication Critical patent/CN110650477A/en
Application granted granted Critical
Publication of CN110650477B publication Critical patent/CN110650477B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention relates to the technical field of communication, in particular to an interaction method, a platform, a server and a storage medium of NB-IOT equipment. The interaction method of the NB-IOT equipment comprises the following steps: receiving a request sent by NB-IOT equipment; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on the prestored unique identification information of the NB-IOT equipment; and if the verification is successful, responding to the request sent by the NB-IOT equipment. By adopting the implementation mode of the invention, the NB-IOT equipment and the NB-IOT equipment interaction platform can carry out access interaction, and the safety and the reliability of information encryption in the interaction process are ensured.

Description

Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment
Technical Field
The embodiment of the invention relates to the technical field of communication, in particular to an interaction method, a platform, a server and a storage medium of NB-IOT equipment.
Background
Narrow-Band Internet of things (NB-IOT) is an important emerging technology of the Internet of everything (namely, the general Internet of things), supports the cellular data connection of low-power consumption equipment in a wide area, has various advantages of low power consumption, wide coverage, low cost, large capacity and the like, and can be widely applied to various vertical industries such as remote meter reading, asset tracking, intelligent parking, intelligent agriculture and the like. The NB-IOT equipment as a used terminal needs to be accessed to a general Internet of things platform, the general Internet of things platform is connected with and manages the accessed NB-IOT equipment, and data of the NB-IOT equipment are collected, analyzed and processed so as to provide NB-IOT service. However, the inventors found that the following problems exist in the related art: in the related technology, a complete access interaction flow for the NB-IOT equipment to access the NB-IOT platform does not exist, an information encryption and decryption mechanism in the interaction process is single, and the safety and the reliability are low.
Disclosure of Invention
The embodiment of the invention aims to provide an interaction method, a platform, a server and a storage medium for NB-IOT equipment, which can enable the NB-IOT equipment and the NB-IOT equipment interaction platform to carry out access interaction, and ensure the safety and reliability of information encryption in the interaction process.
In order to solve the above technical problem, an embodiment of the present invention provides an interaction method for an NB-IOT device, including: receiving a request sent by NB-IOT equipment; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on the prestored unique identification information of the NB-IOT equipment; and if the verification is successful, responding to the request sent by the NB-IOT equipment.
The embodiment of the invention also provides an interaction platform of the NB-IOT equipment, which comprises the following steps: the device comprises a device interaction module and a data storage module; the device interaction module is used for receiving a request sent by NB-IOT equipment; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment; the equipment interaction module is further used for verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment; the device interaction module is further configured to respond to a request sent by the NB-IOT device when the authentication is successful; wherein the unique identification information of the NB-IOT device is pre-stored in the data storage module.
An embodiment of the present invention further provides a server, including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the above-described NB-IOT device interaction method.
Embodiments of the present invention also provide a computer-readable storage medium storing a computer program, which when executed by a processor implements the above-described NB-IOT device interaction method.
Compared with the prior art, the embodiment of the invention receives the request sent by the NB-IOT equipment; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on the prestored unique identification information of the NB-IOT equipment; if the verification is successful, responding to a request sent by the NB-IOT equipment; that is to say, a way is provided for an NB-IOT device to access an interactive platform of the NB-IOT device by sending a request carrying ciphertext information: the received request sent by the NB-IOT equipment comprises ciphertext information, the ciphertext information is obtained by encrypting according to the unique identification information of the NB-IOT equipment, and the unique identification information is unique and different for each NB-IOT equipment, so that the ciphertext information in the request can be used for accurately representing the identity of the NB-IOT equipment sending the request, and the existence of the ciphertext information ensures the safety and reliability in the interaction process; and provides a way to verify the identity of the NB-IOT device according to the unique identification information of the NB-IOT device during the interaction process: since the unique identification information of the NB-IOT equipment is prestored, the ciphertext information can be verified according to the unique identification information of the NB-IOT equipment, if the prestored unique identification information is consistent with the unique identification information of the NB-IOT equipment sending the request, the ciphertext information can be successfully verified, namely, after the identity of the NB-IOT equipment is confirmed through the ciphertext information, the request of the NB-IOT equipment can be responded, subsequent interaction is carried out, the safety and the reliability of the interaction process are effectively ensured, and the characteristic of low power consumption of the NB-IOT equipment is matched.
In addition, the request also comprises plaintext information, the ciphertext information comprises an equipment check value ciphertext, the equipment check value ciphertext is generated by encrypting the plaintext information through an equipment key, and the equipment key is obtained by calculation according to the unique identification information of the NB-IOT equipment and a preset encryption algorithm; the verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT device comprises: calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm; encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext; and if the equipment check value ciphertext and the platform check value ciphertext are matched successfully, judging that the ciphertext information is verified successfully. That is to say, an equipment key at the NB-IOT equipment side is generated according to the unique identification information of the NB-IOT equipment and a preset encryption algorithm, the equipment key is used for encrypting the plaintext information of the request to obtain ciphertext information, and the ciphertext information is carried in the request and sent to the interaction platform of the NB-IOT equipment; therefore, the interactive platform side of the NB-IOT equipment can generate a platform key of the platform side according to the pre-stored identification information of the NB-IOT equipment and the same preset encryption algorithm, encrypt the received plaintext information, and if the ciphertext information obtained by encryption is consistent with the ciphertext information included in the request, the platform side successfully verifies the NB-IOT equipment, namely, the platform key generated by the platform side is consistent with the equipment key.
In addition, the ciphertext information further comprises a request data ciphertext; wherein the request data ciphertext is generated from the plaintext information in the device key encryption portion; after the matching of the equipment check value ciphertext and the platform check value ciphertext is successful, decrypting the request data ciphertext according to the platform key to obtain a request data plaintext, and matching the request data plaintext with the part of plaintext information; if the plaintext of the request data is matched with the plaintext information of the part successfully, the ciphertext information is judged to be verified successfully; that is to say, a double verification mode is provided, namely, the requested ciphertext information comprises two ciphertexts, when the two ciphertexts are verified successfully, the success of the verification of the ciphertext information is judged, and the safety and the reliability of data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
In addition, the request also comprises a time stamp which characterizes the sending time of the request; before the computing platform key, the method further comprises: judging that the time stamp is a legal time stamp, and judging that the plaintext information in the request is complete plaintext information; that is to say, another prior verification mode is provided, namely, before the verification of the ciphertext information of the request, whether the time stamp of the request is legal and whether the plaintext information in the request is complete and effective are determined, when the time stamp of the request is legal and the plaintext information is complete and effective, the verification of the ciphertext information is continued, so that useless verification operation on the overtime ciphertext information is avoided, the workload generated in the interaction process is effectively controlled, and the interaction efficiency of the NB-IOT device is improved.
In addition, the responding to the request sent by the NB-IOT device includes: sending response information to the NB-IOT device; the response information comprises a response data ciphertext obtained by encrypting a session key based on the unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can obtain the session key according to the response data ciphertext and send a request based on the session key; the session key is obtained by encrypting based on the unique identification information of the NB-IOT equipment; that is to say, a mode for responding to the NB-IOT device is provided, a new session key is negotiated based on the unique identification information of the NB-IOT device to be used for subsequent interaction of the NB-IOT device, instead of continuously using the device key for interaction, so that the unicity of an encryption mechanism in the interaction process is avoided, and the safety and reliability of data interaction between the NB-IOT device and the NB-IOT platform are effectively improved.
In addition, the method further comprises: and storing the session key and the verification result of the ciphertext information according to the unique identification information of the NB-IOT equipment, and pushing the session key and the verification result of the ciphertext information to a third-party platform, so that the third-party platform can timely acquire the successful verification information of the NB-IOT equipment, and further can operate the NB-IOT equipment.
In addition, when the request is a subscription request, the subscription request further includes a subscription validity period of the NB-IOT device; the responding to the request sent by the NB-IOT device comprises: storing the subscription validity period of the NB-IOT equipment; the method further comprises the following steps: when an instruction sent by a third-party platform is received, whether the NB-IOT equipment is online or not and whether the instruction sent by the third-party platform is within the subscription validity period of the NB-IOT equipment or not are judged; if yes, storing the instruction as an online instruction corresponding to the NB-IOT equipment, and sending the online instruction to the NB-IOT equipment; if not, storing the instruction as an offline instruction corresponding to the NB-IOT equipment; that is to say, a way of responding to a subscription request is provided, the way of interacting with a third-party platform in addition to the NB-IOT device is provided, and if an instruction for the NB-IOT device is received from the third-party platform, and the NB-IOT device is online, sends a subscription request, and the received instruction is within the subscription validity period, the online instruction is sent to the NB-IOT device, so that the characteristic of low power consumption of the NB-IOT device is conformed.
Drawings
One or more embodiments are illustrated by the corresponding figures in the drawings, which are not meant to be limiting.
Fig. 1 is a flowchart of an interaction method of an NB-IOT device in accordance with a first embodiment of the present invention;
FIG. 2 is a schematic diagram of a data packet in accordance with a first embodiment of the present invention;
FIG. 3 is a flowchart illustrating a specific implementation of step 102 according to a first embodiment of the present invention;
fig. 4 is a flowchart of an interaction method of an NB-IOT device in accordance with a second embodiment of the present invention;
FIG. 5 is a flowchart illustrating a specific implementation of step 202 according to the second embodiment of the present invention;
FIG. 6 is a schematic diagram of a data packet in accordance with a second embodiment of the present invention;
fig. 7 is a flowchart of an interaction method of an NB-IOT device in accordance with a third embodiment of the present invention;
FIG. 8 is a block diagram of the structure of an interaction platform of an NB-IOT device according to a fourth embodiment of the present invention;
FIG. 9 is a schematic interaction flow diagram of an interaction platform of an NB-IOT device and an NB-IOT device according to a fourth embodiment of the present invention;
FIG. 10 is a schematic flow chart of NB-IOT device registration on an interactive platform of the NB-IOT device in accordance with a fourth embodiment of the present invention;
FIG. 11 is a schematic flow chart of an NB-IOT device logging on an interactive platform of the NB-IOT device according to a fourth embodiment of the present invention;
FIG. 12 is a schematic flow chart of an NB-IOT device receiving an online instruction in accordance with a fourth embodiment of the invention;
FIG. 13 is a schematic flow chart of an NB-IOT device receiving an offline instruction in accordance with a fourth embodiment of the invention;
fig. 14 is a block diagram of a server according to a fifth embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. However, it will be appreciated by those of ordinary skill in the art that numerous technical details are set forth in order to provide a better understanding of the present application in various embodiments of the present invention. However, the technical solution claimed in the present application can be implemented without these technical details and various changes and modifications based on the following embodiments. The following embodiments are divided for convenience of description, and should not constitute any limitation to the specific implementation manner of the present invention, and the embodiments may be mutually incorporated and referred to without contradiction.
The first embodiment of the invention relates to an interaction method of NB-IOT equipment. In this embodiment, the NB-IOT device uses a restricted Application Protocol (CoAP) as a communication Protocol to interact with an interaction platform of the NB-IOT device, and since the CoAP Protocol has a low power consumption characteristic, adapting the CoAP Protocol as a communication Protocol to interact fits the low power consumption characteristic of the NB-IOT device; the manufacturer of the NB-IOT equipment can flexibly select different modes such as SDK, API or module and the like to access the NB-IOT equipment to the interactive platform of the NB-IOT equipment according to the actual scene of using the NB-IOT equipment, so that the application scene of the NB-IOT equipment is wider. Fig. 1 shows a flowchart of an interaction method of an NB-IOT device in this embodiment, which includes:
step 101, receiving a request sent by NB-IOT equipment;
102, verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment;
step 103, judging whether the verification of the ciphertext information is successful; if yes, go to step 104; if not, ending;
step 104, responding to the request sent by the NB-IOT device.
The following describes implementation details of the NB-IOT device interaction method in this embodiment in detail, and the following is only provided for easy understanding and is not necessary for implementing this embodiment.
In this embodiment, a request sent by NB-IOT equipment is received; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on the prestored unique identification information of the NB-IOT equipment; if the verification is successful, responding to a request sent by the NB-IOT equipment; that is to say, a way is provided for an NB-IOT device to access an interactive platform of the NB-IOT device by sending a request carrying ciphertext information: the received request sent by the NB-IOT equipment comprises ciphertext information, the ciphertext information is obtained by encrypting according to the unique identification information of the NB-IOT equipment, and the unique identification information is unique and different for each NB-IOT equipment, so that the ciphertext information in the request can be used for accurately representing the identity of the NB-IOT equipment sending the request, and the existence of the ciphertext information ensures the safety and reliability in the interaction process; and provides a way to verify the identity of the NB-IOT device according to the unique identification information of the NB-IOT device during the interaction process: since the unique identification information of the NB-IOT equipment is prestored, the ciphertext information can be verified according to the unique identification information of the NB-IOT equipment, if the prestored unique identification information is consistent with the unique identification information of the NB-IOT equipment sending the request, the ciphertext information can be successfully verified, namely, after the identity of the NB-IOT equipment is confirmed through the ciphertext information, the request of the NB-IOT equipment can be responded, subsequent interaction is carried out, the safety and the reliability of the interaction process are effectively ensured, and the characteristic of low power consumption of the NB-IOT equipment is matched.
In step 101, an interactive platform of the NB-IOT device receives a request sent by the NB-IOT device, where the request includes ciphertext information obtained by encrypting based on unique identification information of the NB-IOT device. Specifically, the NB-IOT equipment packages information included in the request according to a CoAP protocol, and sends the packaged request to an interactive platform of the NB-IOT equipment; the request of the NB-IOT equipment comprises plaintext information and ciphertext information, the plaintext information comprises a data header, a request type, unique identification information of the NB-IOT equipment and the like, and the ciphertext information comprises an equipment check value ciphertext; the device check value ciphertext is generated by encrypting the complete plaintext information by a device key of the NB-IOT device, and an encryption algorithm of the key may be an encryption algorithm such as AES, DES, 3DES, TEA, and the like, but is not particularly limited; and the device key of the NB-IOT device is calculated according to the unique identification information of the NB-IOT device and a preset encryption algorithm. In one example, the device key may be dispersedly generated by a preset dispersion algorithm, which is as follows:
firstly, a manufacturer of the NB-IOT equipment and an interactive platform of the NB-IOT equipment agree with a shared master key, and each NB-IOT equipment accessing the interactive platform of the NB-IOT equipment is preset with dispersion parameters, wherein the dispersion parameters comprise unique identification information of the NB-IOT equipment and other kinds of identification information for representing the identity of the NB-IOT equipment, such as an international mobile equipment identification code (IMEI number, namely a serial number) used by the NB-IOT equipment, a hash value of an integrated circuit card identification code (ICCID, namely an unique identification number of an IC card) of the NB-IOT equipment and the like.
Then, according to the shared master key and preset dispersion parameters (including unique identification information of each NB-IOT device), a corresponding and unique device key is dispersedly calculated for each NB-IOT device through a preset encryption algorithm (which may be referred to as a dispersion algorithm herein), and the device key corresponding to each NB-IOT device is burned into the NB-IOT device by the manufacturer of the NB-IOT device.
Through the mode, only the unique device key of each NB-IOT device can be generated during use according to the pre-agreed master key, the distributed parameters and the encryption algorithm, and the generated device keys are different due to different distributed parameters, so that the key requirements of a large number of devices are met, and meanwhile, the cost for storing the device keys is greatly reduced; and the distributed keys have irreversibility, namely the master key of the upper level or the device keys of other NB-IOT devices of the same level can not be obtained according to the distributed device keys, so that the safety of the master key and other NB-IOT devices of the same level can be ensured even if one of the distributed device keys is cracked.
The request in this embodiment may be understood as a data packet as shown in fig. 2, including a data header, a request type (or a response type), unique identification information of the NB-IOT device, and a device check value ciphertext.
In step 102, verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment; specifically, step 102 specifically verifies the ciphertext message through steps 1021 to 1022, as shown in fig. 3:
and step 1021, calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and a preset encryption algorithm.
Specifically, after receiving a request of the NB-IOT equipment, an interactive platform of the NB-IOT equipment calculates a platform key according to pre-stored unique identification information of the NB-IOT equipment and a preset encryption algorithm; with reference to the above example, the interactive platform of the NB-IOT device performs distributed computation of the platform key for the current NB-IOT device according to the shared master key and the preset distributed parameters (including the pre-stored unique identification information of the NB-IOT device), through a preset encryption algorithm (which may be referred to as a distributed algorithm herein).
The pre-stored unique identification information of the NB-IOT device may be included in the basic device information provided by the manufacturer of the NB-IOT device, which is pre-imported, that is, the manufacturer of the NB-IOT device provides the basic device information, such as the unique identification information, the ID number, the manufacturer identification information, and the product identification information, of the NB-IOT device to the interaction platform of the NB-IOT device for importing and pre-storing.
And step 1022, encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the device check value ciphertext with the platform check value ciphertext.
Specifically, the ciphertext information in this step includes an apparatus check value ciphertext, which is generated by encrypting complete plaintext information with an apparatus key; and the interaction platform of the NB-IOT equipment encrypts plaintext information by using the calculated platform key and judges whether the encrypted platform check value ciphertext is consistent with the equipment check value ciphertext included in the request.
In step 103, determining whether the verification of the ciphertext message is successful; if yes, go to step 104; if not, ending. Specifically, whether the encrypted platform check value ciphertext is consistent with the device check value ciphertext included in the request is judged, if so, the ciphertext information is successfully verified, and the platform key calculated by the interactive platform of the NB-IOT device is consistent with the device key; and if the encrypted platform check value ciphertext is inconsistent with the equipment check value ciphertext included in the request, judging that the verification of the ciphertext information fails, and refusing to respond to the request sent by the NB-IOT equipment.
In practical application, after the plaintext information is encrypted, a section of bytes in the encrypted plaintext information is taken as a check value ciphertext to reduce workload in the matching process, for example: the device check value ciphertext is the 8 th to 24 th bytes in the ciphertext obtained by encrypting complete plaintext information through the device key, the platform check value ciphertext is the 8 th to 24 th bytes in the ciphertext obtained by encrypting complete plaintext information through the platform key, and the device check value ciphertext is matched with the platform check value ciphertext.
In step 104, the request sent by the NB-IOT device is responded to. Specifically, the interaction platform of the NB-IOT equipment sends response information to the NB-IOT equipment according to the result of successful verification; the response message includes a response data cipher text, the response data cipher text is generated by encrypting the session key by the device key in the above step, and the session key is generated based on the device key agreement. That is to say, the interaction platform of the NB-IOT device recalculates the device key to generate a new session key, encrypts the generated session key according to the device key and encryption algorithms (not specifically limited) such as AES, DES, 3DES, TEA, and the like, encapsulates a response data ciphertext generated by encrypting the session key into response information, and sends the response information and feeds the response information back to the NB-IOT device. The NB-IOT equipment can decrypt the response data ciphertext according to the equipment key after receiving the response information sent by the interaction platform of the NB-IOT equipment to obtain the generated session key, so that when a request is sent to the interaction platform of the NB-IOT equipment for continuous interaction in the following process, the request can be encrypted by using the session key, namely, the equipment check value ciphertext and the request data ciphertext are generated according to the session key encryption, the continuous use of the equipment key for encryption is avoided, namely, the singleness of an encryption mechanism in the interaction process is avoided, and the safety and the reliability of data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
In addition, the interaction platform of the NB-IOT device can also implement interaction with a third-party platform, where the third-party platform can be understood as a platform that controls the NB-IOT device to perform service, and can be used to issue instructions to the NB-IOT device or subscribe to data update of the NB-IOT device. After the interactive platform of the NB-IOT device responds to the request sent by the NB-IOT device, generates a session key fed back to the NB-IOT device, and according to the unique identification information of the NB-IOT device, performs corresponding storage and update on the session key of the NB-IOT device and a verification result of ciphertext information (which may be here understood as successful verification), and pushes the session key and the verification result to a third-party platform, or only pushes the session key and the verification result to a third-party platform that subscribes the information of the NB-IOT device, so that the third-party platform can timely obtain a message that the NB-IOT device succeeds in verification, and further can perform control operations such as issuing instructions and the like on the NB-IOT device. It is understood that, in addition to storing and updating the unique identification information of the NB-IOT device, the session key and the verification result of the ciphertext information mentioned herein, storage and update may also be performed and pushed to the third-party platform for updating other information data of the NB-IOT device.
Compared with the prior art, the embodiment provides a way for the NB-IOT device to access the interactive platform of the NB-IOT device by sending a request carrying ciphertext information: the received request sent by the NB-IOT equipment comprises ciphertext information, the ciphertext information is obtained by encrypting according to the unique identification information of the NB-IOT equipment, and the unique identification information is unique and different for each NB-IOT equipment, so that the ciphertext information in the request can be used for accurately representing the identity of the NB-IOT equipment sending the request, and the existence of the ciphertext information ensures the safety and reliability in the interaction process; and provides a way to verify the identity of the NB-IOT device according to the unique identification information of the NB-IOT device during the interaction process: since the interaction platform of the NB-IOT device prestores the unique identification information of the NB-IOT device, this embodiment provides a way to verify ciphertext information, that is, the request also includes plaintext information, the ciphertext information includes a device check value ciphertext, the device check value ciphertext is generated by encrypting the plaintext information with a device key, and the device key is calculated according to the unique identification information of the NB-IOT device and a preset encryption algorithm; the method comprises the steps that platform keys are calculated according to unique identification information of NB-IOT equipment and a preset encryption algorithm, wherein the unique identification information of the NB-IOT equipment and the preset encryption algorithm are prestored in an interaction platform of the NB-IOT equipment; encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext; and if the platform key generated by the platform side is consistent with the equipment key, the equipment check value ciphertext is consistent with the platform check value ciphertext, and the NB-IOT equipment interaction successfully verifies the NB-IOT equipment. After the identity of the NB-IOT equipment is confirmed through ciphertext information, the NB-IOT equipment responds to a request of the NB-IOT equipment, namely response information is sent to the NB-IOT equipment, the response information comprises a response data ciphertext obtained by encrypting a session key based on unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can obtain the session key according to the response data ciphertext and send the request based on the session key; the session key is obtained by encrypting based on the unique identification information of the NB-IOT equipment; that is to say, the NB-IOT device can use the session key for subsequent interaction, rather than continue to use the device key for interaction, thereby avoiding the unicity of the encryption mechanism during the interaction process, and effectively improving the security and reliability when performing data interaction between the NB-IOT device and the NB-IOT platform. In addition, the interaction platform of the NB-IOT equipment can also realize interaction with a third-party platform, when the interaction platform of the NB-IOT equipment responds to a request sent by the NB-IOT equipment, corresponding storage and update are carried out on the equipment information of the NB-IOT equipment, and the equipment information is pushed to the third-party platform, so that the third-party platform can timely acquire the equipment information of the NB-IOT equipment, and further can carry out control operations such as command issuing and the like on the NB-IOT equipment.
The second embodiment of the invention relates to an interaction method of NB-IOT equipment, which is substantially the same as the first embodiment, and in the embodiment, a multiple verification mode for ciphertext information is provided, so that the safety and reliability of information interaction between interaction platforms of the NB-IOT equipment and the NB-IOT equipment are further ensured, and the interaction efficiency of the NB-IOT equipment is improved. The interaction method of the NB-IOT device in this embodiment is roughly shown in fig. 4, and the following describes the flow of fig. 4 specifically:
step 201, receiving a request sent by an NB-IOT device; this step is substantially the same as step 101, and is not described herein again.
And step 202, verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment.
Specifically, step 2022 includes steps 2021 to 2024, as shown in fig. 5:
step 2021, determine the timestamp is a valid timestamp.
Specifically, the request received by the interaction platform of the NB-IOT device further includes a timestamp, and the timestamp is used to characterize the transmission time of the request. The method comprises the steps of judging that the time stamp in the request is a legal time stamp before computing the platform key to verify the ciphertext information, and continuing to verify the ciphertext information, so that useless verification operation on the overtime ciphertext information is avoided, the workload generated in the interaction process is effectively controlled, and the interaction efficiency of the NB-IOT equipment is improved. In one example, it can be understood that the interaction platform of the NB-IOT device calculates a time difference value according to the time represented by the timestamp and the current communication time, and if the time difference value is smaller than a preset time threshold, it is determined that the timestamp is a valid timestamp, and the verification of the ciphertext information can be continued; if the time difference is greater than the preset time threshold, the timestamp is determined to be an illegal timestamp, that is, the received request of the NB-IOT device is determined to be an illegal request, and the received request can be directly discarded.
Step 2022, determine the plaintext information in the request is complete plaintext information.
Specifically, integrity check is carried out on plaintext information included in a request received by an interaction platform of the NB-IOT equipment, wherein the plaintext information includes a timestamp, a data header, a request type, unique identification information of the NB-IOT equipment and the like; in one example, the integrity of the plaintext information is checked, which may be understood as: firstly, checking whether each item of data included in plaintext information is complete, and if one item of data such as a timestamp, a data header, a request type and unique identification information of NB-IOT equipment is lacked, judging that the plaintext information is incomplete plaintext information; if all the data contained in the plaintext information are complete, checking whether all the data contained in the plaintext information are valid, for example, if the timestamp is empty or the request type is empty, judging that the timestamp is invalid or the request type is invalid, namely judging that the plaintext information is incomplete plaintext information; that is, the plaintext information in the request can be determined to be complete plaintext information only when the data in the plaintext information are complete and the data contents are valid. If the plaintext information is incomplete plaintext information, the received request of the NB-IOT device is judged to be an illegal request, and the received request can be directly discarded.
Step 2023, calculating a platform key according to the pre-stored unique identification information of the NB-IOT device and a preset encryption algorithm. This step is substantially the same as step 1021, and is not repeated here.
Step 2024, encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the device check value ciphertext with the platform check value ciphertext. This step is substantially the same as step 1022, and is not described herein again.
Step 2025, if the matching of the device check value ciphertext and the platform check value ciphertext is successful, decrypting the request data ciphertext according to the platform key to obtain a request data plaintext, and matching the request data plaintext with a part of plaintext information.
Specifically, the ciphertext information in this embodiment includes, in addition to the device check value ciphertext, the request data ciphertext, where the request data ciphertext is generated from plaintext information of a device key encryption portion of the NB-IOT device, and a portion of the plaintext information may be understood as a predetermined portion of information that is relatively sensitive in the plaintext information. For example, the device check value ciphertext is generated by encrypting the complete plaintext information a, and the plaintext information a includes the more sensitive partial information B, so the request data ciphertext is generated by encrypting the more sensitive partial information B. Also, the encryption algorithm of the key may be an encryption algorithm such as AES, DES, 3DES, TEA, etc., but is not particularly limited.
And after the equipment check value ciphertext and the platform check value ciphertext are successfully matched, decrypting the request data ciphertext by using the calculated platform key, and judging whether the decrypted request data plaintext is consistent with the pre-agreed plaintext information.
Step 203, judging whether the verification of the ciphertext information is successful; if yes, go to step 204; if not, ending;
specifically, when the device check value ciphertext and the platform check value ciphertext are successfully matched and the request data ciphertext and a portion of the plaintext information are successfully matched, it is determined that the ciphertext information is successfully verified. Namely, the embodiment provides a double verification mode, so that the safety and reliability of data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
Step 204, responding to the request sent by the NB-IOT device. This step is substantially the same as step 104, and is not described herein again.
The request in this embodiment may be understood as a data packet as shown in fig. 6, including a data header, a request type (or a response type), unique identification information of the NB-IOT device, a timestamp, a device check value ciphertext, and a request data ciphertext.
Compared with the prior art, the embodiment provides a multiple verification mode for the ciphertext information, namely before the platform key is calculated, the time stamp which is included in the request and used for representing the sending time of the request is judged to be a legal time stamp, and the plaintext information is judged to be complete plaintext information; that is to say, when the timestamp of the request is legal and the plaintext information is complete and valid, the ciphertext information is continuously verified, so that useless verification operation on overtime ciphertext information is avoided, the workload generated in the interaction process is effectively controlled, and the interaction efficiency of the NB-IOT equipment is improved. In addition, the ciphertext information also comprises a request data ciphertext; wherein the request data ciphertext is generated from the plaintext information in the device key encryption portion; after the matching device check value ciphertext and the platform check value ciphertext succeed, decrypting the request data ciphertext according to the platform key to obtain a request data plaintext, and matching the request data plaintext with the part of plaintext information; if the plaintext of the request data is matched with the plaintext information of the part successfully, the ciphertext information is judged to be verified successfully; that is to say, the requested ciphertext information comprises two ciphertexts, and when the two ciphertexts are successfully verified, the success of verification on the ciphertext information is judged, so that the safety and the reliability of data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
The third embodiment of the invention relates to an interaction method of NB-IOT equipment, which is substantially the same as the first embodiment and provides an interaction mode when the request is a subscription request. The flow of the interaction method of the NB-IOT device in this embodiment is roughly shown in fig. 7, and the following describes the flow of fig. 7 specifically:
step 301, receiving a request sent by an NB-IOT device;
specifically, in this embodiment, the request sent by the NB-IOT device is a subscription request, the plaintext information in the request further includes a subscription validity period of the NB-IOT device, and the subscription validity period may be understood as a time for limiting the NB-IOT device to receive the instruction, that is, after the subscription request of the NB-IOT device is successfully verified, a certain subscription validity period is maintained, and the instruction from, for example, a third-party platform is acceptable only within the subscription validity period. The rest of the description of this step is substantially the same as that of step 101, and is not repeated here.
Step 302, verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment; this step is substantially the same as step 102 and will not be described herein.
Step 303, judging whether the verification of the ciphertext information is successful; if yes, go to step 104; if not, ending; this step is substantially the same as step 103, and is not described herein again.
Step 304, responding to the request sent by the NB-IOT device.
Specifically, the interaction platform of the NB-IOT device performs corresponding storage and update on the subscription validity period of the NB-IOT device according to the unique identification information of the NB-IOT device, so as to judge whether to receive the instruction when receiving the instruction issued by the third-party platform in the following. The rest of the description of this step is substantially the same as step 104, and is not repeated here.
Step 305, when receiving an instruction to the NB-IOT device sent by the third-party platform, determining whether the NB-IOT device is online and whether the instruction sent by the third-party platform is within the subscription validity period of the NB-IOT device; if yes, go to step 306; if not, go to step 307.
Specifically, the interaction platform of the NB-IOT device may also implement interaction with a third-party platform, where the third-party platform may be understood as a platform that controls the NB-IOT device to perform service, and may be used to issue instructions to the NB-IOT device or subscribe to data update of the NB-IOT device. When an interactive platform of the NB-IOT equipment receives an instruction issued by a third-party platform to the NB-IOT equipment, whether the NB-IOT equipment is on line or not and whether the instruction sent by the third-party platform is within the stored subscription validity period of the NB-IOT equipment or not are judged. It can be understood that the interaction platform of the NB-IOT device can know the currently accessed NB-IOT device, and therefore can directly determine whether the NB-IOT device targeted by the third-party platform is online; when the NB-IOT equipment is online, comparing the time of receiving the instruction with the stored subscription validity period of the NB-IOT equipment, if the time of receiving the instruction is within the subscription validity period, judging that the received instruction is valid, and responding to the instruction sent to the NB-IOT equipment; if the time of the received instruction is not within the subscription validity period, the instruction may be stored as an offline instruction, but not sent to the NB-IOT device. In one example, the NB-IOT device is known to be online and the subscription validity period is 8 pm-10 pm, and the time of receiving the third party instruction is 9 pm, then the received instruction is determined to be valid, and step 306 is performed.
Step 306, storing the instruction as an online instruction corresponding to the NB-IOT device, and sending the online instruction to the NB-IOT device.
Specifically, the interaction platform of the NB-IOT device stores the received instruction as an online instruction and sends the online instruction to the NB-IOT device, so that the NB-IOT device provides service according to the online instruction of the third-party platform.
Step 307, store the instruction as an offline instruction corresponding to the NB-IOT device.
Specifically, when an instruction sent by a third-party platform to an NB-IOT device is received, if the NB-IOT device is judged not to be online and the instruction sent by the third-party platform is not within the subscription validity period of the NB-IOT device, the instruction is stored as an offline instruction corresponding to the NB-IOT device; it will be appreciated that when storing instructions as offline instructions, the NB-IOT device may be in one of several states:
(1) the NB-IOT device is in an offline state; (2) the NB-IOT device is online but does not initiate a subscription request; (3) the NB-IOT device is online and initiates a subscription request, but the subscription lifetime of the NB-IOT device has timed out.
Specifically, when the NB-IOT device is in an online state, the NB-IOT device may send a request for obtaining an offline instruction to an interaction platform of the NB-IOT device; if the interaction platform of the NB-IOT device stores the offline instruction stored when the NB-IOT device is in the above states, the interaction platform of the NB-IOT device may send the stored offline instruction to the NB-IOT device. It can be understood that a certain validity period may also be set for the offline instruction according to actual application, where the validity period of the offline instruction is used to limit the time that the offline instruction is stored in the interaction platform of the NB-IOT device, that is, to limit the timeliness of the offline instruction; and when the validity period of the offline instruction is overtime, deleting the offline instruction from the interaction platform of the NB-IOT equipment so as to prevent the NB-IOT equipment from acquiring the overtime offline instruction.
Compared with the prior art, the embodiment provides an interactive mode when the request is a subscription request, the interactive platform of the NB-IOT equipment interacts with a third-party platform besides interacting with the NB-IOT equipment, and if an instruction for the NB-IOT equipment is received from the third-party platform, the NB-IOT equipment is online, the subscription request is sent, and the received instruction is within the subscription validity period, the received instruction is sent to the NB-IOT equipment as an online instruction, so that the characteristic of low power consumption of the NB-IOT equipment is conformed.
A fourth embodiment of the present invention relates to an interaction platform of an NB-IOT device, as shown in fig. 8, including: a device interaction module 401 and a data storage module 402.
The device interaction module 401 is configured to receive a request sent by an NB-IOT device; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment;
the device interaction module 401 is further configured to verify the ciphertext information based on the pre-stored unique identification information of the NB-IOT device;
the device interaction module 401 is further configured to respond to the request sent by the NB-IOT device when the authentication is successful;
wherein, the unique identification information of the NB-IOT device is pre-stored in the data storage module 402.
In one example, the request further includes plaintext information, the ciphertext information includes an equipment check value ciphertext, the equipment check value ciphertext is generated by encrypting the plaintext information by an equipment key, and the equipment key is obtained by calculation according to the unique identification information of the NB-IOT equipment and a preset encryption algorithm; the device interaction module 401 verifies the ciphertext information based on the pre-stored unique identification information of the NB-IOT device, including: calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm; encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext; and if the equipment check value ciphertext and the platform check value ciphertext are matched successfully, judging that the ciphertext information is verified successfully.
In one example, the ciphertext information further comprises a request data ciphertext; wherein the request data ciphertext is generated from the plaintext information in the device key encryption portion; after the device interaction module 401 successfully matches the device check value ciphertext with the platform check value ciphertext, the device interaction module 401 is further configured to decrypt the request data ciphertext according to the platform key, obtain a request data plaintext, and match the request data plaintext with the part of the plaintext information; and if the plaintext of the request data is matched with the plaintext information of the part successfully, judging that the ciphertext information is verified successfully.
In one example, the request further includes a timestamp characterizing a transmission time of the request; before the device interaction module 401 computes the platform key, the device interaction module 401 is further configured to: and judging that the time stamp is a legal time stamp, and judging that the plaintext information in the request is complete plaintext information.
In one example, the device interaction module 401 responds to the request sent by the NB-IOT device, including: sending response information to the NB-IOT device; the response information comprises a response data ciphertext obtained by encrypting a session key based on the unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can obtain the session key according to the response data ciphertext and send a request based on the session key; the session key is obtained by the device interaction module 401 through encryption based on the unique identification information of the NB-IOT device.
In one example, further comprises a device management module 403 and a data transmission module 404; the device management and control module 403 is configured to store the session key and the verification result of the ciphertext information to the data storage module 402 according to the unique identification information of the NB-IOT device, and push the unique identification information of the NB-IOT device, the session key, and the verification result of the ciphertext information to a third-party platform through the data transmission module 404.
In one example, when the request is a subscription request, the subscription request further includes a subscription validity period of the NB-IOT device; the device interaction module 401 responds to the request sent by the NB-IOT device, including: storing the subscription validity period of the NB-IOT device to the data storage module 402; the platform further includes a device management and control module 403 and a data transmission module 404, where the device management and control module 403 is configured to, when receiving, through the data transmission module 404, an instruction for the NB-IOT device sent by a third-party platform, determine whether the NB-IOT device is online and whether the instruction sent by the third-party platform is within the subscription validity period of the NB-IOT device; if yes, storing the instruction as an online instruction corresponding to the NB-IOT device to the data storage module 402, and sending the online instruction to the device interaction module 401, so that the device interaction module 401 sends the online instruction to the NB-IOT device; if not, the instruction is stored to the data storage module 402 as an offline instruction corresponding to the NB-IOT device.
The following describes the interaction platform of the NB-IOT device and the modules constituting the platform, and it should be noted that the following is only an example provided for facilitating understanding, and does not limit the interaction platform of the NB-IOT device.
As shown in fig. 8, the device interaction module 401 is responsible for interacting directly with the NB-IOT device, and the NB-IOT device interacts with the device interaction module 401 based on the CoAP protocol in an API, SDK, or module manner.
The device management and control module 403 is responsible for interacting with the device interaction module 401 and the data transmission module 404, and controlling the data storage module 402 to store and update the relevant information of the device. After the device interaction module 401 sends the uplink data (specifically, device registration data, device login data, device state parameter reporting data, device subscription data, device offline instruction data, device offline data, device logout data, and the like) to the device management and control module 403, the device management and control module 403 is responsible for analyzing the uplink data, notifying the data storage module 402 to update the device related information, and then notifying the data transmission module 404 to push the device information to the third party platform. After the data transmission module 404 sends the downlink data (specifically including the instruction from the third-party platform) to the device management and control module 403, the device management and control module 403 notifies the data storage module 402 to store the instruction information according to the online state and the subscription state of the device. If the equipment is in an offline state or not in the subscription validity period, storing the instruction as an offline instruction of the equipment; if the device is in an online state and within the subscription validity period, the instruction is stored as an online instruction, and according to the uplink data (the device acquires offline instruction data, the device subscription data, and the like) from the device interaction module 401, the corresponding instruction is acquired from the data storage module 402 and sent to the device interaction module 401.
The data storage module 402 is responsible for storing device information, and specifically includes basic information storage of the device, including session keys, device registration status, device online status, device status parameters, device subscription validity period, offline instruction validity period, offline instructions, online instructions, and the like. In this embodiment, the data storage module 402 may directly interact with the device interaction module 401, or may interact with the device interaction module 401 through the device management and control module 403.
The data transmission module 404 is responsible for interacting with the device management and control module 403 and the third party platform, and is mainly used for pushing the device information (i.e., the device information stored by the data storage module 402, such as the device registration state, the device online state, the device state parameters, and the like) from the device management and control module 403 and subscribed by the third party platform to the third party platform, and sending the instruction from the third party platform to the device management and control module 403 for instruction function processing.
The following description is given by taking an example of a process of interacting between an actual NB-IOT device and an interaction platform of the NB-IOT device, which is provided in this embodiment, and it should be noted that the following description is only an example provided for convenience of understanding, and the process, the sequence, and the like of interacting between an actual NB-IOT device and an interaction platform of an NB-IOT device are not limited.
Fig. 9 is a schematic diagram illustrating an interaction flow of an interaction platform between an NB-IOT device and an NB-IOT device, which is specifically as follows:
(1) the manufacturer of the NB-IOT equipment provides basic equipment information such as unique identification information, ID (identity) numbers, manufacturer identification information, product identification information and the like of the NB-IOT equipment for an interactive platform of the NB-IOT equipment to be imported and prestored;
(2) the interaction platform of the NB-IOT equipment pre-imports basic information of the equipment provided by the manufacturer of the NB-IOT equipment.
(3) The manufacturer of the NB-IOT device agrees with the interaction platform of the NB-IOT device for a shared master key, and presets a dispersion parameter for each NB-IOT device accessing the interaction platform of the NB-IOT device, where the dispersion parameter includes unique identification information of the NB-IOT device, and also includes other kinds of identification information for characterizing the identity of the NB-IOT device, such as an international mobile equipment identification code (IMEI number, i.e., serial number) used by the NB-IOT device, a hash value of an integrated circuit card identification code (ICCID, i.e., unique identification number of an IC card) of the NB-IOT device, and so on. Then, according to the shared master key and preset distributed parameters (including the unique identification information of each NB-IOT device), calculating a corresponding and unique device key for each NB-IOT device in a distributed manner through a preset encryption algorithm (which may be referred to as a distributed algorithm herein);
(4) an NB-IOT equipment manufacturer burns a device key corresponding to each NB-IOT equipment into the NB-IOT equipment;
(5) the NB-IOT equipment packages the information included in the request according to the CoAP protocol;
(6) the NB-IOT equipment sends the packaged request to an interactive platform of the NB-IOT equipment;
(7) unpacking and verifying the request of the package by an interactive platform of the NB-IOT equipment;
(8) if the verification of the interaction platform of the NB-IOT equipment fails, notifying the NB-IOT equipment of failed response, and ending the process; if the verification of the interaction platform of the NB-IOT equipment is successful, data processing corresponding to the request is carried out;
(9) after the interactive platform of the NB-IOT equipment completes the processing of the requested data, the interactive platform of the NB-IOT equipment packages the response information;
(10) and the interaction platform of the NB-IOT equipment sends the response information to the NB-IOT equipment.
Fig. 10 is a schematic flowchart illustrating a process of registering an NB-IOT device on an interaction platform of the NB-IOT device, which is specifically as follows:
(1) an NB-IOT device manufacturer provides basic device information of an NB-IOT device to an interaction platform of the NB-IOT device, and the device management and control module 403 imports and stores the basic device information to the data storage module 402;
(2) the third party platform may send the device registration information subscription request to the device management and control module 403 through the data transmission module 404 if there is a need;
(3) the NB-IOT equipment packages the information included in the registration request according to the CoAP protocol;
(4) the NB-IOT equipment sends the packaged registration request to the equipment interaction module 401;
(5) the device interaction module 401 unpacks and verifies the registration request of the packet;
(6) if the verification of the device interaction module 401 fails, responding to the NB-IOT device registration failure, and ending the process; if the device interaction module 401 successfully verifies, the device interaction module 401 generates a session key;
(7) the device interaction module 401 sends device registration interaction information to the device management and control module 403, where the device registration interaction information at least includes unique identification information of the NB-IOT device, a session key, and a verification result of the registration request;
(8) the device management and control module 403 updates and stores the registration state and the session key of the NB-IOT device to the data storage module 402 according to the unique identification information of the NB-IOT device;
(9) if the third-party platform subscribes to the registration information of the NB-IOT device, the device management and control module 403 pushes the device registration information to the third-party platform through the data transmission module 404;
(10) the device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(11) the device interaction module 401 packages the registration response information of the NB-IOT device, where the packaged registration response information includes a response data cipher text generated by encrypting the session key with the device key;
(12) the device interaction module 401 sends the registration response information of the packet to the NB-IOT device;
(13) and the NB-IOT equipment unpacks the registration response information of the packet and acquires the generated session key.
Fig. 11 is a schematic flowchart illustrating a login process of an NB-IOT device on an interaction platform of the NB-IOT device, which is specifically as follows:
(1) the third party platform may send the device login information subscription request to the device management and control module 403 through the data transmission module 404 if there is a need;
(2) the NB-IOT equipment packages the information included in the login request according to the CoAP protocol;
(3) the NB-IOT equipment sends the packaged login request to the equipment interaction module 401;
(4) the equipment interaction module 401 unpacks and verifies the login request of the package;
(5) if the verification of the device interaction module 401 fails, responding to the login failure of the NB-IOT device, and ending the process; if the device interaction module 401 successfully verifies, the device interaction module 401 sends device login interaction information to the device management and control module 403, where the device login interaction information at least includes unique identification information of the NB-IOT device and a verification result of the login request;
(6) the device management and control module 403 updates and stores the online status of the NB-IOT device to the data storage module 402 according to the unique identification information of the NB-IOT device;
(7) if the third party platform subscribes to the login information of the NB-IOT device, the device management and control module 403 pushes the device login information of the NB-IOT device to the third party platform through the data transmission module 404;
(8) the device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(9) the device interaction module 401 packages the login response information of the NB-IOT device;
(10) the device interaction module 401 sends the wrapped login response message to the NB-IOT device.
Fig. 12 is a schematic flowchart illustrating a process in which an NB-IOT device receives an online instruction, where the online instruction function is to initiate a subscription request to an interactive platform of the NB-IOT device when the NB-IOT device is successfully logged in to be in an online state, and notify the interactive platform that real-time interaction of an instruction can be performed at this time; after the NB-IOT equipment is successfully subscribed, a certain subscription validity period is maintained, and when the NB-IOT equipment is in an online state and is within the subscription validity period, an online instruction issued from a third-party platform can be accepted, so that the characteristic of low power consumption of the NB-IOT equipment is conformed. The flow diagram shown in fig. 10 is specifically as follows:
(1) the third party platform may send a subscription request for the device instruction execution result to the device management and control module 403 through the data transmission module 404 if there is a need;
(2) the NB-IOT equipment is successfully logged in and is in an online state;
(3) the NB-IOT equipment packages the information included in the subscription request according to the CoAP protocol;
(4) the NB-IOT device sends the packaged subscription request to the device interaction module 401;
(5) the device interaction module 401 unpacks and verifies the subscription request of the package;
(6) if the verification of the device interaction module 401 fails, responding to the subscription failure of the NB-IOT device, and ending the process; if the device interaction module 401 successfully verifies, the device interaction module 401 sends subscription interaction information of the device to the device management and control module 403, where the subscription interaction information of the device at least includes unique identification information of the NB-IOT device, a subscription validity period of the NB-IOT device, time of initiating a subscription request, and a verification result of the subscription request;
(7) the device management and control module 403 updates and stores the subscription validity period and the time for initiating the subscription request of the NB-IOT device to the data storage module 402 according to the unique identification information of the NB-IOT device;
(8) the third party platform issues an instruction for the NB-IOT device to the device management and control module 403 through the data transmission module 404;
(9) the device management and control module 403 determines whether the received instruction is in the subscription validity period of the NB-IOT device according to the time when the instruction is received and the stored subscription validity period of the NB-IOT device;
(10) if the instruction is within the subscription validity period of the NB-IOT device, the device management and control module 403 stores the instruction as an online instruction to the data storage module 402; if the instruction is not within the subscription validity period of the NB-IOT device, the device management and control module 403 stores the instruction as an offline instruction to the data storage module 402;
(11) if the instruction is within the subscription validity period of the NB-IOT device, the device management and control module 403 sends the online instruction to the device interaction module 401;
(12) the device interaction module 401 packages subscription response information of the NB-IOT device, where the subscription response information includes an online instruction;
(13) the device interaction module 401 sends the packaged subscription response information to the NB-IOT device;
(14) the NB-IOT equipment receives the subscription response information of the package, executes the online instruction and packages the device instruction execution result receipt request;
(15) the NB-IOT equipment sends the packaged equipment instruction execution result receipt request to the equipment interaction module 401;
(16) the device interaction module 401 unpacks and verifies the device instruction execution result receipt request of the packet;
(17) the device interaction module 401 sends the device instruction execution result to the device management and control module 403;
(18) the device management and control module 403 updates and stores the device instruction execution result to the data storage module 402 according to the unique identification information of the NB-IOT device;
(19) if the third-party platform subscribes to the device instruction execution result of the NB-IOT device, the device management and control module 403 pushes the device instruction execution result of the NB-IOT device to the third-party platform through the data transmission module 404;
(20) the device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(21) the device interaction module 401 packages response information of device instruction execution result receipt of the NB-IOT device;
(22) the device interaction module 401 sends the wrapped device instruction execution result response message to the NB-IOT device.
FIG. 13 is a flow diagram illustrating the NB-IOT device receiving an offline command that functions to indicate that the NB-IOT is in: (1) an offline state; (2) online but not initiating a subscription request; (3) the third-party platform is online, initiates a subscription request, and does not issue an instruction within the subscription validity period; and when the situation is met, the interaction platform of the NB-IOT equipment sends an offline instruction issued by the third-party interaction platform to the NB-IOT equipment. The offline instruction also has a certain validity period, and the validity period of the offline instruction can be freely set according to the specific application service scene of the NB-IOT equipment; if the validity period of the offline command is over, the device management and control module 403 deletes the over-timed offline command from the data storage module 402. The flow diagram shown in fig. 11 is specifically as follows:
(1) the third party platform may send, to the device management and control module 403 through the data transmission module 404, the instruction issued to the NB-IOT device and the subscription request for the device instruction execution result, if necessary;
(2) the device management and control module 403 queries the online state and subscription validity period of the NB-IOT device according to the unique identification information of the NB-IOT device included in the instruction;
(3) when the NB-IOT device is queried to be in: (1) an offline state; (2) online but not initiating a subscription request; (3) the third-party platform is online, initiates a subscription request, and does not issue an instruction within the subscription validity period; when the situation is met, the instruction is stored to the data storage module 402 as an offline instruction;
(4) the NB-IOT equipment is successfully logged in and is in an online state;
(5) the NB-IOT equipment packages the information included in the acquired offline request according to the CoAP protocol;
(6) the NB-IOT equipment sends the packaged offline acquisition request to the equipment interaction module 401;
(7) the device interaction module 401 unpacks and verifies the offline request for obtaining the package;
(8) if the verification fails, the device interaction module 401 responds to the NB-IOT device that offline failure is obtained, and ends the process; if the device interaction module 401 successfully verifies, the device interaction module 401 sends the acquired offline interaction information of the device to the device management and control module 403, where the acquired offline interaction information of the device at least includes unique identification information of the NB-IOT device, time for initiating an offline request acquisition, and a verification result of the acquired offline request;
(9) the device management and control module 403 acquires the offline instruction within the validity period from the data storage module 402 according to the acquired offline interaction information;
(10) the device management and control module 403 sends the offline instruction to the device interaction module 401;
(11) the device interaction module 401 packages the offline instruction acquisition response information of the NB-IOT device, where the offline instruction acquisition response information includes an offline instruction;
(12) the device interaction module 401 sends the response information of the packet to the NB-IOT device to obtain the offline command;
(13) the NB-IOT equipment receives the response information of the packaged offline instruction, executes the online instruction and packages the return request of the equipment instruction execution result;
(14) the NB-IOT equipment sends the packaged equipment instruction execution result receipt request to the equipment interaction module 401;
(15) the device interaction module 401 unpacks and verifies the device instruction execution result receipt request of the packet;
(16) the device interaction module 401 sends the device instruction execution result to the device management and control module 403;
(17) the device management and control module 403 updates and stores the device instruction execution result to the data storage module 402 according to the unique identification information of the NB-IOT device;
(18) if the third-party platform subscribes to the device instruction execution result of the NB-IOT device, the device management and control module 403 pushes the device instruction execution result of the NB-IOT device to the third-party platform through the data transmission module 404;
(19) the device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(20) the device interaction module 401 packages response information of device instruction execution result receipt of the NB-IOT device;
(21) the device interaction module 401 sends the wrapped device instruction execution result response message to the NB-IOT device.
The above example is provided only for facilitating understanding of the interaction flow between the NB-IOT device and the NB-IOT device, and specifically includes implementation flows of functions such as registration, login, status parameter reporting, online instruction interaction, offline instruction interaction, and the like of the NB-IOT device, which meet the low power consumption characteristics of the NB-IOT device, but does not limit the interaction flow and sequence between the NB-IOT device and the NB-IOT device.
It should be understood that this embodiment is an example of a device corresponding to the first embodiment, the second embodiment, or the third embodiment, and this embodiment may be implemented in cooperation with the first embodiment, the second embodiment, or the third embodiment, and details of the related technologies mentioned in the first embodiment, the second embodiment, or the third embodiment are still valid in this embodiment, and are not described herein again in order to reduce repetition. Accordingly, the related-art details mentioned in the present embodiment can also be applied to the first embodiment, the second embodiment, or the third embodiment.
It should be noted that each module referred to in this embodiment is a logical module, and in practical applications, one logical unit may be one physical unit, may be a part of one physical unit, and may be implemented by a combination of multiple physical units. In addition, in order to highlight the innovative part of the present invention, elements that are not so closely related to solving the technical problems proposed by the present invention are not introduced in the present embodiment, but this does not indicate that other elements are not present in the present embodiment.
A fifth embodiment of the present invention relates to a server, as shown in fig. 14, including: at least one processor 501; and a memory 502 communicatively coupled to the at least one processor 501; the memory 502 stores instructions executable by the at least one processor 501, and the instructions are executable by the at least one processor 501 to enable the at least one processor 501 to perform the above-mentioned NB-IOT device interaction method.
Where the memory 502 and the processor 501 are coupled in a bus, the bus may comprise any number of interconnected buses and bridges that couple one or more of the processors to various circuits of the memory 502. The bus may also connect various other circuits such as peripherals, voltage regulators, power management circuits, and the like, which are well known in the art, and therefore, will not be described any further herein. A bus interface provides an interface between the bus and the transceiver. The transceiver may be one element or a plurality of elements, such as a plurality of receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. The data processed by the processor 501 is transmitted over a wireless medium through an antenna, which further receives the data and transmits the data to the processor 501.
The processor 501 is responsible for managing the bus and general processing and may also provide various functions including timing, peripheral interfaces, voltage regulation, power management, and other control functions. And memory 502 may be used to store data used by processor 501 in performing operations.
A sixth embodiment of the present invention relates to a computer-readable storage medium storing a computer program. The computer program, when executed by the processor, implements the above-described interaction method embodiments of the NB-IOT device.
That is, as can be understood by those skilled in the art, all or part of the steps in the method according to the above embodiments may be implemented by a program instructing related hardware, where the program is stored in a storage medium and includes several instructions to enable a device (which may be a single chip, a chip, or the like) or a processor (processor) to execute all or part of the steps in the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It will be understood by those of ordinary skill in the art that the foregoing embodiments are specific examples for carrying out the invention, and that various changes in form and details may be made therein without departing from the spirit and scope of the invention in practice.

Claims (16)

1. An interaction method of an NB-IOT device, comprising:
receiving a request sent by NB-IOT equipment; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment;
verifying the ciphertext information based on the prestored unique identification information of the NB-IOT equipment;
and if the verification is successful, responding to the request sent by the NB-IOT equipment.
2. The interaction method of the NB-IOT device according to claim 1, wherein the request further includes plaintext information, the ciphertext information includes a device check value ciphertext, the device check value ciphertext is generated by encrypting the plaintext information with a device key, and the device key is calculated according to unique identification information of the NB-IOT device and a preset encryption algorithm;
the verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT device comprises:
calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm;
encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext;
and if the equipment check value ciphertext and the platform check value ciphertext are matched successfully, judging that the ciphertext information is verified successfully.
3. The NB-IOT device interaction method of claim 2, wherein the ciphertext information further comprises a request data ciphertext; wherein the request data ciphertext is generated from the plaintext information in the device key encryption portion;
after the matching of the equipment check value ciphertext and the platform check value ciphertext is successful, decrypting the request data ciphertext according to the platform key to obtain a request data plaintext, and matching the request data plaintext with the part of plaintext information;
and if the plaintext of the request data is matched with the plaintext information of the part successfully, judging that the ciphertext information is verified successfully.
4. The NB-IOT device interaction method of claim 2 or claim 3, wherein the request further includes a timestamp characterising the time of transmission of the request;
before the computing platform key, the method further comprises: and judging that the time stamp is a legal time stamp, and judging that the plaintext information in the request is complete plaintext information.
5. The NB-IOT device interaction method of claim 1, wherein the responding to the request sent by the NB-IOT device comprises:
sending response information to the NB-IOT device; the response information comprises a response data ciphertext obtained by encrypting a session key based on the unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can obtain the session key according to the response data ciphertext and send a request based on the session key;
the session key is obtained by encryption based on the unique identification information of the NB-IOT device.
6. The NB-IOT interaction method of claim 5, further comprising:
and storing the session key and the verification result of the ciphertext information according to the unique identification information of the NB-IOT equipment, and pushing the session key and the verification result of the ciphertext information to a third-party platform.
7. The NB-IOT device interaction method according to claim 1, wherein when the request is a subscription request, the subscription request further includes a subscription validity period of the NB-IOT device; the responding to the request sent by the NB-IOT device comprises:
storing the subscription validity period of the NB-IOT equipment;
the method further comprises the following steps:
when an instruction sent by a third-party platform to the NB-IOT equipment is received, whether the NB-IOT equipment is online or not and whether the instruction sent by the third-party platform is within the subscription validity period of the NB-IOT equipment or not are judged;
if yes, storing the instruction as an online instruction corresponding to the NB-IOT equipment, and sending the online instruction to the NB-IOT equipment;
and if not, storing the instruction as an offline instruction corresponding to the NB-IOT equipment.
8. An interaction platform for an NB-IOT device, comprising: the device comprises a device interaction module and a data storage module;
the device interaction module is used for receiving a request sent by NB-IOT equipment; wherein the request comprises ciphertext information obtained by encrypting based on the unique identification information of the NB-IOT equipment;
the equipment interaction module is further used for verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment;
the device interaction module is further configured to respond to a request sent by the NB-IOT device when the authentication is successful;
wherein the unique identification information of the NB-IOT device is pre-stored in the data storage module.
9. The interaction platform of the NB-IOT device according to claim 8, wherein the request further includes plaintext information, the ciphertext information includes a device check value ciphertext, the device check value ciphertext is generated by encrypting the plaintext information with a device key, and the device key is calculated according to unique identification information of the NB-IOT device and a preset encryption algorithm;
the device interaction module verifies the ciphertext information based on the pre-stored unique identification information of the NB-IOT device, and the verification comprises the following steps:
calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm;
encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext;
and if the equipment check value ciphertext and the platform check value ciphertext are matched successfully, judging that the ciphertext information is verified successfully.
10. The interactive platform of the NB-IOT device of claim 9, wherein the ciphertext information further comprises a request data ciphertext; wherein the request data ciphertext is generated from the plaintext information in the device key encryption portion;
after the device interaction module successfully matches the device check value ciphertext with the platform check value ciphertext, the device interaction module is further configured to decrypt the request data ciphertext according to the platform key to obtain a request data plaintext, and match the request data plaintext with the part of the plaintext information;
and if the plaintext of the request data is matched with the plaintext information of the part successfully, judging that the ciphertext information is verified successfully.
11. The interaction platform of the NB-IOT device of claim 9 or claim 10, wherein the request further includes a timestamp characterizing a time of transmission of the request;
before the device interaction module computes the platform key, the device interaction module is further configured to: and judging that the time stamp is a legal time stamp, and judging that the plaintext information in the request is complete plaintext information.
12. The interaction platform of the NB-IOT device of claim 8, wherein the device interaction module, in response to the request sent by the NB-IOT device, comprises:
sending response information to the NB-IOT device; the response information comprises a response data ciphertext obtained by encrypting a session key based on the unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can obtain the session key according to the response data ciphertext and send a request based on the session key;
the session key is obtained by encrypting the device interaction module based on the unique identification information of the NB-IOT device.
13. The interaction platform of the NB-IOT device of claim 12, further comprising a device management module and a data transmission module; the device management and control module is used for storing the session key and the verification result of the ciphertext information to the data storage module according to the unique identification information of the NB-IOT device, and pushing the unique identification information of the NB-IOT device, the session key and the verification result of the ciphertext information to a third-party platform through the data transmission module.
14. The interactive platform of the NB-IOT device of claim 8, wherein when the request is a subscription request, the subscription request further includes a subscription validity period of the NB-IOT device; the device interaction module responds to the request sent by the NB-IOT device, and comprises the following steps:
storing the subscription validity period of the NB-IOT device to the data storage module;
the platform further comprises an equipment management and control module and a data transmission module, wherein the equipment management and control module is used for judging whether the NB-IOT equipment is online or not and whether an instruction sent by a third-party platform is within the subscription validity period of the NB-IOT equipment or not when the instruction sent by the third-party platform to the NB-IOT equipment is received by the data transmission module;
if so, storing the instruction as an online instruction corresponding to the NB-IOT equipment to the data storage module, and sending the online instruction to the equipment interaction module for the equipment interaction module to send the online instruction to the NB-IOT equipment;
and if not, storing the instruction as an offline instruction corresponding to the NB-IOT equipment to the data storage module.
15. A server, comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the NB-IOT device interaction method of any of claims 1-7.
16. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the NB-IOT device interaction method of any of claims 1-7.
CN201910763598.2A 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment Active CN110650477B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910763598.2A CN110650477B (en) 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910763598.2A CN110650477B (en) 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment

Publications (2)

Publication Number Publication Date
CN110650477A true CN110650477A (en) 2020-01-03
CN110650477B CN110650477B (en) 2023-07-11

Family

ID=68990133

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910763598.2A Active CN110650477B (en) 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment

Country Status (1)

Country Link
CN (1) CN110650477B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113613190A (en) * 2021-06-22 2021-11-05 国网思极网安科技(北京)有限公司 Terminal security access unit, system and method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850209A (en) * 2017-02-28 2017-06-13 苏州福瑞思信息科技有限公司 A kind of identity identifying method and device
CN108540287A (en) * 2018-07-16 2018-09-14 铂讯(北京)科技有限公司 Internet of Things safety management encryption method
CN108768924A (en) * 2018-04-02 2018-11-06 广州广电运通金融电子股份有限公司 Cash processing terminal safety certifying method, device and cash processing terminal
CN108989309A (en) * 2018-07-16 2018-12-11 苏州大学张家港工业技术研究院 Encryption communication method and its encrypted communication device based on narrowband Internet of Things
CN109041052A (en) * 2018-07-02 2018-12-18 北京市燃气集团有限责任公司 A kind of safety communicating method and system based on marking algorithm

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850209A (en) * 2017-02-28 2017-06-13 苏州福瑞思信息科技有限公司 A kind of identity identifying method and device
CN108768924A (en) * 2018-04-02 2018-11-06 广州广电运通金融电子股份有限公司 Cash processing terminal safety certifying method, device and cash processing terminal
CN109041052A (en) * 2018-07-02 2018-12-18 北京市燃气集团有限责任公司 A kind of safety communicating method and system based on marking algorithm
CN108540287A (en) * 2018-07-16 2018-09-14 铂讯(北京)科技有限公司 Internet of Things safety management encryption method
CN108989309A (en) * 2018-07-16 2018-12-11 苏州大学张家港工业技术研究院 Encryption communication method and its encrypted communication device based on narrowband Internet of Things

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113613190A (en) * 2021-06-22 2021-11-05 国网思极网安科技(北京)有限公司 Terminal security access unit, system and method

Also Published As

Publication number Publication date
CN110650477B (en) 2023-07-11

Similar Documents

Publication Publication Date Title
KR102558361B1 (en) Techniques for managing profiles in communication systems
US12022010B2 (en) Reduced bandwidth handshake communication
EP2590356B1 (en) Method, device and system for authenticating gateway, node and server
CN111783068B (en) Device authentication method, system, electronic device and storage medium
CN111355684B (en) Internet of things data transmission method, device and system, electronic equipment and medium
CN110708164B (en) Control method and device for Internet of things equipment, storage medium and electronic device
US11303453B2 (en) Method for securing communication without management of states
CN112672342B (en) Data transmission method, device, equipment, system and storage medium
CN109729000B (en) Instant messaging method and device
CN102026179B (en) Method for initializing, registering and authenticating industry application mobile terminal, and communication system
CN107223328A (en) A kind of method and system of Root authority management and control
CN110798432A (en) Security authentication method, device and system and mobile terminal
KR20100044199A (en) Network and method for initializing a trust center link key
CN108881153B (en) Authentication method for login
CN113115309B (en) Data processing method and device for Internet of vehicles, storage medium and electronic equipment
CN103024599B (en) Set top box communication method, device and system
CN111371734A (en) Identity verification and upgrade method, medium, cloud platform, equipment and upgrade server
CN113613227A (en) Data transmission method and device of Bluetooth equipment, storage medium and electronic device
CN110650477A (en) Interaction method, platform, server and storage medium of NB-IOT (NB-IOT) equipment
KR20190040443A (en) Apparatus and method for creating secure session of smart meter
CN110708311A (en) Download permission authorization method and device and server
CN106789076B (en) Interaction method and device for server and intelligent equipment
CN111523128B (en) Information protection method, system, electronic equipment and medium
CN114501591A (en) Intelligent equipment network access method and device and computer readable storage medium
CN101287218A (en) Method, device and system for modifying confidential data in terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant