CN110831001B - User ID distribution method based on EGUID - Google Patents

User ID distribution method based on EGUID Download PDF

Info

Publication number
CN110831001B
CN110831001B CN201810890189.4A CN201810890189A CN110831001B CN 110831001 B CN110831001 B CN 110831001B CN 201810890189 A CN201810890189 A CN 201810890189A CN 110831001 B CN110831001 B CN 110831001B
Authority
CN
China
Prior art keywords
service provider
user
internet
unique
number identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810890189.4A
Other languages
Chinese (zh)
Other versions
CN110831001A (en
Inventor
黎光洁
王明威
李春宏
吴冶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201810890189.4A priority Critical patent/CN110831001B/en
Publication of CN110831001A publication Critical patent/CN110831001A/en
Application granted granted Critical
Publication of CN110831001B publication Critical patent/CN110831001B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a user ID distribution method based on a unique serial number identifier of global equipment, which comprises the following steps: the internet of things terminal sends an access request to a service provider gateway, wherein the access request comprises a global equipment unique number identification; and the service provider gateway verifies the global equipment unique number identification, and after the verification is passed, the service provider gateway distributes a user ID to the Internet of things terminal based on the global equipment unique number identification and the service provider to which the Internet of things terminal belongs. The method for distributing the user ID based on the unique serial number identification of the global equipment can effectively prevent the access of illegal users based on the unique identification and is convenient for distinguishing and managing group users.

Description

User ID distribution method based on EGUID
Technical Field
The invention relates to the field of communication of the Internet of things, in particular to a user ID (identity) distribution method based on a global equipment unique number identifier (EGUID).
Background
The concept of the Internet of Things (IoT) has been proposed since the end of the 20 th century, and the technology and application fields thereof have been continuously enriched and improved, and especially the rapid development of communication technology in recent years provides a good support for the popularization and application of the Internet of Things.
The Internet of things is used as an Internet-based everything interconnection technology, and plays a good promoting role in efficient production and intelligent facility construction. Similar to a GSM network accessed by a mobile terminal, when an internet of things terminal (IOT Equipment, IOT) applies for accessing the internet of things, in order to manage the network access terminal, an identity needs to be accessed to the internet of things.
For terminals applying for access, the existing internet of things uniformly allocates user IDs to terminals of the internet of things by a network terminal according to network access permission. Because the user ID is uniformly distributed by the network end, when the terminal applies for access, only the access permission is verified, so that the risk that an illegal user can access the network by stealing the access permission exists, and the mode has serious defects in network security and terminal tracing.
Disclosure of Invention
The invention aims to: aiming at all or part of the existing problems, a user ID distribution method based on a global equipment unique number identifier is provided, so that network access permission based on the unique identifier is solved, uniqueness of an access network terminal is realized, and access management and problem tracing of the terminal of the Internet of things are facilitated.
The technical scheme adopted by the invention is as follows:
a user ID distribution method based on a global equipment unique number identification comprises the following steps:
s1: the method comprises the steps that an internet of things terminal sends an access request to a Service Provider GateWay (SPGW), wherein the access request comprises a Global Equipment Unique serial number (EGUID);
s2: the service provider gateway verifies the unique serial number identification of the global equipment, S3 is executed after the verification is passed, and otherwise, the access request of the Internet of things terminal is rejected;
s3: the Service Provider gateway distributes a user ID to the Internet of things terminal based on a global equipment unique number identification and a Service Provider (SP) to which the Internet of things terminal belongs;
s4: and the Internet of things terminal receives and stores the user ID.
The authentication of the global equipment unique number identification is adopted as the authentication of the access network, and the authentication has uniqueness and portability (the terminal is determined when being delivered from a factory, and the unique identification does not need to be redistributed). Therefore, the tracing and convenient management of the terminal of the Internet of things can be realized.
Further, the access request sent by the internet of things terminal to the service provider gateway in S1 is a first access request (of an access network) of the internet of things terminal, or an access request sent by the internet of things terminal to the service provider gateway after a service provider to which the internet of things terminal assigned with the user ID belongs switches networks.
Further, in the above S2, the verifying, by the service provider gateway, the unique serial number identifier of the global device specifically includes:
the service provider gateway searches a Central Management Database Server (CMDS) which stores a legal global equipment unique number identifier for the global equipment unique number identifier of the Internet of things terminal, and when the global equipment unique number identifier is found, the verification is passed, otherwise, the verification is not passed.
Further, in the above S2, the step of verifying, by the service provider gateway, the unique serial number identifier of the global device includes:
s2-1: the service provider collects the unique global equipment serial number identifications of the Internet of things terminals using the service of the service provider into a unique global equipment serial number identification set and reports the unique global equipment serial number identification set to a service provider gateway;
s2-2: the service provider gateway stores the received unique serial number identification set of the global equipment to a central management database server;
s2-3: and the service provider gateway searches the global equipment unique number identification of the Internet of things terminal requesting access in the central management database server.
Further, in S3, the step of allocating, by the service provider gateway, the user ID to the internet of things terminal is specifically: and the service provider gateway distributes the available user ID to the Internet of things terminal and stores the distributed user ID and the global equipment unique number identification of the Internet of things terminal in a central management database server in an associated manner.
Further, the step S2-1 includes:
s2-1-1: the service provider summarizes the unique global equipment serial number identifications of the Internet of things terminals using the service as a unique global equipment serial number identification set and reports the unique global equipment serial number identification set to the service provider gateway;
s2-1-2: the service provider gateway distributes an available user ID set to a service provider according to the unique serial number identification set of the global equipment;
s2-1-3: the business service provider configures the user ID in the user ID set into the Internet of things terminal;
s2-1-4: and the business service provider stores the user ID distributed to the terminal of the Internet of things and the unique global equipment serial number identification of the corresponding terminal of the Internet of things in an associated manner.
Further, in S3, the step of assigning, by the service provider gateway, the user ID to the terminal of the internet of things specifically includes:
s3-1: the service provider gateway sends the unique serial number identification of the global equipment to a service provider;
s3-2: the service provider sends the user ID distributed for the received unique serial number identification of the global equipment to a service provider gateway;
s3-3: and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
Further, the above S3-2 includes:
s3-2-1: the service provider searches the unique serial number identification of the global equipment received by S3-1 in the unique serial number identification of the global equipment and the user ID which are stored in an associated manner; when the unique serial number identifier of the global equipment is found, executing S3-2-2, otherwise, executing S3-2-3;
s3-2-2: the service provider feeds back the user ID stored in association with the global equipment unique number identification to the service provider gateway;
s3-2-3: the service provider feeds back the information of the search failure to the service provider gateway;
s3-3 is specifically: if S3-2-2 is executed, the service provider gateway sends the user ID fed back by the service provider to the terminal of the Internet of things; otherwise, the access request is rejected.
Further, after S2-1-4, the method further includes:
s2-1-5: the service provider sends the user ID and the unique serial number identification of the global equipment which are stored in a related way to the service provider gateway; and the service provider gateway stores the received user ID and the global equipment unique number identification which are stored in an associated manner to the central management database server.
Further, in the above S3, the process that the service provider gateway allocates the user ID to the terminal of the internet of things specifically includes: and the service provider gateway searches the global equipment unique number identification of the Internet of things terminal in the central management database server and sends the user ID stored in association with the searched global equipment unique number identification to the Internet of things terminal.
Further, the user ID is composed of a Group _ ID and an indivisual _ ID; in S2-1-2, the service provider gateway sets the user ID set of the service provider as a Group _ ID set; the step of configuring the user ID in the user ID set to the internet of things terminal by the service provider in S2-1-3 specifically includes: the business service provider configures the Group _ ID in the Group _ ID set into the Internet of things terminal; s2-1-4 is specifically: and the business service provider stores the Group _ ID distributed for the Internet of things terminal and the global equipment unique number identification of the corresponding Internet of things terminal in an associated manner.
Further, in S3, the step of assigning, by the service provider gateway, the user ID to the internet of things terminal specifically includes:
s3-1': the service provider gateway sends the unique serial number identification of the global equipment to a service provider;
s3-2': the service provider searches the Group _ ID distributed to the unique serial number identification of the global equipment, and distributes the Indvidual _ ID to the unique serial number identification of the global equipment to form a user ID; storing the user ID and the unique serial number identification of the global equipment in an associated manner;
s3-3': the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-4': and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
Further, S3-3' includes:
s3-3' -1: if the global equipment unique number identifier sent by the service provider gateway in the S3-1 'is found in the global equipment unique number identifier and the Group _ ID which are stored in an associated manner by the service provider in the S3-2'; then S3-3' -2 is performed; otherwise, executing S3-3' -3;
s3-3' -2: the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-3' -3: the service provider feeds back a message of failure search to the gateway of the service provider;
s3-4' is specifically: if S3-3' -2 is executed, the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things; otherwise, the access request is rejected.
Further, after S2-1-4, the method further includes:
s2-1-5': the service provider sends the Group _ ID and the global equipment unique number identification which are stored in an associated manner to a service provider gateway; and the service provider gateway stores the received Group _ ID and the global equipment unique number identification which are stored in an associated manner to the central management database server.
Further, in S3, the process of allocating, by the service provider gateway, the user ID to the internet of things terminal specifically includes: the business service provider gateway searches the Group _ ID stored in association with the global equipment unique number identification in the central management database server, allocates Indvidal _ ID to the global equipment unique number identification to form user ID, sends the user ID to the Internet of things terminal, and stores the Indvidal _ ID and the Group _ ID in association with each other.
Further, in S3, the process of allocating, by the service provider gateway, the user ID to the internet of things terminal specifically includes:
s3-1 ": the service provider gateway searches a Group _ ID which is carried in the access request and is stored in association with the global equipment unique number identification in a central management database server; sending the searched Group _ ID to a service provider;
s3-2': the service provider searches the unique serial number identification of the global equipment stored in Group _ ID association, and allocates Indvidual _ ID to the unique serial number identification of the global equipment to form user ID; storing the user ID and the unique serial number identification of the global equipment in an associated manner;
s3-3': the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-4': and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
1. and the user ID distribution based on the unique serial number identification of the global equipment can realize the problem tracing of the terminal and the prevention of illegal user access. Meanwhile, because a network is not needed to distribute a unique identifier for the terminal of the Internet of things in advance (physically), the efficient and convenient management of the terminal of the Internet of things is realized.
2. And aiming at network switching, the user ID is redistributed, so that the relevance management between the terminal of the Internet of things and the corresponding service provider is met, the terminal of the Internet of things and the service provider are conveniently distinguished, and the disorder of the access of the service provider is avoided. Meanwhile, the user ID is distributed only for the first access, and the user ID is bound with the Internet of things terminal subsequently, so that the network access efficiency is improved, the user experience is enhanced, and the load of a network terminal is reduced.
3. The legitimacy verification is carried out on the Internet of things terminal aiming at the unique serial number identification of the global equipment, and the method has extremely high accuracy and efficiency. Furthermore, for the service provider end reporting the unique serial number identifier of the global device, the network end performs identity verification according to the reported data, and the method has unique relevance and time limitation of identifier reporting, namely the unique serial number identifier of the counterfeit global device before reporting is illegal. Therefore, the verification accuracy is extremely high.
4. The distributed user ID is managed based on the network side, so that the quick verification of the identity of the internet of things terminal accessed to the network again and the data updating (after network switching) are facilitated, and the access response efficiency is improved.
5. Based on the principle of autonomous allocation and access activation of the user ID of the service provider, the load of uniformly allocating the user ID by the network end is greatly reduced. Meanwhile, due to the adoption of a pre-allocation principle, the user ID allocation time when the terminal of the Internet of things is accessed is effectively shortened, and the access efficiency is improved. Furthermore, when the access is activated, the distributed user ID and the unique serial number identification I of the global equipment are verified, so that the problem of illegal user access can be effectively avoided, and the network security is improved.
6. The gateway terminal of the service provider uniformly manages the pre-distributed unique serial number identification of the global equipment and the user ID, so that the check and user ID distribution efficiency during the access of the Internet of things terminal can be improved, the network access response efficiency is improved, and the user experience is improved.
7. The two-section user ID is adopted, so that the relevance between the Internet of things terminal and the business service provider is improved, and the distinguishing and management of a plurality of Internet of things terminals and the business service provider are further facilitated; the group processing of the terminals of the Internet of things is conveniently carried out collectively. Meanwhile, the service provider can be quickly determined according to the Group _ ID, and therefore the terminal of the Internet of things can be quickly accessed to the network.
8. By adopting the principle of requesting to perform Indvidual _ ID distribution in the group, the waste of limited user ID caused by long-term unused Indvidual _ ID distribution in the group before hands-free can be avoided, and the utilization efficiency of the user ID is further improved.
9. The unique serial number identification of the global equipment and the user ID are subjected to associated management, so that on one hand, the response efficiency of the legal identity check and the access request of the terminal of the Internet of things can be improved; on the other hand, grouping management of the terminals of the Internet of things is facilitated; meanwhile, uniqueness parameters of the terminal of the Internet of things in the network are increased, and accuracy of network access security verification is improved.
Drawings
The invention will now be described, by way of example, with reference to the accompanying drawings, in which:
fig. 1 is a flowchart of a user ID assignment method based on a global device unique number identifier.
Detailed Description
All of the features disclosed in this specification, or all of the steps of any method or process so disclosed, may be combined in any combination, except combinations of features and/or steps that are mutually exclusive.
Any feature disclosed in this specification (including any accompanying claims, abstract) may be replaced by alternative features serving equivalent or similar purposes, unless expressly stated otherwise. That is, unless expressly stated otherwise, each feature is only an example of a generic series of equivalent or similar features.
Introduction Of each functional entity involved in the WIoTa (Wide-area internet Of Things protocol) protocol:
IoTE (IoT Equipment), and an IoTE terminal (IoTE) integrates the modem and the service processing functions of WIoTa and communicates with an AP (Access Point). When a service is deployed, a Service Provider (SP) deploys a service entity of a terminal on the iot, and configures network parameters, keys, user IDs, and the like for a communication entity.
The traffic data packet of the IoTE passes through a WIoTa network (AP, SPGW) and then is transmitted to an NIS server of the SP. The SP analyzes, encrypts, compresses and the like the data packet in the NIS according to the requirement, and finally sends the data packet to an application server (or an IP network) at the SP end.
And the AP is responsible for data interaction and management interaction between an air interface and the IoTE and interaction between the AP and the SPGW. The AP can be connected with one or more SPGWs, and part of user management data is cached, so that the management and the control of users are facilitated.
One AP may carry multiple carriers, and different carriers may be configured differently, but in the design of WIoTa, the uplink and downlink of different carriers are boundary-synchronized.
Multiple APs may also serve one carrier, forming one virtual cell, improving the coverage (coverage) capability.
Multiple APs of the same system are fully synchronized.
SPGW (service Provider gateway), serving Provider gateway, which is mainly used to determine that the IOTE packet will be transmitted to the NIS corresponding to the SP according to the Service Provider (SP) configuration of the CMDS and the GROUP _ ID in the USER ID (USER _ ID).
The SPGW interacts with the CMDS to obtain management data of the iot and the SP, such as USER status, USER _ ID _ SCRAMBLED, and the like.
The SPGW will cache (cache) part of the management data to speed up the processing flow and reduce interaction. The SPGW also provides management data to the AP.
4. An entity of a Network Interface Server (NIS) is deployed at an SP end, and the SP can be configured according to the actual needs of the SP. The NIS mainly completes encryption, authentication, compression, splitting, and parsing of the data packet format. The Service Adaptation Layer (SAL) in the NIS may parse the packets and decide how to send them to the application server, or adapt to the IP layer.
The NIS will also interact with the CMDS to apply for an SPGW that may be used.
5. The CMDS (Central Management Database Server) stores global user and network Management and status data.
The SPGW can know the NIS address corresponding to the USER _ ID by querying the CMDS. The CMDS also stores the state of the IOTE, the AP in which the IOTE is located, and other information. The NIS obtains information of the SPGW that can be used by interacting with the CMDS. The CMDS will perform authentication, flow control, charging and other processes on the NIS access.
Interfaces (interfaces) are defined among all the entities, and the main interfaces are as follows:
-a _ i (air interface): the air interface between the IOTE and the AP comprises protocol layers such as a physical layer (PHY), a media gateway control layer (MAC), a Management Control Layer (MCL) and the like.
-g _ i (gateway interface): the bottom layer of the interface between the AP and the SPGW is connected through a safety connection, and the interface has two data of a data layer and a management layer.
-d _ i (database interface): and the bottom layer of the interface between the CMDS and the SPGW is connected through a secure connection.
-s _ i (service provider interface): interface between SPGW and NIS.
In addition, the UNIQUE identification of GLOBAL device number (EGUID) is used to distinguish the number of the device, which is independent of the network to which the device needs to be connected and belongs to the intrinsic property of the device. When the device accesses the network, the device submits the unique serial number identification of the global device for access management and user ID distribution. USER ID (USER _ ID) is distributed based on the global equipment unique number identification, so that the USER ID and the global equipment unique number identification have relevance, and the distinguishing effect among the USER IDs is improved.
As shown in fig. 1, this embodiment discloses a user ID allocation method based on a global device unique number identifier, which includes the following steps:
s1: the method comprises the steps that an Internet of things terminal sends an access request to a service provider gateway, wherein the access request comprises a unique global equipment serial number identifier;
s2: the service provider gateway verifies the unique serial number identifier of the global equipment, S3 is executed after the verification is passed, and otherwise, the access request of the Internet of things terminal is rejected;
s3: the service provider gateway distributes a user ID to the Internet of things terminal based on the global equipment unique number identification and the service provider to which the Internet of things terminal belongs;
s4: and the Internet of things terminal receives and stores the user ID.
In an embodiment, the access request sent by the internet of things terminal to the service provider gateway in S1 is a First access request (First Time Allocation) of the internet of things terminal, or an access request sent by the internet of things terminal to the service provider gateway after a network is switched by a service provider to which the internet of things terminal belongs (for example, when a user ID needs to be reallocated for switching an operator, updating a system, and the like).
In S2, the verifying the unique serial number identifier of the global device by the service provider gateway specifically includes:
and the service provider gateway searches the global equipment unique number identification of the Internet of things terminal in a central management database server in which the legal global equipment unique number identification is stored, and when the global equipment unique number identification is searched, the verification is passed, otherwise, the verification is not passed.
The second embodiment discloses a method for verifying the unique serial number identifier of global equipment by a service provider gateway, which comprises the following processes:
s2-1: a Service Provider (Service Provider) collects the global equipment unique number identifications of a plurality of internet of things terminals using the Service of the Service Provider into a global equipment unique number identification set and reports the global equipment unique number identification set to a Service Provider gateway;
s2-2: the service provider gateway stores the received unique serial number identification set of the global equipment to a central management database server;
s2-3: and the service provider gateway searches the unique global equipment serial number identification of the Internet of things terminal requesting access in a central management database server.
Based on the second embodiment, the third embodiment discloses a method for allocating a user ID to an internet of things terminal by a service provider gateway, where the method for allocating a user ID to an internet of things terminal by a service provider gateway specifically includes:
and the service provider gateway distributes the available user ID to the Internet of things terminal and stores the distributed user ID and the global equipment unique number identification of the Internet of things terminal in a central management database server in an associated manner.
Based on the second embodiment, the fourth embodiment discloses a method for allocating a user ID to an internet of things terminal: the above S2-1 includes:
s2-1-1: the service provider summarizes the unique global equipment serial number identifications of the Internet of things terminals using the service as a unique global equipment serial number identification set and reports the unique global equipment serial number identification set to the service provider gateway;
s2-1-2: the service provider gateway distributes an available user ID set to a service provider according to the unique serial number identification set of the global equipment;
s2-1-3: the business service provider configures the user ID in the user ID set into the Internet of things terminal; before a service provider provides service for an internet of things terminal (before the internet of things terminal applies for access to an IOT), for example, when the internet of things terminal leaves a factory, user IDs are configured for a plurality of internet of things terminals in advance;
s2-1-4: and the business service provider stores the user ID distributed to the terminal of the Internet of things and the unique global equipment serial number identification of the corresponding terminal of the Internet of things in an associated manner.
Based on the fourth embodiment, in another embodiment where the service provider gateway allocates the user ID to the terminal of the internet of things, in the step S3, the process that the service provider gateway allocates the user ID to the terminal of the internet of things includes:
s3-1: the service provider gateway sends the unique serial number identification of the global equipment to a service provider;
s3-2: the service provider sends the user ID distributed for the received unique serial number identification of the global equipment to a service provider gateway;
s3-3: and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
Namely, the service provider applies for the user ID to the service provider gateway through the unique serial number identification of the global equipment, and configures the user ID for the terminal of the Internet of things in advance. And activating the user ID according to the access request of the terminal of the Internet of things.
Based on the previous embodiment, in an embodiment where the service provider feeds back the user ID to the service provider gateway, the step S3-2 includes:
s3-2-1: the service provider searches the unique serial number identification of the global equipment received by S3-1 in the unique serial number identification of the global equipment and the user ID which are stored in an associated manner; when the unique serial number identifier of the global equipment is found, executing S3-2-2, otherwise, executing S3-2-3;
s3-2-2: the service provider feeds back the user ID stored in association with the global equipment unique number identification to the service provider gateway;
s3-2-3: and the service provider feeds back the information of the search failure to the service provider gateway.
Further, in response to the case that the assignment of the user ID fails (the global device unique number identifier is illegal), the step S3-3 is specifically: if S3-2-2 is executed (namely the business service provider successfully searches the unique serial number identifier of the global equipment and successfully distributes the user ID), the business service provider gateway sends the user ID fed back by the business service provider to the terminal of the Internet of things; otherwise (namely the service provider fails to search the global equipment unique number identification or fails to allocate the user ID), the access request is rejected. In an embodiment, the access denial request may be that the service provider gateway feeds back a corresponding denial message to the internet of things terminal, or that the service provider gateway does not serve as the service provider gateway.
Based on the fourth embodiment, in another embodiment of assigning a user ID to the terminal of the internet of things, S2-1-4 further includes:
s2-1-5: the service provider sends the user ID and the unique serial number identification of the global equipment which are stored in a related way to the service provider gateway; and the service provider gateway stores the received user ID and the global equipment unique number identification which are stored in an associated manner to the central management database server.
Based on the previous embodiment, in another embodiment where the service provider gateway allocates the user ID to the terminal of the internet of things, the process of allocating the user ID to the terminal of the internet of things by the service provider gateway is specifically: and the service provider gateway searches the global equipment unique number identification of the Internet of things terminal in the central management database server and sends the user ID stored in association with the searched global equipment unique number identification to the Internet of things terminal.
Further, the method further includes S5: and the terminal of the Internet of things uses the stored user ID to access the IOT in the subsequent communication process with the service provider gateway and the service provider. Subsequently, the user ID is used for accessing the IOT at each power-on.
In order to distinguish and manage different network systems (different service providers) used by the terminal of the internet of things or different accessed subnets (such as subnets of cellular network networking), a fifth embodiment of the present invention discloses another method for allocating a user ID, based on the embodiment (fourth embodiment) in which the service provider gateway verifies the unique serial number identifier of the global device:
the user ID consists of a Group _ ID and an Indvidual _ ID; in one embodiment, the Group _ ID is high and the Indvidual _ ID is low. In the above S2-1-2, the user ID set from the service provider gateway to the service provider is a Group _ ID set; the step of configuring, by the service provider in S2-1-3, the user ID in the user ID set to the internet of things terminal specifically is: the business service provider configures the Group _ ID in the Group _ ID set into the Internet of things terminal; the S2-1-4 is specifically: and the business service provider stores the Group _ ID distributed for the Internet of things terminal and the global equipment unique number identification of the corresponding Internet of things terminal in an associated manner.
Namely, the service provider configures the Group _ ID for the terminal of the internet of things using the service in advance, so that when the terminal of the internet of things applies for accessing the IOT, the service provider gateway can find the service provider to which the service provider belongs according to the unique serial number identifier or Group of the global device of the service provider. The Group _ ID is used for distinguishing different network systems or different subnets to perform Group management on the internet of things terminals, for example, performing multicast on the internet of things terminals of the same Group _ ID.
Based on the previous embodiment, in an embodiment where the service provider gateway allocates the user ID to the terminal of the internet of things, the allocating, by the service provider gateway, the user ID to the terminal of the internet of things specifically includes:
s3-1': the service provider gateway sends the unique serial number identification of the global equipment to a service provider;
s3-2': the service provider searches the Group _ ID distributed to the unique serial number identification of the global equipment, and distributes an Indvidual _ ID to the unique serial number identification of the global equipment to form a user ID; storing the user ID and the unique serial number identification of the global equipment in an associated manner;
s3-3': the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-4': and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
The service provider side applies for the Group _ ID for the terminal of the Internet of things and pre-allocates the Group _ ID for the terminal of the Internet of things; and then, additionally distributing an Indvidual _ ID for the terminal of the Internet of things according to the access application of the terminal of the Internet of things.
Based on the above embodiment, in consideration of the case where the user ID assignment fails, the above S3-3' includes:
s3-3' -1: if the global device unique number identifier sent by the service provider gateway in the S3-1 'is found in the global device unique number identifier and the Group _ ID which are stored in an associated manner by the service provider in the S3-2'; then executing S3-3' -2; otherwise, executing S3-3' -3;
s3-3' -2: the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-3' -3: the service provider feeds back a search failure message to the service provider gateway;
the S3-4' specifically comprises the following steps: if S3-3' -2 is executed (namely, the user ID is successfully distributed), the service provider gateway sends the user ID sent by the service provider to the Internet of things terminal; otherwise (i.e., failed to assign a user ID), the access request is denied. The access denial request is the same as the above embodiment.
Based on the fifth embodiment, in another embodiment of the method for assigning a user ID, after the step S2-1-4, the method further includes:
s2-1-5': the service provider sends the Group _ ID and the global equipment unique number identification which are stored in an associated manner to a service provider gateway; and the service provider gateway stores the received Group _ ID and the global equipment unique number identification which are stored in an associated way into a central management database server. So as to facilitate the direct management of the global equipment unique number identification and Group _ ID of the whole network by the service provider gateway.
Based on the previous embodiment, the embodiment discloses a method for allocating a user ID to an internet of things terminal by a service provider gateway, which comprises the following steps: and the service provider gateway searches the Group _ ID stored in association with the global equipment unique number identification in a central management database server, allocates Indvidal _ ID to the global equipment unique number identification to form a user ID, sends the user ID to the Internet of things terminal, and stores the Indvidal _ ID and the Group _ ID in association with each other. Namely, the business service provider allocates a Group _ ID to the global device unique number identifier (corresponding to the internet of things terminal), and the business service provider gateway allocates an indivisual _ ID to the internet of things terminal. In one embodiment, the association of induvidual _ ID with Group _ ID is stored as the association of assigned user ID with corresponding global device unique number identification.
Or, in another embodiment in which the service provider gateway allocates the user ID to the terminal of the internet of things, the process of the service provider gateway allocating the user ID to the terminal of the internet of things includes:
s3-1 ": the service provider gateway searches a Group _ ID which is carried in the access request and is stored in association with the global equipment unique number identification in a central management database server; sending the searched Group _ ID to a service provider;
s3-2 ": the service provider searches the unique serial number identification of the global equipment stored in association with the Group _ ID, and allocates Indvidual _ ID to the unique serial number identification of the global equipment to form a user ID; storing the user ID and the unique serial number identification of the global equipment in an associated manner;
s3-3': the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-4': and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
Namely, the user ID assignment of the service provider side is performed through the Group _ ID (supplemental assignment index _ ID).
The communication between the terminal of the internet of things and the gateway of the service provider is actually realized by the Access of the terminal of the internet of things through an air interface between APs (Access points) and interaction between the APs and the gateway of the service provider. The communication between the service provider and the service provider gateway is actually the interaction between the service provider gateway and an NIS (Network Interface Server), the NIS entity is deployed at the service provider, the service provider can be configured according to the actual needs of the service provider, and the NIS mainly completes the encryption, authentication, compression, splitting, and parsing of the data packet format. The NIS applies for a service provider gateway that may be used through interaction with a central management database server.
The central management database server stores global user and network management and status data.
The service provider gateway can know the NIS address corresponding to the USER ID (USER _ ID) by querying the central management database server. The central management database server also stores the state of the terminal of the internet of things, the AP and other information. The NIS obtains information about available service provider gateways by interacting with a central management database server. The central management database server can perform the processing of authentication, flow control, charging and the like on the NIS access.
And the business service provider gateway and the central management database server interactively obtain the management data of the Internet of things terminal and the business service provider.
The invention is not limited to the foregoing embodiments. The invention extends to any novel feature or any novel combination of features disclosed in this specification, and to any novel method or process steps or any novel combination of steps disclosed.

Claims (14)

1. A user ID distribution method based on a global equipment unique number identification is characterized by comprising the following steps:
s1: the method comprises the steps that an Internet of things terminal sends an access request to a service provider gateway, wherein the access request comprises a global equipment unique number identification;
s2: the service provider gateway verifies the unique serial number identifier of the global equipment, S3 is executed after the verification is passed, and otherwise, the access request of the Internet of things terminal is rejected;
the service provider gateway verifies the unique serial number identifier of the global equipment, and the method comprises the following steps:
s2-1: the service provider summarizes the unique global equipment serial number identifications of the Internet of things terminals using the service as a unique global equipment serial number identification set and reports the unique global equipment serial number identification set to the service provider gateway;
s2-2: the service provider gateway stores the received unique serial number identification set of the global equipment to a central management database server;
s2-3: the service provider gateway searches the unique global equipment serial number identifier of the Internet of things terminal requesting access in the central management database server, and when the unique global equipment serial number identifier is found, the verification is passed, otherwise, the verification is not passed;
s3: the service provider gateway distributes a user ID to the Internet of things terminal based on the global equipment unique number identification and the service provider to which the Internet of things terminal belongs;
s4: and the Internet of things terminal receives and stores the user ID.
2. The user ID allocation method according to claim 1, wherein the access request sent by the internet of things terminal to the service provider gateway in S1 is a first access request of the internet of things terminal, or is an access request sent by the internet of things terminal to the service provider gateway after a service provider to which the internet of things terminal to which the user ID has been allocated switches networks.
3. The method for assigning the user ID according to claim 1, wherein in S3, the assigning, by the service provider gateway, the user ID to the terminal of the internet of things specifically includes: and the service provider gateway distributes the available user ID to the Internet of things terminal and stores the distributed user ID and the global equipment unique number identification of the Internet of things terminal in a central management database server in an associated manner.
4. The user ID allocation method according to claim 1, wherein the S2-1 includes:
s2-1-1: the service provider summarizes the unique global equipment serial number identifications of the Internet of things terminals using the service as a unique global equipment serial number identification set and reports the unique global equipment serial number identification set to the service provider gateway;
s2-1-2: the service provider gateway distributes an available user ID set to a service provider according to the unique serial number identification set of the global equipment;
s2-1-3: the business service provider configures the user ID in the user ID set into the Internet of things terminal;
s2-1-4: and the business service provider stores the user ID distributed to the terminal of the Internet of things and the unique global equipment serial number identification of the corresponding terminal of the Internet of things in an associated manner.
5. The method for assigning the user ID according to claim 4, wherein in S3, the step of assigning the user ID to the terminal of the internet of things by the service provider gateway specifically includes:
s3-1: the service provider gateway sends the unique serial number identification of the global equipment to a service provider;
s3-2: the service provider sends the user ID distributed for the received unique serial number identification of the global equipment to a service provider gateway;
s3-3: and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
6. The user ID allocation method according to claim 5, wherein said S3-2 includes:
s3-2-1: the service provider searches the unique serial number identification of the global equipment received by S3-1 in the unique serial number identification of the global equipment and the user ID which are stored in an associated manner; when the unique serial number identifier of the global equipment is found, executing S3-2-2, otherwise, executing S3-2-3;
s3-2-2: the service provider feeds back the user ID which is stored in association with the unique serial number identifier of the global equipment to the service provider gateway;
s3-2-3: the service provider feeds back the information of the search failure to the service provider gateway;
s3-3 is specifically: if S3-2-2 is executed, the service provider gateway sends the user ID fed back by the service provider to the Internet of things terminal; otherwise, rejecting the access request.
7. The user ID assigning method according to claim 4, further comprising, after S2-1-4:
s2-1-5: the service provider sends the user ID and the unique global equipment serial number identification which are stored in an associated manner to a service provider gateway; and the service provider gateway stores the received user ID and the global equipment unique number identification which are stored in an associated manner to the central management database server.
8. The method for assigning the user ID according to claim 7, wherein in S3, the process of the service provider gateway assigning the user ID to the terminal of the internet of things specifically includes: and the service provider gateway searches the global equipment unique number identification of the Internet of things terminal in the central management database server and sends the user ID stored in association with the searched global equipment unique number identification to the Internet of things terminal.
9. The user ID allocation method of claim 4, wherein said user ID is comprised of a Group _ ID and an Individual _ ID; in the S2-1-2, the user ID set from the service provider gateway to the service provider is a Group _ ID set; the step of configuring, by the service provider in S2-1-3, the user ID in the user ID set to the internet of things terminal specifically is: the service provider configures the Group _ ID in the Group _ ID set into the terminal of the Internet of things; the S2-1-4 specifically comprises the following steps: and the business service provider stores the Group _ ID distributed for the Internet of things terminal and the global equipment unique number identification of the corresponding Internet of things terminal in an associated manner.
10. The method for assigning a user ID according to claim 9, wherein, in S3, the assigning, by the service provider gateway, a user ID to the terminal of the internet of things specifically includes:
s3-1': the service provider gateway sends the unique serial number identification of the global equipment to a service provider;
s3-2': the service provider searches the Group _ ID distributed to the unique serial number identification of the global equipment, and distributes an Indvidual _ ID to the unique serial number identification of the global equipment to form a user ID; storing the user ID and the unique serial number identification of the global equipment in an associated manner;
s3-3': the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-4': and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
11. The user ID assigning method of claim 10, wherein the S3-3' comprises:
s3-3' -1: if the global device unique number identifier sent by the service provider gateway in the S3-1 'is found in the global device unique number identifier and the Group _ ID which are stored in an associated manner by the service provider in the S3-2'; then S3-3' -2 is performed; otherwise, executing S3-3' -3;
s3-3' -2: the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-3' -3: the service provider feeds back a search failure message to the service provider gateway;
the S3-4' specifically comprises the following steps: if S3-3' -2 is executed, the service provider gateway sends the user ID sent by the service provider to the Internet of things terminal; otherwise, rejecting the access request.
12. The method for assigning a user ID according to claim 9, further comprising, after S2-1-4:
s2-1-5': the service provider sends the Group _ ID and the global equipment unique number identification which are stored in an associated manner to a service provider gateway; and the service provider gateway stores the received Group _ ID and the global equipment unique number identification which are stored in an associated way into a central management database server.
13. The method for assigning the user ID according to claim 12, wherein in S3, the process of the service provider gateway assigning the user ID to the terminal of the internet of things specifically includes: and the service provider gateway searches the Group _ ID stored in association with the global equipment unique number identification in a central management database server, allocates Indvidal _ ID to the global equipment unique number identification to form a user ID, sends the user ID to the Internet of things terminal, and stores the Indvidal _ ID in association with the Group _ ID.
14. The method for assigning the user ID according to claim 12, wherein in S3, the process of the service provider gateway assigning the user ID to the terminal of the internet of things specifically includes:
s3-1 ": the service provider gateway searches a Group _ ID which is carried in the access request and is stored in association with the global equipment unique number identification in a central management database server; sending the searched Group _ ID to a service provider;
s3-2': the service provider searches the unique serial number identification of the global equipment stored in association with the Group _ ID, and allocates Indvidual _ ID to the unique serial number identification of the global equipment to form a user ID; storing the user ID and the unique serial number identification of the global equipment in an associated manner;
s3-3': the service provider sends the user ID distributed for the unique serial number identification of the global equipment to a service provider gateway;
s3-4': and the service provider gateway sends the user ID sent by the service provider to the terminal of the Internet of things.
CN201810890189.4A 2018-08-07 2018-08-07 User ID distribution method based on EGUID Active CN110831001B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810890189.4A CN110831001B (en) 2018-08-07 2018-08-07 User ID distribution method based on EGUID

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810890189.4A CN110831001B (en) 2018-08-07 2018-08-07 User ID distribution method based on EGUID

Publications (2)

Publication Number Publication Date
CN110831001A CN110831001A (en) 2020-02-21
CN110831001B true CN110831001B (en) 2022-09-23

Family

ID=69533938

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810890189.4A Active CN110831001B (en) 2018-08-07 2018-08-07 User ID distribution method based on EGUID

Country Status (1)

Country Link
CN (1) CN110831001B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114301869A (en) * 2021-12-17 2022-04-08 珠海迈科智能科技股份有限公司 Method, system and storage medium for dynamically allocating equipment ID

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104244227A (en) * 2013-06-09 2014-12-24 中国移动通信集团公司 Terminal access authentication method and device in internet of things system
CN106027357A (en) * 2016-07-08 2016-10-12 北京邮电大学 Internet of things gateway, method for admitting home equipment into Internet of things platform and Internet of things system
CN106789616A (en) * 2017-02-10 2017-05-31 上海新储集成电路有限公司 A kind of things-internet gateway equipment and Internet of Things central platform
CN106878923A (en) * 2017-01-09 2017-06-20 云丁网络技术(北京)有限公司 The quick method of network entry of ultra-low power consumption intelligent equipment and intelligent domestic system
CN107690788A (en) * 2015-03-02 2018-02-13 比约恩·皮尔维茨 Identification and/or Verification System and method
CN108353069A (en) * 2015-11-19 2018-07-31 惠普发展公司,有限责任合伙企业 It is established via the communication link of identifier

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9906838B2 (en) * 2010-07-12 2018-02-27 Time Warner Cable Enterprises Llc Apparatus and methods for content delivery and message exchange across multiple content delivery networks
WO2016051237A1 (en) * 2014-10-03 2016-04-07 Telefonaktiebolaget L M Ericsson (Publ) Dynamic generation of unique identifiers in a system of connected things

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104244227A (en) * 2013-06-09 2014-12-24 中国移动通信集团公司 Terminal access authentication method and device in internet of things system
CN107690788A (en) * 2015-03-02 2018-02-13 比约恩·皮尔维茨 Identification and/or Verification System and method
CN108353069A (en) * 2015-11-19 2018-07-31 惠普发展公司,有限责任合伙企业 It is established via the communication link of identifier
CN106027357A (en) * 2016-07-08 2016-10-12 北京邮电大学 Internet of things gateway, method for admitting home equipment into Internet of things platform and Internet of things system
CN106878923A (en) * 2017-01-09 2017-06-20 云丁网络技术(北京)有限公司 The quick method of network entry of ultra-low power consumption intelligent equipment and intelligent domestic system
CN106789616A (en) * 2017-02-10 2017-05-31 上海新储集成电路有限公司 A kind of things-internet gateway equipment and Internet of Things central platform

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Identifying and Authenticating IoT Objects in a Natural Context;Zhi-Kai Zhang ET AL;《Computer》;20150811;全文 *
高翔.基于分布式ID的物联网标识设计与实现.《 中小企业管理与科技(下旬刊)》.2016, *

Also Published As

Publication number Publication date
CN110831001A (en) 2020-02-21

Similar Documents

Publication Publication Date Title
CN109565459B (en) Endpoint to edge node interaction in a wireless communication network
US7995510B2 (en) Method for implementing broadcast/multicast area management in a wireless communication system
KR100740874B1 (en) System and method for controlling multimedia broadcast multicast service for load distribution
CN100539595C (en) A kind of IP address assignment method based on the DHCP extended attribute
WO2017097219A1 (en) Cloud sim card pool system
US8717960B2 (en) MCBCS mapping and delivery to support MCBCS services
CN1653728A (en) Method for providing broadcast service in a CDMA mobile communication system
WO2012142955A1 (en) Machine to machine service management device, network device, and service processing method and system
CN1553691A (en) High-capacity wide-band inserting method and system
US8351353B2 (en) Forward channel sharing method in time division communication system
CN101662511A (en) Network address distributing method, DHCP server, access system and method thereof
US9838949B2 (en) Terminal discovery method, terminal, server, base station, management entity, and system
US8958792B2 (en) Method and system for selecting mobility management entity of terminal group
CN111107171A (en) Security defense method and device for DNS (Domain name Server), communication equipment and medium
CN101404575B (en) Method and system for updating indorsement algorithm
CN112804679A (en) Network slice connection method and device, storage medium and electronic device
CN112367160B (en) Virtual quantum link service method and device
CN110831001B (en) User ID distribution method based on EGUID
CN101959172A (en) Attachment method for separating identity from position in NGN (Next-Generation Network) and system
CN100499567C (en) Method for realizing video multicast service medium frequency switch
EP2439881B1 (en) Cluster system and request message distribution method for processing multi-node transaction
CN109150290B (en) Satellite lightweight data transmission protection method and ground safety service system
CN107948922A (en) The processing method of cluster user server and terminal and region restricted service
US20090069003A1 (en) Apparatus and method for supporting multicast and broadcast service in a broadband wireless access (bwa) system
CN106506239B (en) Method and system for authentication in organization unit domain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant