CN110650477B - Interaction method, platform, server and storage medium of NB-IOT equipment - Google Patents

Interaction method, platform, server and storage medium of NB-IOT equipment Download PDF

Info

Publication number
CN110650477B
CN110650477B CN201910763598.2A CN201910763598A CN110650477B CN 110650477 B CN110650477 B CN 110650477B CN 201910763598 A CN201910763598 A CN 201910763598A CN 110650477 B CN110650477 B CN 110650477B
Authority
CN
China
Prior art keywords
iot
equipment
information
ciphertext
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910763598.2A
Other languages
Chinese (zh)
Other versions
CN110650477A (en
Inventor
杨烨
李波
陆柯峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Hangzhou Information Technology Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Hangzhou Information Technology Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201910763598.2A priority Critical patent/CN110650477B/en
Publication of CN110650477A publication Critical patent/CN110650477A/en
Application granted granted Critical
Publication of CN110650477B publication Critical patent/CN110650477B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/61Time-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention relates to the technical field of communication, in particular to an interaction method, a platform, a server and a storage medium of NB-IOT equipment. The interaction method of the NB-IOT equipment comprises the following steps: receiving a request sent by NB-IOT equipment; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on pre-stored unique identification information of the NB-IOT equipment; and if the verification is successful, responding to the request sent by the NB-IOT equipment. By adopting the embodiment of the invention, the NB-IOT equipment and the NB-IOT equipment interaction platform can carry out access interaction, and the security and reliability of information encryption in the interaction process are ensured.

Description

Interaction method, platform, server and storage medium of NB-IOT equipment
Technical Field
The embodiment of the invention relates to the technical field of communication, in particular to an interaction method, a platform, a server and a storage medium of NB-IOT equipment.
Background
The narrowband internet of things (Narrow Band Internet of Thins, NB-IOT) is an important emerging technology of the Internet of things (namely the general Internet of things), supports cellular data connection of low-power-consumption equipment in a wide area, has various advantages of low power consumption, wide coverage, low cost, large capacity and the like, and can be widely applied to various vertical industries such as remote meter reading, asset tracking, intelligent parking, intelligent agriculture and the like. The method comprises the steps that the NB-IOT equipment is used as a terminal to be accessed to a general Internet of things platform, and the general Internet of things platform is connected with and manages the accessed NB-IOT equipment, and collects, analyzes and processes data of the NB-IOT equipment so as to provide NB-IOT services. However, the inventors found that the following problems exist in the related art: in the related art, a complete access interaction flow is not available when the NB-IOT equipment is accessed to the NB-IOT platform, and the information encryption and decryption mechanism in the interaction process is single, so that the security and reliability are low.
Disclosure of Invention
The embodiment of the invention aims to provide an interaction method, a platform, a server and a storage medium of NB-IOT equipment, which can enable the NB-IOT equipment and the NB-IOT equipment interaction platform to perform access interaction, and ensure the security and reliability of information encryption in the interaction process.
In order to solve the above technical problems, an embodiment of the present invention provides an interaction method of NB-IOT devices, including: receiving a request sent by NB-IOT equipment; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on pre-stored unique identification information of the NB-IOT equipment; and if the verification is successful, responding to the request sent by the NB-IOT equipment.
The embodiment of the invention also provides an interaction platform of the NB-IOT equipment, which comprises the following steps: the device interaction module and the data storage module; the equipment interaction module is used for receiving a request sent by NB-IOT equipment; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment; the equipment interaction module is also used for verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment; the equipment interaction module is also used for responding to a request sent by the NB-IOT equipment when verification is successful; the unique identification information of the NB-IOT equipment is pre-stored in the data storage module.
The embodiment of the invention also provides a server, which comprises: at least one processor; and a memory communicatively coupled to the at least one processor; the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the NB-IOT device interaction method described above.
The embodiment of the invention also provides a computer readable storage medium, which stores a computer program, and the computer program realizes the interaction method of the NB-IOT device when being executed by a processor.
Compared with the prior art, the embodiment of the invention receives the request sent by the NB-IOT equipment; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on pre-stored unique identification information of the NB-IOT equipment; if verification is successful, responding to a request sent by the NB-IOT equipment; that is, a manner is provided by which an NB-IOT device accesses an interaction platform of the NB-IOT device by sending a request carrying ciphertext information: the received request sent by the NB-IOT equipment comprises ciphertext information, the ciphertext information is encrypted according to unique identification information of the NB-IOT equipment, and the unique identification information is unique and different for each NB-IOT equipment, so that the ciphertext information in the request can be used for accurately representing the identity of the NB-IOT equipment sending the request, and the safety and reliability in the interaction process are ensured due to the ciphertext information; and a way of verifying the identity of the NB-IOT device according to the unique identification information of the NB-IOT device in the interaction process is provided: because the unique identification information of the NB-IOT equipment is pre-stored, the ciphertext information can be verified according to the unique identification information of the NB-IOT equipment, if the pre-stored unique identification information is consistent with the unique identification information of the NB-IOT equipment sending the request, the ciphertext information can be successfully verified, namely after the identity of the NB-IOT equipment is confirmed through the ciphertext information, the request of the NB-IOT equipment can be responded and subsequent interaction is carried out, the safety and the reliability of the interaction process are effectively ensured, and the characteristic of low power consumption of the NB-IOT equipment is met.
In addition, the request also comprises plaintext information, the ciphertext information comprises equipment check value ciphertext, the equipment check value ciphertext is generated by encrypting the plaintext information by an equipment key, and the equipment key is obtained by calculation according to the unique identification information of the NB-IOT equipment and a preset encryption algorithm; the verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment comprises the following steps: calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm; encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext; and if the equipment check value ciphertext and the platform check value ciphertext are successfully matched, judging that the ciphertext information is successfully verified. That is, generating a device key at the NB-IOT device side according to the unique identification information of the NB-IOT device and a preset encryption algorithm, encrypting the plaintext information of the request by using the device key to obtain ciphertext information, and carrying the ciphertext information in the request to be sent to an interaction platform of the NB-IOT device; therefore, the interactive platform side of the NB-IOT equipment can generate a platform key of the platform side according to the prestored identification information of the NB-IOT equipment and the same preset encryption algorithm, encryption is carried out on the received plaintext information, and if ciphertext information obtained through encryption is consistent with ciphertext information included in a request, the platform side successfully verifies the NB-IOT equipment, namely the platform key generated by the platform side is consistent with the equipment key.
In addition, the ciphertext information also comprises request data ciphertext; wherein the request data ciphertext is generated from the plaintext information of the device key encryption portion; after the equipment check value ciphertext and the platform check value ciphertext are successfully matched, decrypting the request data ciphertext according to the platform key to obtain a request data plaintext, and matching the request data plaintext with the plaintext information of the part; if the plaintext information of the request data and the part of the plaintext information are successfully matched, judging that the ciphertext information is successfully verified; that is, a dual verification mode is provided, namely, the requested ciphertext information comprises two ciphertexts, when the two ciphertexts are successfully verified, the success of the verification of the ciphertext information is judged, and the security and the reliability of data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
Additionally, the request also includes a timestamp characterizing the time of transmission of the request; before the computing platform key, further comprising: judging the time stamp as legal time stamp, and judging the plaintext information in the request as complete plaintext information; that is, another prior verification method is provided, namely, before the verification of the requested ciphertext information, whether the time stamp of the request is legal and whether the plaintext information in the request is complete and effective is judged, when the time stamp of the request is legal and the plaintext information is complete and effective plaintext information, the verification of the ciphertext information is continued, useless verification operation on the overtime ciphertext information is avoided, the workload generated in the interaction process is effectively controlled, and the interaction efficiency of the NB-IOT equipment is improved.
In addition, the responding to the request sent by the NB-IOT equipment comprises the following steps: transmitting response information to the NB-IOT equipment; the response information comprises response data ciphertext obtained by encrypting a session key based on unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can acquire the session key according to the response data ciphertext and send a request based on the session key; the session key is obtained by encryption based on the unique identification information of the NB-IOT equipment; that is, a way of responding to the NB-IOT device is provided, a new session key is negotiated based on the unique identification information of the NB-IOT device for subsequent interaction by the NB-IOT device instead of continuing to use the device key for interaction, so that the singleness of an encryption mechanism in the interaction process is avoided, and the security and reliability in the process of data interaction between the NB-IOT device and the NB-IOT platform are effectively improved.
In addition, the method further comprises: and storing the session key and the verification result of the ciphertext information according to the unique identification information of the NB-IOT equipment, and pushing the session key and the verification result to a third party platform, so that the third party platform can timely acquire a message of successful verification of the NB-IOT equipment, and further can operate the NB-IOT equipment.
In addition, when the request is a subscription request, the subscription request further comprises a subscription validity period of the NB-IOT equipment; the responding to the request sent by the NB-IOT equipment comprises the following steps: storing the subscription validity period of the NB-IOT equipment; the method further comprises the steps of: when an instruction sent by a third-party platform is received, judging whether the NB-IOT equipment is online or not and whether the instruction sent by the third-party platform is within the subscription validity period of the NB-IOT equipment or not; if yes, storing the instruction as an online instruction corresponding to the NB-IOT equipment, and sending the online instruction to the NB-IOT equipment; if not, the instruction is stored as an offline instruction corresponding to the NB-IOT equipment; that is, a manner of responding to a subscription request is provided, interaction is performed with a third party platform in addition to interaction with NB-IOT equipment, if an instruction for the NB-IOT equipment is received from the third party platform, and the NB-IOT equipment is online, sends the subscription request and the received instruction is in a subscription validity period, the online instruction is sent to the NB-IOT equipment, and the characteristic of low power consumption of the NB-IOT equipment is met.
Drawings
One or more embodiments are illustrated by way of example and not limitation in the figures of the accompanying drawings.
FIG. 1 is a flow chart of a method of interaction of NB-IOT devices in a first embodiment of the present invention;
fig. 2 is a schematic diagram of a data packet according to a first embodiment of the present invention;
FIG. 3 is a flowchart of a specific implementation of step 102 in a first embodiment of the present invention;
FIG. 4 is a flow chart of a method of interaction of NB-IOT devices in a second embodiment of the present invention;
FIG. 5 is a flowchart of a specific implementation of step 202 in a second embodiment of the present invention;
FIG. 6 is a schematic diagram of a data packet in a second embodiment according to the present invention;
FIG. 7 is a flow chart of a method of interaction of NB-IOT devices in a third embodiment of the present invention;
FIG. 8 is a block diagram of the architecture of an interaction platform of an NB-IOT device in accordance with a fourth embodiment of the present invention;
FIG. 9 is a schematic interaction flow diagram of an interaction platform of an NB-IOT device and an NB-IOT device in accordance with a fourth embodiment of the present invention;
FIG. 10 is a flow chart of registration of an NB-IOT device on an interaction platform of the NB-IOT device in accordance with a fourth embodiment of the present invention;
FIG. 11 is a flow chart of a log-in of an NB-IOT device on an interaction platform of the NB-IOT device in accordance with a fourth embodiment of the present invention;
FIG. 12 is a flow diagram of an NB-IOT device receiving an online instruction in accordance with a fourth embodiment of the present invention;
FIG. 13 is a flow chart of an NB-IOT device receiving an offline instruction in accordance with a fourth embodiment of the present invention;
fig. 14 is a block diagram showing the structure of a server according to a fifth embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the following detailed description of the embodiments of the present invention will be given with reference to the accompanying drawings. However, those of ordinary skill in the art will understand that in various embodiments of the present invention, numerous technical details have been set forth in order to provide a better understanding of the present application. However, the technical solutions claimed in the present application can be implemented without these technical details and with various changes and modifications based on the following embodiments. The following embodiments are divided for convenience of description, and should not be construed as limiting the specific implementation of the present invention, and the embodiments can be mutually combined and referred to without contradiction.
The first embodiment of the invention relates to an interaction method of NB-IOT equipment. In this embodiment, the NB-IOT device uses a restricted application protocol (Constrained Application Protocol, i.e., coAP) as a communication protocol to interact with the interaction platform of the NB-IOT device, and because the CoAP protocol has the characteristic of low power consumption, the application of the CoAP protocol as the communication protocol is interactively compatible with the characteristic of low power consumption of the NB-IOT device; vendors of NB-IOT equipment can flexibly select SDK, API or modules and other different modes to access the NB-IOT equipment to an interaction platform of the NB-IOT equipment according to the actual scene of using the NB-IOT equipment, so that the application scene of the NB-IOT equipment is wider. As shown in fig. 1, a flowchart of an interaction method of NB-IOT devices in this embodiment includes:
Step 101, receiving a request sent by NB-IOT equipment;
step 102, verifying ciphertext information based on the unique identification information of the pre-stored NB-IOT equipment;
step 103, judging whether the ciphertext information is successfully verified; if yes, go to step 104; if not, ending;
step 104, responding to the request sent by the NB-IOT device.
Implementation details of the interaction method of the NB-IOT device in the present embodiment are specifically described below, and the following details are provided only for facilitating understanding, and are not necessary to implement the present embodiment.
In this embodiment, a request sent by NB-IOT equipment is received; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment; verifying the ciphertext information based on pre-stored unique identification information of the NB-IOT equipment; if verification is successful, responding to a request sent by the NB-IOT equipment; that is, a manner is provided by which an NB-IOT device accesses an interaction platform of the NB-IOT device by sending a request carrying ciphertext information: the received request sent by the NB-IOT equipment comprises ciphertext information, the ciphertext information is encrypted according to unique identification information of the NB-IOT equipment, and the unique identification information is unique and different for each NB-IOT equipment, so that the ciphertext information in the request can be used for accurately representing the identity of the NB-IOT equipment sending the request, and the safety and reliability in the interaction process are ensured due to the ciphertext information; and a way of verifying the identity of the NB-IOT device according to the unique identification information of the NB-IOT device in the interaction process is provided: because the unique identification information of the NB-IOT equipment is pre-stored, the ciphertext information can be verified according to the unique identification information of the NB-IOT equipment, if the pre-stored unique identification information is consistent with the unique identification information of the NB-IOT equipment sending the request, the ciphertext information can be successfully verified, namely after the identity of the NB-IOT equipment is confirmed through the ciphertext information, the request of the NB-IOT equipment can be responded and subsequent interaction is carried out, the safety and the reliability of the interaction process are effectively ensured, and the characteristic of low power consumption of the NB-IOT equipment is met.
In step 101, an interaction platform of an NB-IOT device receives a request sent by the NB-IOT device, where the request includes ciphertext information encrypted based on unique identification information of the NB-IOT device. Specifically, the NB-IOT equipment packages information included in the request according to a CoAP protocol, and sends the packaged request to an interaction platform of the NB-IOT equipment; the request of the NB-IOT equipment comprises plaintext information and ciphertext information, wherein the plaintext information comprises a data head, a request type, unique identification information of the NB-IOT equipment and the like, and the ciphertext information comprises equipment check value ciphertext; the device check value ciphertext is generated by encrypting the complete plaintext information by a device key of the NB-IOT device, wherein the encryption algorithm of the key can be an encryption algorithm such as AES, DES, 3DES, TEA and the like, but the encryption algorithm is not particularly limited; the device key of the NB-IOT device is calculated according to the unique identification information of the NB-IOT device and a preset encryption algorithm. In one example, the device key may be generated in a scattered manner by a preset scattering algorithm, which is specifically as follows:
firstly, a manufacturer of the NB-IOT equipment and an interaction platform of the NB-IOT equipment agree on a shared master key, and a dispersion parameter is preset for each NB-IOT equipment which is accessed to the interaction platform of the NB-IOT equipment, wherein the dispersion parameter comprises unique identification information of the NB-IOT equipment, and also comprises other types of identification information used for representing the identity of the NB-IOT equipment, such as an international mobile equipment identification code (IMEI number, i.e. a serial number) used by the NB-IOT equipment, a hash value of an integrated circuit card identification code (ICCID, i.e. a unique identification number of an IC card) of the NB-IOT equipment, and the like.
Then, according to the shared master key and preset dispersion parameters (including unique identification information of each NB-IOT device), a corresponding and unique device key is calculated for each NB-IOT device in a dispersed manner through a preset encryption algorithm (which can be understood as a dispersion algorithm herein), and the manufacturer of the NB-IOT device burns the device key corresponding to each NB-IOT device into the NB-IOT device.
By the method, only according to the master key, the dispersion parameters and the encryption algorithm which are agreed in advance, the unique device key of each NB-IOT device can be generated when the device is used, the dispersion parameters are different, the generated device keys are different, the key requirements of a large number of devices are met, and meanwhile, the cost for storing the device keys is greatly reduced; and because the scattered secret key has irreversibility, that is, the master secret key of the upper level or the device secret keys of other NB-IOT devices of the same level can not be obtained according to the scattered device secret key, even if a certain scattered device secret key is cracked, the security of the master secret key and other NB-IOT devices of the same level can be ensured.
The request in this embodiment may be understood as a data packet as shown in fig. 2, including a data header, a request type (or a response type), unique identification information of the NB-IOT device, and a device check value ciphertext.
In step 102, verifying ciphertext information based on pre-stored unique identification information of NB-IOT equipment; specifically, step 102 validates the ciphertext message, as shown in fig. 3, by steps 1021 through 1022:
step 1021, calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and a preset encryption algorithm.
Specifically, after receiving a request of the NB-IOT equipment, the interactive platform of the NB-IOT equipment calculates a platform key according to pre-stored unique identification information of the NB-IOT equipment and a preset encryption algorithm; in combination with the above examples, the interaction platform of the NB-IOT device dispersedly calculates the platform key for the current NB-IOT device according to the shared master key and the preset dispersion parameter (including the pre-stored unique identification information of the NB-IOT device) through the preset encryption algorithm (which can be understood herein as the dispersion algorithm).
The pre-stored unique identification information of the NB-IOT device may be pre-stored in device basic information provided by a manufacturer of the NB-IOT device, that is, the manufacturer of the NB-IOT device provides the device basic information such as the unique identification information, the ID number, the manufacturer identification information, the product identification information of the NB-IOT device to the interaction platform of the NB-IOT device for importing and pre-storing.
Step 1022, encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the device check value ciphertext and the platform check value ciphertext.
Specifically, the ciphertext information in this step includes a device check value ciphertext generated by encrypting the complete plaintext information with the device key; and the interactive platform of the NB-IOT equipment encrypts the plaintext information by using the calculated platform key, and judges whether the encrypted platform check value ciphertext is consistent with the equipment check value ciphertext included in the request.
In step 103, judging whether the ciphertext information is successfully verified; if yes, go to step 104; if not, ending. Specifically, whether the encrypted platform check value ciphertext is consistent with the device check value ciphertext included in the request is judged, if so, the ciphertext information is judged to be successfully verified, and the platform key calculated by the interaction platform of the NB-IOT device is also identical with the device key; if the encrypted platform check value ciphertext is inconsistent with the device check value ciphertext included in the request, judging that the ciphertext information verification fails, and rejecting the request sent by the response NB-IOT device.
In practical application, after encrypting the plaintext information, a section of byte in the encrypted plaintext information is taken as a check value ciphertext, so as to reduce the workload in the matching process, for example: the device check value ciphertext is the 8 th to 24 th bytes in the ciphertext obtained by encrypting the complete plaintext information by the device key, the platform check value ciphertext is the 8 th to 24 th bytes in the ciphertext obtained by encrypting the complete plaintext information by the platform key, and the device check value ciphertext and the platform check value ciphertext are matched.
In step 104, a request sent by an NB-IOT device is responded to. Specifically, the interactive platform of the NB-IOT equipment sends response information to the NB-IOT equipment according to the result of successful verification; the response information includes a response data ciphertext generated by encrypting a session key by the device key in the above step, and the session key is generated based on the device key agreement. That is, the interaction platform of the NB-IOT device recalculates to generate a new session key according to the device key, encrypts the generated session key according to the device key and encryption algorithms (specifically, but not limited to, AES, DES, 3DES, TEA, etc.), encapsulates a response data ciphertext generated by encrypting the session key into response information, and sends the response data ciphertext to the NB-IOT device. After receiving the response information sent by the interaction platform of the NB-IOT equipment, the NB-IOT equipment can decrypt the response data ciphertext according to the equipment key to obtain a generated session key, so that when the request is sent to the interaction platform of the NB-IOT equipment to continue to interact, the session key can be used for encrypting the request, namely, the equipment check value ciphertext and the request data ciphertext are generated according to the session key encryption, the encryption of the equipment key is avoided, namely, the singleness of an encryption mechanism in the interaction process is avoided, and the safety and the reliability of the data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
In addition, the interaction platform of the NB-IOT equipment can also realize interaction with a third party platform, and the third party platform can be understood as a platform for controlling the NB-IOT equipment to serve and can be used for issuing instructions to the NB-IOT equipment or subscribing to data updating of the NB-IOT equipment. After the interaction platform of the NB-IOT equipment responds to the request sent by the NB-IOT equipment and generates the session key fed back to the NB-IOT equipment, the session key of the NB-IOT equipment and the verification result (which can be understood as verification success here) of the ciphertext information are correspondingly stored and updated according to the unique identification information of the NB-IOT equipment and are pushed to a third party platform, or are pushed only to the third party platform subscribing the information of the NB-IOT equipment, so that the third party platform can timely acquire the message that the NB-IOT equipment is successfully verified, and further control operations such as issuing instructions can be performed on the NB-IOT equipment. It will be appreciated that in addition to storing the unique identification information, session key, and verification result of ciphertext information for updating NB-IOT devices mentioned herein, other information data for NB-IOT devices may be updated and pushed to the third party platform.
Compared with the prior art, the embodiment provides a mode that the NB-IOT equipment accesses an interaction platform of the NB-IOT equipment by sending a request carrying ciphertext information: the received request sent by the NB-IOT equipment comprises ciphertext information, the ciphertext information is encrypted according to unique identification information of the NB-IOT equipment, and the unique identification information is unique and different for each NB-IOT equipment, so that the ciphertext information in the request can be used for accurately representing the identity of the NB-IOT equipment sending the request, and the safety and reliability in the interaction process are ensured due to the ciphertext information; and a way of verifying the identity of the NB-IOT device according to the unique identification information of the NB-IOT device in the interaction process is provided: because the interaction platform of the NB-IOT equipment pre-stores the unique identification information of the NB-IOT equipment, a mode of verifying ciphertext information is provided in the embodiment, namely, plaintext information is also included in the request, the ciphertext information comprises equipment check value ciphertext, the equipment check value ciphertext is generated by encrypting the plaintext information through an equipment key, and the equipment key is obtained by calculation according to the unique identification information of the NB-IOT equipment and a preset encryption algorithm; the interaction platform of the NB-IOT equipment pre-stores the unique identification information of the NB-IOT equipment and the preset encryption algorithm, and calculates a platform key; encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the platform check value ciphertext with the equipment check value ciphertext; if the platform key generated by the platform side is consistent with the device key, the device check value ciphertext and the platform check value ciphertext are consistent, and the interaction of the NB-IOT device successfully verifies the NB-IOT device. After confirming the identity of NB-IOT equipment through ciphertext information, responding to a request of the NB-IOT equipment, namely sending response information to the NB-IOT equipment, wherein the response information comprises response data ciphertext obtained by encrypting a session key based on unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can acquire the session key according to the response data ciphertext, and sends a request based on the session key; the session key is obtained by encryption based on the unique identification information of the NB-IOT equipment; that is, the NB-IOT device can use the session key to perform subsequent interaction instead of continuously using the device key to perform interaction, so that the singleness of an encryption mechanism in the interaction process is avoided, and the security and reliability of data interaction between the NB-IOT device and the NB-IOT platform are effectively improved. In addition, the interaction platform of the NB-IOT equipment can also realize interaction with a third party platform, when the interaction platform of the NB-IOT equipment responds to a request sent by the NB-IOT equipment, equipment information of the NB-IOT equipment is correspondingly stored and updated and pushed to the third party platform, so that the third party platform can timely acquire the equipment information of the NB-IOT equipment, and further control operations such as issuing instructions and the like can be performed on the NB-IOT equipment.
The second embodiment of the present invention relates to an interaction method of NB-IOT devices, which is substantially the same as the first embodiment, and in this embodiment, a multiple verification manner for ciphertext information is provided, so that security and reliability of information interaction between NB-IOT devices and an interaction platform of NB-IOT devices are further ensured, and meanwhile, interaction efficiency of NB-IOT devices is improved. The interaction method of the NB-IOT device in this embodiment is generally shown in fig. 4, and the following specifically describes the flow of fig. 4:
step 201, receiving a request sent by NB-IOT equipment; this step is substantially the same as step 101, and will not be described here again.
Step 202, verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment.
Specifically, step 202 includes steps 2021 to 2025, as shown in fig. 5:
in step 2021, the timestamp is determined to be a legal timestamp.
Specifically, the request received by the interaction platform of the NB-IOT device further comprises a timestamp, and the timestamp is used for representing the sending time of the request. Before the platform key is calculated to verify the ciphertext information, the timestamp in the request is judged to be a legal timestamp, and then the ciphertext information is verified continuously, so that useless verification operation on the overtime ciphertext information is avoided, the workload generated in the interaction process is effectively controlled, and the interaction efficiency of the NB-IOT equipment is improved. In one example, it may be understood that the interaction platform of the NB-IOT device calculates a time difference value according to the time represented by the time stamp and the current communication time, and if the time difference value is smaller than a preset time threshold, determines that the time stamp is a legal time stamp, and may continue to verify ciphertext information; if the time difference is greater than the preset time threshold, the time stamp is judged to be an illegal time stamp, that is, the received request of the NB-IOT equipment is judged to be an illegal request, and the received request can be directly discarded.
In step 2022, the plaintext information in the request is determined to be complete plaintext information.
Specifically, checking the integrity of plaintext information included in a request received by an interactive platform of NB-IOT equipment, wherein the plaintext information comprises a timestamp, a data head, a request type, unique identification information of the NB-IOT equipment and the like; in one example, checking the integrity of plaintext information may be understood as: firstly, checking whether all data included in plaintext information are complete, and if one item of data such as a time stamp, a data head, a request type, unique identification information of NB-IOT equipment and the like is absent, judging that the plaintext information is incomplete plaintext information; if all the data included in the plaintext information are complete, checking whether all the data included in the plaintext information are valid, for example, if the timestamp is empty or the request type is empty, judging that the timestamp is invalid or the request type is invalid, namely judging that the plaintext information is incomplete plaintext information; that is, when each item of data in the plaintext information is complete and each item of data content is valid, the plaintext information in the request can be determined to be complete plaintext information. If the plaintext information is incomplete plaintext information, the received request of the NB-IOT equipment is judged to be an illegal request, and the received request can be directly discarded.
Step 2023, calculating the platform key according to the pre-stored unique identification information of the NB-IOT device and the preset encryption algorithm. This step is substantially the same as step 1021, and will not be described here again.
Step 2024, encrypt the plaintext information according to the platform key, obtain the platform check value ciphertext, and match the device check value ciphertext and the platform check value ciphertext. This step is substantially the same as step 1022 and will not be described in detail herein.
And step 2025, if the matching of the device check value ciphertext and the platform check value ciphertext is successful, decrypting the request data ciphertext according to the platform key to obtain the request data plaintext, and matching the request data plaintext with part of plaintext information.
Specifically, the ciphertext information in this embodiment includes, in addition to the device check value ciphertext, a request data ciphertext, where the request data ciphertext is generated from plaintext information in a device key encryption portion of the NB-IOT device, where the plaintext information in the portion may be understood as predetermined, more sensitive partial information in the plaintext information. For example, the device check value ciphertext is generated by encrypting the complete plaintext information a, and the plaintext information a includes the more sensitive part information B, and the request data ciphertext is generated by encrypting the more sensitive part information B. Also, the encryption algorithm of the key may be an encryption algorithm of AES, DES, 3DES, TEA, or the like, but is not particularly limited.
And after the equipment check value ciphertext and the platform check value ciphertext are successfully matched, the calculated platform key is also used for decrypting the request data ciphertext, and whether the decrypted request data plaintext is consistent with the plaintext information of the preset part or not is judged.
Step 203, judging whether the ciphertext information is successfully verified; if yes, go to step 204; if not, ending;
specifically, when the equipment check value ciphertext and the platform check value ciphertext are successfully matched, and the request data ciphertext is successfully matched with partial plaintext information, the ciphertext information is successfully verified. In other words, the dual verification mode is provided in the embodiment, so that the security and reliability of data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
Step 204, responding to a request sent by the NB-IOT device. This step is substantially the same as step 104, and will not be described here again.
The request in this embodiment may be understood as a data packet as shown in fig. 6, including a data header, a request type (or a response type), unique identification information of the NB-IOT device, a time stamp, a device check value ciphertext, and a request data ciphertext.
Compared with the prior art, the embodiment provides a multiple verification mode for ciphertext information, namely before calculating a platform key, the method also judges that the timestamp which is included in the request and is used for representing the sending time of the request is a legal timestamp, and judges that plaintext information is complete plaintext information; that is, when the requested time stamp is legal and the plaintext information is complete and effective, the ciphertext information is continuously verified, so that useless verification operation on the overtime ciphertext information is avoided, the workload generated in the interaction process is effectively controlled, and the interaction efficiency of the NB-IOT equipment is improved. In addition, the ciphertext information also comprises request data ciphertext; wherein the request data ciphertext is generated from the plaintext information of the device key encryption portion; after the verification value ciphertext of the matching equipment and the platform verification value ciphertext are successful, decrypting the request data ciphertext according to the platform key to obtain a request data plaintext, and matching the request data plaintext with the plaintext information of the part; if the plaintext information of the request data and the part of the plaintext information are successfully matched, judging that the ciphertext information is successfully verified; that is, the requested ciphertext information comprises two ciphertexts, and when the two ciphertexts are successfully verified, the success of the verification of the ciphertext information is judged, so that the security and the reliability of the data interaction between the NB-IOT equipment and the NB-IOT platform are effectively improved.
The third embodiment of the present invention relates to an interaction method of NB-IOT devices, and the present embodiment is substantially the same as the first embodiment, and provides an interaction method when the request is a subscription request. The flow of the interaction method of the NB-IOT device in this embodiment is approximately as shown in fig. 7, and the following specifically describes the flow of fig. 7:
step 301, receiving a request sent by NB-IOT equipment;
specifically, in this embodiment, the request sent by the NB-IOT device is a subscription request, and the plaintext information in the request further includes a subscription validity period of the NB-IOT device, where the subscription validity period is understood to be used to limit the time for the NB-IOT device to receive the instruction, that is, after the subscription request of the NB-IOT device is verified successfully, a certain subscription validity period will be maintained, and only within the subscription validity period, the instruction from, for example, the third party platform can be accepted. The other descriptions of this step are substantially the same as those of step 101, and will not be repeated here.
Step 302, verifying ciphertext information based on pre-stored unique identification information of NB-IOT equipment; this step is substantially the same as step 102, and will not be described here again.
Step 303, judging whether the ciphertext information is successfully verified; if yes, go to step 104; if not, ending; this step is substantially the same as step 103, and will not be described here again.
Step 304, responding to a request sent by the NB-IOT device.
Specifically, the interaction platform of the NB-IOT equipment carries out corresponding storage update on the subscription validity period of the NB-IOT equipment according to the unique identification information of the NB-IOT equipment so as to judge whether to receive the instruction or not when the instruction issued by the third party platform is subsequently received. Other descriptions of this step are substantially the same as step 104, and will not be repeated here.
Step 305, when receiving an instruction sent by a third party platform to the NB-IOT equipment, judging whether the NB-IOT equipment is online or not and whether the instruction sent by the third party platform is within the subscription validity period of the NB-IOT equipment or not; if yes, go to step 306; if not, go to step 307.
Specifically, the interaction platform of the NB-IOT device may also implement interaction with a third party platform, where the third party platform may be understood as a platform for controlling the NB-IOT device to perform services, and may be used to issue a command to the NB-IOT device or subscribe to data update of the NB-IOT device. When the interaction platform of the NB-IOT equipment receives an instruction issued by the third-party platform to the NB-IOT equipment, whether the NB-IOT equipment is on line or not is judged, and whether the instruction sent by the third-party platform is in the stored subscription validity period of the NB-IOT equipment or not is judged. It can be understood that the interaction platform of the NB-IOT equipment can acquire the currently accessed NB-IOT equipment, so that whether the NB-IOT equipment aimed by the third party platform is online or not can be directly judged; when the NB-IOT equipment is online, comparing the time for receiving the instruction with the stored subscription validity period of the NB-IOT equipment, if the time for receiving the instruction is within the subscription validity period, judging that the received instruction is valid, and responding to the instruction sent to the NB-IOT equipment; if the time of the received instruction is not within the subscription validity period, the instruction may be stored as an offline instruction, but the instruction is not sent to the NB-IOT device. In one example, where the NB-IOT device is known to be online and the subscription validity period is 8-10, and the third party instruction is received for 9, then the received instruction is determined to be valid, and step 306 is performed.
Step 306, storing the instruction as an online instruction corresponding to the NB-IOT device, and sending the online instruction to the NB-IOT device.
Specifically, the interaction platform of the NB-IOT equipment stores the received instruction as an online instruction and sends the online instruction to the NB-IOT equipment so that the NB-IOT equipment can provide services according to the online instruction of the third party platform.
Step 307, the instruction is stored as an offline instruction corresponding to the NB-IOT device.
Specifically, when an instruction to the NB-IOT equipment sent by the third party platform is received, if the fact that the NB-IOT equipment is not online and the instruction sent by the third party platform is not in the subscription validity period of the NB-IOT equipment is judged, the instruction is stored as an offline instruction corresponding to the NB-IOT equipment; it will be appreciated that when storing instructions as offline instructions, the NB-IOT device may be in one of several states:
(1) The NB-IOT equipment is in an offline state; (2) The NB-IOT equipment is in an online state, but does not initiate a subscription request; (3) The NB-IOT device is online and initiates a subscription request, but the subscription validity period of the NB-IOT device has timed out.
Specifically, when the NB-IOT equipment is in an online state, the NB-IOT equipment can send an offline instruction acquisition request to an interaction platform of the NB-IOT equipment; if the interaction platform of the NB-IOT equipment stores the offline instructions stored when the NB-IOT equipment is in the above states, the interaction platform of the NB-IOT equipment can send the stored offline instructions to the NB-IOT equipment. It can be understood that a certain validity period can be set for the offline instruction according to the actual application, and the validity period of the offline instruction is used for limiting the time of storing the offline instruction in the interaction platform of the NB-IOT equipment, namely limiting the timeliness of the offline instruction; and deleting the offline instruction from the interactive platform of the NB-IOT equipment when the validity period of the offline instruction is over, so as to prevent the NB-IOT equipment from acquiring the overtime offline instruction.
Compared with the prior art, the method and the device have the advantages that the interaction mode is provided when the request is the subscription request, the interaction platform of the NB-IOT equipment interacts with the third party platform in addition to the interaction with the NB-IOT equipment, if the instruction for the NB-IOT equipment is received from the third party platform, the NB-IOT equipment is online, the subscription request is sent, the received instruction is sent to the NB-IOT equipment in the subscription effective period, and the received instruction is taken as the online instruction, so that the characteristic of low power consumption of the NB-IOT equipment is met.
A fourth embodiment of the present invention relates to an interaction platform of NB-IOT equipment, as shown in FIG. 8, comprising: a device interaction module 401 and a data storage module 402.
The device interaction module 401 is configured to receive a request sent by an NB-IOT device; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment;
the device interaction module 401 is further configured to verify the ciphertext information based on pre-stored unique identification information of the NB-IOT device;
the device interaction module 401 is further configured to respond to a request sent by the NB-IOT device when verification is successful;
wherein, the unique identification information of the NB-IOT device is pre-stored in the data storage module 402.
In one example, the request further includes plaintext information, the ciphertext information includes a device check value ciphertext, the device check value ciphertext is generated by encrypting the plaintext information by a device key, and the device key is calculated according to unique identification information of the NB-IOT device and a preset encryption algorithm; the device interaction module 401 verifies the ciphertext information based on the pre-stored unique identification information of the NB-IOT device, including: calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm; encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext; and if the equipment check value ciphertext and the platform check value ciphertext are successfully matched, judging that the ciphertext information is successfully verified.
In one example, the ciphertext information further includes a request data ciphertext; wherein the request data ciphertext is generated from the plaintext information of the device key encryption portion; after the device interaction module 401 successfully matches the device check value ciphertext and the platform check value ciphertext, the device interaction module 401 is further configured to decrypt the request data ciphertext according to the platform key, obtain a request data plaintext, and match the request data plaintext with the plaintext information of the part; and if the plaintext information of the request data and the part are successfully matched, judging that the ciphertext information is successfully verified.
In one example, the request further includes a timestamp characterizing a time of transmission of the request; before the device interaction module 401 calculates the platform key, the device interaction module 401 is further configured to: and judging the time stamp as a legal time stamp, and judging the plaintext information in the request as complete plaintext information.
In one example, device interaction module 401 responds to a request sent by the NB-IOT device, comprising: transmitting response information to the NB-IOT equipment; the response information comprises response data ciphertext obtained by encrypting a session key based on unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can acquire the session key according to the response data ciphertext and send a request based on the session key; the session key is encrypted by the device interaction module 401 based on the unique identification information of the NB-IOT device.
In one example, the device management module 403 and the data transmission module 404 are also included; the device management and control module 403 is configured to store the session key and the verification result of the ciphertext information to the data storage module 402 according to the unique identification information of the NB-IOT device, and push the unique identification information of the NB-IOT device, the session key and the verification result of the ciphertext information to a third party platform through the data transmission module 404.
In one example, when the request is a subscription request, the subscription request further includes a subscription validity period of the NB-IOT device; the device interaction module 401 responds to the request sent by the NB-IOT device, including: storing a subscription validity period of the NB-IOT device to the data storage module 402; the platform further comprises a device management and control module 403 and a data transmission module 404, where the device management and control module 403 is configured to, when receiving, through the data transmission module 404, an instruction sent by a third party platform to the NB-IOT device, determine whether the NB-IOT device is online and whether the instruction sent by the third party platform is within the subscription validity period of the NB-IOT device; if yes, storing the instruction as an online instruction corresponding to the NB-IOT equipment to the data storage module 402, and sending the online instruction to the equipment interaction module 401, so that the equipment interaction module 401 sends the online instruction to the NB-IOT equipment; if not, the instruction is stored to the data storage module 402 as an offline instruction corresponding to the NB-IOT device.
The following description is made of the interaction platform of the NB-IOT device and the respective modules that constitute the platform, and it should be noted that the following description is only an example provided for facilitating understanding, and is not limited to the interaction platform of the NB-IOT device.
As shown in fig. 8, the device interaction module 401 is responsible for directly interacting with NB-IOT devices, which interact with the device interaction module 401 based on CoAP protocol by means of API, SDK or module.
The device management and control module 403 is responsible for interacting with the device interaction module 401 and the data transmission module 404, and controlling the data storage module 402 to store and update relevant information of the device. After the device interaction module 401 sends uplink data (specifically including device registration data, device login data, device status parameter reporting data, device subscription data, device acquisition offline instruction data, device offline data, device logout data, etc.) to the device management and control module 403, the device management and control module 403 is responsible for analyzing the uplink data and notifying the data storage module 402 to update the device related information, and then notifying the data transmission module 404 to push the device information to the third party platform. After the data transmission module 404 sends the downlink data (specifically including the instruction from the third party platform) to the device management and control module 403, the device management and control module 403 notifies the data storage module 402 to store instruction information according to the device on-line state and the subscription state. If the equipment is in an offline state or is not in the subscription validity period, the instruction is stored as an offline instruction of the equipment; if the device is in an online state and within the subscription validity period, the instruction is stored as an online instruction, and according to uplink data (device acquisition offline instruction data, device subscription data and the like) from the device interaction module 401, the corresponding instruction is acquired from the data storage module 402 and sent to the device interaction module 401.
The data storage module 402 is responsible for storing device information, specifically including basic information storage of a device, including session key, device registration status, device on-line status, device status parameters, device subscription validity period, offline instruction, online instruction, and the like. In this embodiment, the data storage module 402 may interact with the device interaction module 401 directly, or may interact with the device interaction module 401 through the device management module 403.
The data transmission module 404 is responsible for interacting with the device management and control module 403 and the third party platform, and is mainly used for pushing device information (i.e. device information stored by the data storage module 402, such as a device registration status, a device online status, a device status parameter, etc.) from the device management and control module 403 and subscribed by the third party platform to the third party platform, and sending an instruction from the third party platform to the device management and control module 403 for instruction function processing.
The following description will be made by taking the flow of interaction between the actual NB-IOT device and the interaction platform of the NB-IOT device as an example, where it should be noted that the following description is only for convenience of understanding the proposed example, and is not limited to the flow and sequence of interaction between the actual NB-IOT device and the interaction platform of the NB-IOT device.
FIG. 9 is a schematic interaction flow diagram of an interaction platform between an NB-IOT device and an NB-IOT device, specifically as follows:
(1) The manufacturer of the NB-IOT equipment provides equipment basic information such as unique identification information, ID number, manufacturer identification information, product identification information and the like of the NB-IOT equipment for an interaction platform of the NB-IOT equipment to conduct importing and pre-storing;
(2) The interaction platform of the NB-IOT device pre-imports device basic information provided by the manufacturer of the NB-IOT device.
(3) The manufacturer of the NB-IOT equipment agrees with an interaction platform of the NB-IOT equipment to obtain a shared master key, and presets a dispersion parameter for each NB-IOT equipment accessing the interaction platform of the NB-IOT equipment, wherein the dispersion parameter comprises unique identification information of the NB-IOT equipment, and also comprises other types of identification information for representing the identity of the NB-IOT equipment, such as international mobile equipment identification codes (IMEI numbers, serial numbers) used by the NB-IOT equipment, hash values of integrated circuit card identification codes (ICCIDs, unique identification numbers of IC cards) of the NB-IOT equipment, and the like. Then, according to the shared master key and preset dispersion parameters (including unique identification information of each NB-IOT device), a corresponding and unique device key is calculated for each NB-IOT device in a dispersing way through a preset encryption algorithm (the dispersing algorithm can be understood here);
(4) The manufacturer of the NB-IOT equipment burns the equipment key corresponding to each NB-IOT equipment into the NB-IOT equipment;
(5) The NB-IOT equipment packages the information included in the request according to the CoAP protocol;
(6) The NB-IOT equipment sends the packaged request to an interaction platform of the NB-IOT equipment;
(7) The interaction platform of the NB-IOT equipment unpacks and verifies the packaged request;
(8) If the interactive platform verification of the NB-IOT equipment fails, notifying the NB-IOT equipment of response failure, and ending the flow; if the interactive platform of the NB-IOT equipment is successfully verified, carrying out data processing of the corresponding request;
(9) After the interaction platform of the NB-IOT equipment finishes the data processing of the request, the interaction platform of the NB-IOT equipment packages the response information;
(10) And the interaction platform of the NB-IOT equipment sends the response information to the NB-IOT equipment.
FIG. 10 is a schematic flow chart of registration of an NB-IOT device on an interaction platform of the NB-IOT device, specifically as follows:
(1) The manufacturer of the NB-IOT equipment provides the equipment basic information of the NB-IOT equipment to an interaction platform of the NB-IOT equipment, and the equipment management and control module 403 imports and stores the equipment basic information to the data storage module 402;
(2) The third party platform can send the subscription request of the device registration information to the device management and control module 403 through the data transmission module 404 under the condition of demand;
(3) The NB-IOT equipment packages the information included in the registration request according to the CoAP protocol;
(4) The NB-IOT equipment sends the packaged registration request to the equipment interaction module 401;
(5) The device interaction module 401 unpacks and verifies the packed registration request;
(6) If the verification of the device interaction module 401 fails, responding to the registration failure of the NB-IOT device, and ending the flow; if the device interaction module 401 verifies successfully, the device interaction module 401 generates a session key;
(7) The device interaction module 401 sends device registration interaction information to the device management and control module 403, where the device registration interaction information at least includes unique identification information of the NB-IOT device, a session key, and a verification result of the registration request;
(8) The device management and control module 403 updates and stores the registration state and session key of the NB-IOT device to the data storage module 402 according to the unique identification information of the NB-IOT device;
(9) If the third party platform subscribes to the registration information of the NB-IOT device, the device management and control module 403 pushes the device registration information to the third party platform through the data transmission module 404;
(10) The device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(11) The device interaction module 401 packages the registration response information of the NB-IOT device, where the packaged registration response information includes a response data ciphertext generated by the device key encryption session key;
(12) The device interaction module 401 sends the registration response information of the packet to the NB-IOT device;
(13) And the NB-IOT equipment unpacks the registration response information of the package to acquire the generated session key.
FIG. 11 is a schematic flow chart of logging in an NB-IOT device on an interaction platform of the NB-IOT device, specifically as follows:
(1) The third party platform can send the subscription request of the device login information to the device management and control module 403 through the data transmission module 404 under the condition of demand;
(2) The NB-IOT equipment packages the information included in the login request according to the CoAP protocol;
(3) The NB-IOT equipment sends the packaged login request to the equipment interaction module 401;
(4) The device interaction module 401 unpacks and verifies the packaged login request;
(5) If the verification of the device interaction module 401 fails, responding to the login failure of the NB-IOT device, and ending the flow; if the device interaction module 401 verifies successfully, the device interaction module 401 sends device login interaction information to the device management and control module 403, wherein the device login interaction information at least comprises unique identification information of the NB-IOT device and a verification result of a login request;
(6) The device management and control module 403 updates and stores the online state of the NB-IOT device to the data storage module 402 according to the unique identification information of the NB-IOT device;
(7) If the third party platform subscribes to the login information of the NB-IOT device, the device management and control module 403 pushes the device login information of the NB-IOT device to the third party platform through the data transmission module 404;
(8) The device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(9) The device interaction module 401 packages login response information of the NB-IOT device;
(10) The device interaction module 401 sends the encapsulated login response information to the NB-IOT device.
FIG. 12 is a schematic flow chart of an online instruction received by an NB-IOT device, where the online instruction function is that when the NB-IOT device is in an online state after logging successfully, a subscription request is initiated to an interaction platform of the NB-IOT device to inform the interaction platform that the interaction platform can perform real-time interaction of instructions at the moment; after the subscription of the NB-IOT equipment is successful, a certain subscription effective period is maintained, and when the NB-IOT equipment is in an online state and is in the subscription effective period, an online instruction issued by a third party platform can be accepted, so that the characteristic of low power consumption of the NB-IOT equipment is met. The flow chart shown in fig. 10 is specifically as follows:
(1) The third party platform can send a subscription request of the device instruction execution result to the device management and control module 403 through the data transmission module 404 under the condition of demand;
(2) The NB-IOT equipment is successfully logged in and is in an online state;
(3) The NB-IOT equipment packages the information included in the subscription request according to the CoAP protocol;
(4) The NB-IOT equipment sends the packaged subscription request to the equipment interaction module 401;
(5) The device interaction module 401 unpacks and verifies the packed subscription request;
(6) If the verification of the device interaction module 401 fails, responding to the subscription failure of the NB-IOT device, and ending the flow; if the device interaction module 401 verifies successfully, the device interaction module 401 sends subscription interaction information of the device to the device management and control module 403, wherein the subscription interaction information of the device at least comprises unique identification information of the NB-IOT device, subscription validity period of the NB-IOT device, time for initiating a subscription request and verification result of the subscription request;
(7) The device management and control module 403 updates and stores the subscription validity period and the time of initiating the subscription request of the NB-IOT device to the data storage module 402 according to the unique identification information of the NB-IOT device;
(8) The third party platform issues an instruction for the NB-IOT device to the device management and control module 403 through the data transmission module 404;
(9) The device management and control module 403 determines whether the received instruction is within the subscription validity period of the NB-IOT device according to the time of receiving the instruction and the stored subscription validity period of the NB-IOT device;
(10) If the instruction is within the subscription validity period of the NB-IOT device, the device management and control module 403 stores the instruction as an online instruction to the data storage module 402; if the instruction is not within the subscription validity period of the NB-IOT device, the device management and control module 403 stores the instruction as an offline instruction to the data storage module 402;
(11) If the instruction is within the subscription validity period of the NB-IOT device, the device management and control module 403 sends an online instruction to the device interaction module 401;
(12) The device interaction module 401 packages subscription response information of the NB-IOT device, wherein the subscription response information comprises an online instruction;
(13) The device interaction module 401 sends the subscription response information of the package to the NB-IOT device;
(14) The NB-IOT equipment receives the subscription response information of the package, executes an online instruction, and packages the response piece request of the device instruction execution result;
(15) The NB-IOT equipment sends a packaged equipment instruction execution result receipt request to the equipment interaction module 401;
(16) The device interaction module 401 unpacks and verifies the packaged device instruction execution result receipt request;
(17) The device interaction module 401 sends the device instruction execution result to the device management and control module 403;
(18) The device management and control module 403 updates and stores the device instruction execution result to the data storage module 402 according to the unique identification information of the NB-IOT device;
(19) If the third party platform subscribes to the device instruction execution result of the NB-IOT device, the device management and control module 403 pushes the device instruction execution result of the NB-IOT device to the third party platform through the data transmission module 404;
(20) The device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(21) The device interaction module 401 packages the response information of the device instruction execution result receipt of the NB-IOT device;
(22) The device interaction module 401 sends the packaged device instruction execution result receipt response information to the NB-IOT device.
FIG. 13 is a flow chart illustrating an example of an NB-IOT device receiving an offline instruction, where the offline instruction function is that the NB-IOT is in: (1) offline state; (2) online but not initiating a subscription request; (3) On-line, initiates a subscription request, but does not issue an instruction in the subscription validity period by a third party platform; and in the case of the same, the interaction platform of the NB-IOT equipment sends an offline instruction issued by the third-party interaction platform to the NB-IOT equipment. The offline instruction also has a certain validity period, and the validity period of the offline instruction can be freely set according to the service scene of the specific application of the NB-IOT equipment; if the validity period of the offline instruction expires, the device management module 403 deletes the expired offline instruction from the data storage module 402. The flow chart shown in fig. 11 is specifically as follows:
(1) The third party platform can send the instruction issued to the NB-IOT device and the subscription request of the device instruction execution result to the device management and control module 403 through the data transmission module 404 under the condition of demand;
(2) The device management and control module 403 queries the online state and subscription validity period of the NB-IOT device according to the unique identification information of the NB-IOT device included in the instruction;
(3) When the NB-IOT device is queried to be in: (1) offline state; (2) online but not initiating a subscription request; (3) On-line, initiates a subscription request, but does not issue an instruction in the subscription validity period by a third party platform; in the case of the like, the instruction is stored as an offline instruction to the data storage module 402;
(4) The NB-IOT equipment is successfully logged in and is in an online state;
(5) The NB-IOT equipment packages the information included in the offline request according to the CoAP protocol;
(6) The NB-IOT equipment sends an acquired offline request after packaging to the equipment interaction module 401;
(7) The device interaction module 401 unpacks and verifies the acquired offline request of the package;
(8) If the verification of the device interaction module 401 fails, responding to the failure of the NB-IOT device to acquire offline, and ending the flow; if the device interaction module 401 verifies successfully, the device interaction module 401 sends the acquired offline interaction information of the device to the device management and control module 403, where the acquired offline interaction information of the device at least includes unique identification information of the NB-IOT device, time for initiating the acquisition offline request, and a verification result of the acquisition offline request;
(9) The device management and control module 403 obtains the offline instruction in the validity period from the data storage module 402 according to the offline interaction information;
(10) The device management and control module 403 sends the offline instruction to the device interaction module 401;
(11) The device interaction module 401 packages the offline instruction response information obtained by the NB-IOT device, wherein the offline instruction response information comprises an offline instruction;
(12) The device interaction module 401 sends the offline instruction obtaining response information of the package to the NB-IOT device;
(13) The NB-IOT equipment receives the offline instruction response information of the package, executes an online instruction, and packages the equipment instruction execution result receipt request;
(14) The NB-IOT equipment sends a packaged equipment instruction execution result receipt request to the equipment interaction module 401;
(15) The device interaction module 401 unpacks and verifies the packaged device instruction execution result receipt request;
(16) The device interaction module 401 sends the device instruction execution result to the device management and control module 403;
(17) The device management and control module 403 updates and stores the device instruction execution result to the data storage module 402 according to the unique identification information of the NB-IOT device;
(18) If the third party platform subscribes to the device instruction execution result of the NB-IOT device, the device management and control module 403 pushes the device instruction execution result of the NB-IOT device to the third party platform through the data transmission module 404;
(19) The device management and control module 403 notifies the device interaction module 401 that the data processing is successful;
(20) The device interaction module 401 packages the response information of the device instruction execution result receipt of the NB-IOT device;
(21) The device interaction module 401 sends the packaged device instruction execution result receipt response information to the NB-IOT device.
The above examples provided only for the process of conveniently understanding interaction between the NB-IOT device and the interaction platform of the NB-IOT device specifically include the implementation process of the functions of registering, logging in, reporting state parameters, online command interaction, offline command interaction and the like of the NB-IOT device, which accords with the characteristics of low power consumption of the NB-IOT device, but do not limit the process and sequence of interaction between the actual NB-IOT device and the interaction platform of the NB-IOT device.
It is to be noted that this embodiment is an example of a device corresponding to the first embodiment, the second embodiment, or the third embodiment, and this embodiment may be implemented in conjunction with the first embodiment, the second embodiment, or the third embodiment, and the relevant technical details mentioned in the first embodiment, the second embodiment, or the third embodiment are still valid in this embodiment, and are not repeated here for the sake of reducing repetition. Accordingly, the related technical details mentioned in the present embodiment can also be applied to the first embodiment, the second embodiment, or the third embodiment.
It should be noted that each module in this embodiment is a logic module, and in practical application, one logic unit may be one physical unit, or may be a part of one physical unit, or may be implemented by a combination of multiple physical units. In addition, in order to highlight the innovative part of the present invention, units that are not so close to solving the technical problem presented by the present invention are not introduced in the present embodiment, but this does not indicate that other units are not present in the present embodiment.
A fifth embodiment of the present invention relates to a server, as shown in fig. 14, including: at least one processor 501; and a memory 502 communicatively coupled to the at least one processor 501; the memory 502 stores instructions executable by the at least one processor 501, where the instructions are executed by the at least one processor 501 to enable the at least one processor 501 to perform the NB-IOT device interaction method described above.
Where memory 502 and processor 501 are connected by a bus, the bus may comprise any number of interconnected buses and bridges, the buses connecting the various circuits of the one or more processors and memory 502. The bus may also connect various other circuits such as peripherals, voltage regulators, and power management circuits, which are well known in the art, and therefore, will not be described any further herein. The bus interface provides an interface between the bus and the transceiver. The transceiver may be one element or may be a plurality of elements, such as a plurality of receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. The data processed by the processor 501 is transmitted over a wireless medium via an antenna, which further receives the data and transmits the data to the processor 501.
The processor 501 is responsible for managing the bus and general processing and may also provide various functions including timing, peripheral interfaces, voltage regulation, power management, and other control functions. And memory 502 may be used to store data used by processor 501 in performing operations.
A sixth embodiment of the present invention relates to a computer-readable storage medium storing a computer program. The computer program, when executed by the processor, implements the interactive method embodiments of the NB-IOT device described above.
That is, it will be understood by those skilled in the art that all or part of the steps in implementing the above embodiment methods may be implemented by a program stored in a storage medium, including a plurality of instructions for causing a device (which may be a single-chip microcomputer, a chip or the like) or a processor (processor) to execute all or part of the embodiment methods.
It will be understood by those of ordinary skill in the art that the foregoing embodiments are specific examples of carrying out the invention and that various changes in form and details may be made therein without departing from the spirit and scope of the invention.

Claims (12)

1. An interaction method of NB-IOT devices, comprising:
Receiving a request sent by NB-IOT equipment; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment;
verifying the ciphertext information based on pre-stored unique identification information of the NB-IOT equipment;
if verification is successful, responding to a request sent by the NB-IOT equipment;
the request also comprises plaintext information, the ciphertext information comprises equipment check value ciphertext, the equipment check value ciphertext is generated by encrypting the plaintext information by an equipment key, and the equipment key is obtained by calculation according to the unique identification information of the NB-IOT equipment and a preset encryption algorithm;
the verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment comprises the following steps:
calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm;
encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext;
if the equipment check value ciphertext and the platform check value ciphertext are successfully matched, judging that the ciphertext information is successfully verified;
The responding to the request sent by the NB-IOT equipment comprises the following steps:
transmitting response information to the NB-IOT equipment; the response information comprises response data ciphertext obtained by encrypting a session key based on unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can acquire the session key according to the response data ciphertext and send a request based on the session key;
and the session key is obtained by encryption based on the unique identification information of the NB-IOT equipment.
2. The method of interaction of NB-IOT devices in accordance with claim 1, wherein the ciphertext information further comprises a request data ciphertext; wherein the request data ciphertext is generated from the plaintext information of the device key encryption portion;
after the equipment check value ciphertext and the platform check value ciphertext are successfully matched, decrypting the request data ciphertext according to the platform key to obtain a request data plaintext, and matching the request data plaintext with the plaintext information of the part;
and if the plaintext information of the request data and the part are successfully matched, judging that the ciphertext information is successfully verified.
3. The interaction method of NB-IOT devices in accordance with claim 1 or 2, wherein the request further comprises a timestamp characterizing the time of transmission of the request;
before the computing platform key, further comprising: and judging the time stamp as a legal time stamp, and judging the plaintext information in the request as complete plaintext information.
4. The method of interaction of NB-IOT devices in accordance with claim 1, further comprising:
and storing the session key and the verification result of the ciphertext information according to the unique identification information of the NB-IOT equipment, and pushing the session key and the verification result to a third party platform.
5. The interaction method of NB-IOT devices according to claim 1, wherein when the request is a subscription request, the subscription request further comprises a subscription validity period of the NB-IOT device; the responding to the request sent by the NB-IOT equipment comprises the following steps:
storing the subscription validity period of the NB-IOT equipment;
the method further comprises the steps of:
when an instruction sent by a third party platform to the NB-IOT equipment is received, judging whether the NB-IOT equipment is online or not and whether the instruction sent by the third party platform is in the subscription validity period of the NB-IOT equipment or not;
If yes, storing the instruction as an online instruction corresponding to the NB-IOT equipment, and sending the online instruction to the NB-IOT equipment;
if not, the instruction is stored as an offline instruction corresponding to the NB-IOT equipment.
6. An interaction platform for NB-IOT devices, comprising: the device interaction module and the data storage module;
the equipment interaction module is used for receiving a request sent by NB-IOT equipment; the request comprises ciphertext information obtained by encryption based on the unique identification information of the NB-IOT equipment;
the equipment interaction module is also used for verifying the ciphertext information based on the pre-stored unique identification information of the NB-IOT equipment;
the equipment interaction module is also used for responding to a request sent by the NB-IOT equipment when verification is successful;
the unique identification information of the NB-IOT equipment is pre-stored in the data storage module;
the request also comprises plaintext information, the ciphertext information comprises equipment check value ciphertext, the equipment check value ciphertext is generated by encrypting the plaintext information by an equipment key, and the equipment key is obtained by calculation according to the unique identification information of the NB-IOT equipment and a preset encryption algorithm;
The device interaction module verifies the ciphertext information based on the pre-stored unique identification information of the NB-IOT device, and the device interaction module comprises:
calculating a platform key according to the pre-stored unique identification information of the NB-IOT equipment and the preset encryption algorithm;
encrypting the plaintext information according to the platform key to obtain a platform check value ciphertext, and matching the equipment check value ciphertext with the platform check value ciphertext;
if the equipment check value ciphertext and the platform check value ciphertext are successfully matched, judging that the ciphertext information is successfully verified;
the device interaction module responds to a request sent by the NB-IOT device, and the device interaction module comprises:
transmitting response information to the NB-IOT equipment; the response information comprises response data ciphertext obtained by encrypting a session key based on unique identification information of the NB-IOT equipment, so that the NB-IOT equipment can acquire the session key according to the response data ciphertext and send a request based on the session key;
the session key is obtained by the equipment interaction module based on the unique identification information of the NB-IOT equipment.
7. The interaction platform of NB-IOT devices in accordance with claim 6, wherein the ciphertext information further comprises request data ciphertext; wherein the request data ciphertext is generated from the plaintext information of the device key encryption portion;
After the equipment interaction module successfully matches the equipment check value ciphertext and the platform check value ciphertext, the equipment interaction module is further used for decrypting the request data ciphertext according to the platform key to obtain a request data plaintext and matching the request data plaintext with the plaintext information of the part;
and if the plaintext information of the request data and the part are successfully matched, judging that the ciphertext information is successfully verified.
8. The interaction platform of NB-IOT devices of claim 6 or 7, wherein the request further comprises a timestamp characterizing a time of transmission of the request;
before the device interaction module calculates the platform key, the device interaction module is further configured to: and judging the time stamp as a legal time stamp, and judging the plaintext information in the request as complete plaintext information.
9. The interaction platform of NB-IOT devices of claim 6, further comprising a device management and control module and a data transmission module; the device management and control module is used for storing the session key and the verification result of the ciphertext information to the data storage module according to the unique identification information of the NB-IOT device, and pushing the unique identification information of the NB-IOT device, the session key and the verification result of the ciphertext information to a third party platform through the data transmission module.
10. The interaction platform of NB-IOT devices in accordance with claim 6, wherein when the request is a subscription request, the subscription request further comprises a subscription validity period of the NB-IOT device; the device interaction module responds to a request sent by the NB-IOT device, and the device interaction module comprises:
storing the subscription validity period of the NB-IOT equipment to the data storage module;
the platform further comprises a device management and control module and a data transmission module, wherein the device management and control module is used for judging whether the NB-IOT device is online or not and whether the instruction sent by the third-party platform is in the subscription validity period of the NB-IOT device or not when the instruction sent by the third-party platform to the NB-IOT device is received through the data transmission module;
if yes, the instruction is stored to the data storage module as an online instruction corresponding to the NB-IOT equipment, and the online instruction is sent to the equipment interaction module, so that the equipment interaction module sends the online instruction to the NB-IOT equipment;
and if not, storing the instruction to the data storage module as an offline instruction corresponding to the NB-IOT equipment.
11. A server, comprising:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of interaction of NB-IOT devices in accordance with any of claims 1-5.
12. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the interaction method of NB-IOT devices in accordance with any of claims 1 to 5.
CN201910763598.2A 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment Active CN110650477B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910763598.2A CN110650477B (en) 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910763598.2A CN110650477B (en) 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment

Publications (2)

Publication Number Publication Date
CN110650477A CN110650477A (en) 2020-01-03
CN110650477B true CN110650477B (en) 2023-07-11

Family

ID=68990133

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910763598.2A Active CN110650477B (en) 2019-08-19 2019-08-19 Interaction method, platform, server and storage medium of NB-IOT equipment

Country Status (1)

Country Link
CN (1) CN110650477B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113613190A (en) * 2021-06-22 2021-11-05 国网思极网安科技(北京)有限公司 Terminal security access unit, system and method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108768924A (en) * 2018-04-02 2018-11-06 广州广电运通金融电子股份有限公司 Cash processing terminal safety certifying method, device and cash processing terminal
CN109041052A (en) * 2018-07-02 2018-12-18 北京市燃气集团有限责任公司 A kind of safety communicating method and system based on marking algorithm

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850209A (en) * 2017-02-28 2017-06-13 苏州福瑞思信息科技有限公司 A kind of identity identifying method and device
CN108989309B (en) * 2018-07-16 2021-10-08 苏州大学张家港工业技术研究院 Encryption communication method and encryption communication device based on narrow-band Internet of things
CN108540287A (en) * 2018-07-16 2018-09-14 铂讯(北京)科技有限公司 Internet of Things safety management encryption method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108768924A (en) * 2018-04-02 2018-11-06 广州广电运通金融电子股份有限公司 Cash processing terminal safety certifying method, device and cash processing terminal
CN109041052A (en) * 2018-07-02 2018-12-18 北京市燃气集团有限责任公司 A kind of safety communicating method and system based on marking algorithm

Also Published As

Publication number Publication date
CN110650477A (en) 2020-01-03

Similar Documents

Publication Publication Date Title
WO2018214777A1 (en) Data communication method, device and apparatus, and storage medium
CN101373528B (en) Electronic payment system, device and method based on position authentication
CN106034028B (en) A kind of terminal device authentication method, apparatus and system
CN111783068B (en) Device authentication method, system, electronic device and storage medium
US9998440B2 (en) System and processing method for electronic authentication client, and system and method for electronic authentication
KR20160124648A (en) Method and apparatus for downloading and installing a profile
CN111756529B (en) Quantum session key distribution method and system
CN110708164B (en) Control method and device for Internet of things equipment, storage medium and electronic device
US11303453B2 (en) Method for securing communication without management of states
CN108449357B (en) Authorized login method and device, intelligent device and storage medium
CN112672342B (en) Data transmission method, device, equipment, system and storage medium
CN111355684B (en) Internet of things data transmission method, device and system, electronic equipment and medium
CN113015159B (en) Initial security configuration method, security module and terminal
CN110446177B (en) Communication method, device and system of Internet of things meter
CN113872940B (en) Access control method, device and equipment based on NC-Link
CN111756528B (en) Quantum session key distribution method, device and communication architecture
CN110620762A (en) RDMA (remote direct memory Access) -based data transmission method, network card, server and medium
CN105376059A (en) Method and system for performing application signature based on electronic key
CN107155184B (en) WIFI module with secure encryption chip and communication method thereof
CN107223328A (en) A kind of method and system of Root authority management and control
CN113613227B (en) Data transmission method and device of Bluetooth equipment, storage medium and electronic device
CN110650477B (en) Interaction method, platform, server and storage medium of NB-IOT equipment
CN114499990A (en) Vehicle control method, device, equipment and storage medium
CN105678542B (en) payment service interaction method, payment terminal and payment cloud terminal
CN109088731B (en) Internet of things cloud communication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant