CN110971617A - Voice equipment authorization method, authentication method and system - Google Patents

Voice equipment authorization method, authentication method and system Download PDF

Info

Publication number
CN110971617A
CN110971617A CN201911351935.3A CN201911351935A CN110971617A CN 110971617 A CN110971617 A CN 110971617A CN 201911351935 A CN201911351935 A CN 201911351935A CN 110971617 A CN110971617 A CN 110971617A
Authority
CN
China
Prior art keywords
authorization
server
voice
terminal equipment
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911351935.3A
Other languages
Chinese (zh)
Inventor
王小雨
闻洪凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
AI Speech Ltd
Original Assignee
AI Speech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by AI Speech Ltd filed Critical AI Speech Ltd
Priority to CN201911351935.3A priority Critical patent/CN110971617A/en
Publication of CN110971617A publication Critical patent/CN110971617A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a voice equipment authentication method, which is applied to terminal equipment and comprises the following steps: acquiring an authorization certificate of current terminal equipment, wherein the authorization certificate is generated by a server according to a product number which is provided by a service application provider and needs to be applied for authorization and the number of the terminal equipment which needs to be authorized; at least sending the authorization certificate of the current terminal equipment to the server so that the server can authenticate the current terminal equipment according to the authorization certificate; and receiving the authentication result returned by the server. The present invention generates a unique device identification from the web service provider's authentication and authorization service, which is provided to the device manufacturer as authorization. Namely, the authorization scheme does not rely on the inherent device information of the device any more, but adds a unique identifier to the device. And because the additional information is added, the device cannot be strongly dependent on the device, so that backup storage can be realized, and the device can still be identified and used under the condition of local damage.

Description

Voice equipment authorization method, authentication method and system
Technical Field
The invention relates to the technical field of electronic equipment, in particular to a voice equipment authorization method, an authentication method and a system.
Background
The device authentication and authorization methods in the prior art are mainly divided into two categories:
the software lock uses the hardware information of the equipment as the identification of the equipment, authorizes the authorized identification during authorization, and checks whether the equipment identification is matched during authentication;
the hardware lock, usually a special encryption chip, can be integrated on the circuit board in the form of a chip module for handheld devices, and can be provided in the form of a pluggable USB device for desktop devices.
The software lock uses unique and fixed information of the device itself as a unique identifier (also called device fingerprint) of the device, such as a CPU serial number, a memory serial number, a MAC address of a Wifi module, an IMEI (international mobile Equipment Identity), and the like of the device. When authorizing, the unique identification information (reported by the equipment networking or production line program) of the equipment is reported to the authorization server for authorization, and the authorization server can generate a specific authorization file according to the reported information and send the authorization file to the equipment. When the voice application runs, whether the voice application runs normally is determined by checking whether a legal authorization file exists on the equipment.
Hardware locks generally integrate a specific encryption algorithm or key information into a chip to realize authorization. The voice application will check the information in the hardware lock to determine if it is authorized at run time. The hardware lock does not rely on device information, does not require the device to have a unique identifier, and can implement offline authorization.
The validity of a software lock depends on the device having unique and fixed device information, and often many devices do not have device information that meets this requirement. For example, many home appliances often do not have unique device information among devices of the same type due to simple electronic structures; the server device may have a hardware device upgraded or replaced, and at this time, the hardware information is not fixed.
The most obvious defect of the hardware lock is that the cost of equipment is increased, including the cost of the chip and the production cost after the chip is increased; secondly, the encryption chip has the risk of being cracked and copied, namely the same encryption chip can be manufactured by cracking the encryption chip. Once the encryption chip is cracked, the original legal authorization can not be repaired in order to keep the usability.
Disclosure of Invention
The embodiment of the invention provides an authorization method, an authentication method and a system of voice equipment, which are used for solving at least one of the technical problems.
In a first aspect, an embodiment of the present invention provides an authentication method for a voice device, which is applied to a terminal device, and the method includes:
acquiring an authorization certificate of current terminal equipment, wherein the authorization certificate is generated by a server according to a product number which is provided by a service application provider and needs to be applied for authorization and the number of the terminal equipment which needs to be authorized;
at least sending the authorization certificate of the current terminal equipment to the server so that the server can authenticate the current terminal equipment according to the authorization certificate;
and receiving the authentication result returned by the server.
In a second aspect, an embodiment of the present invention provides a voice device authorization method, which is applied to a server, and the method includes:
acquiring a product number which needs to be applied for authorization and the number of terminal devices which need to be authorized, wherein the product number and the number are provided by a service provider;
generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
receiving an authorization request sent by terminal equipment of the service application provider, wherein the authorization request comprises an equipment identification file corresponding to the current terminal equipment;
and generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
In a third aspect, an embodiment of the present invention provides a voice device authentication and authorization system, including the terminal device described in any one of the foregoing embodiments and the server described in any one of the foregoing embodiments.
In a fourth aspect, an embodiment of the present invention provides an authentication system for a voice device, which is applied to a terminal device, and the system includes:
the system comprises an authorization certificate acquisition module, a service provider and a server, wherein the authorization certificate acquisition module is used for acquiring an authorization certificate of current terminal equipment, and the authorization certificate is generated by the server according to a product number which is provided by the service provider and needs to be applied for authorization and the number of the terminal equipment which needs to be authorized;
the authentication module is used for at least sending the authorization certificate of the current terminal equipment to the server so that the server can authenticate the current terminal equipment according to the authorization certificate;
and the information receiving module is used for receiving the authentication result returned by the server.
In a fifth aspect, an embodiment of the present invention provides a voice device authorization system, which is applied to a server, and the system includes:
the information acquisition module is used for acquiring the product number which needs to be applied for authorization and the number of terminal devices which need to be authorized, which are provided by a service provider;
the device identification file generating module is used for generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
a request receiving module, configured to receive an authorization request sent by a terminal device of the service application provider, where the authorization request includes a device identifier file corresponding to a current terminal device;
and the certificate sending module is used for generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
In a sixth aspect, an embodiment of the present invention provides a storage medium, where one or more programs including execution instructions are stored, where the execution instructions can be read and executed by an electronic device (including but not limited to a computer, a server, or a network device, etc.) to perform any one of the foregoing voice device authorization method or voice device authentication method of the present invention.
In a seventh aspect, an electronic device is provided, which includes: the apparatus comprises at least one processor and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor, and the instructions are executable by the at least one processor to enable the at least one processor to perform any one of the voice device authorization method or the voice device authentication method of the present invention.
In an eighth aspect, an embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program stored on a storage medium, and the computer program includes program instructions, which, when executed by a computer, cause the computer to execute any one of the voice device authorization method and the voice device authentication method.
The embodiment of the invention has the beneficial effects that: the present invention generates a unique device identification from an authentication and authorization service of a web service provider, such as a voice recognition service provider, that is provided as authorization to a device manufacturer. Namely, the authorization scheme does not rely on the inherent device information of the device any more, but adds a unique identifier to the device. And because the additional information is added, the device cannot be strongly dependent on the device, so that backup storage can be realized, and the device can still be identified and used under the condition of local damage.
And other authorization modes independent of equipment information are adopted, such as authorization code authorization. Software on the device checks through a specific algorithm whether the authorization code is valid, and if so, the authorization is successful. However, since only the authorization code is checked to be valid, there is a problem that the authorization code is commonly used by a plurality of devices.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a flow chart of one embodiment of a voice device authentication method of the present invention;
FIG. 2 is a flow chart of an embodiment of a voice device authorization method of the present invention;
FIG. 3 is a diagram illustrating an embodiment of an authorization phase applied by the authentication and authorization system of the voice device in the present invention;
FIG. 4 is a diagram illustrating an embodiment of an authorization stage of the authentication and authorization system of the voice device according to the present invention;
FIG. 5 is a diagram illustrating an embodiment of device activation of the voice device authentication and authorization system of the present invention;
FIG. 6 is a diagram illustrating an embodiment of device authentication of the voice device authentication and authorization system according to the present invention;
FIG. 7 is a functional block diagram of an embodiment of a voice device authentication system of the present invention;
FIG. 8 is a functional block diagram of one embodiment of a voice device authorization system of the present invention;
fig. 9 is a schematic structural diagram of an embodiment of an electronic device according to the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
The invention may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
As used in this disclosure, "module," "device," "system," and the like are intended to refer to a computer-related entity, either hardware, a combination of hardware and software, or software in execution. In particular, for example, an element may be, but is not limited to being, a process running on a processor, an object, an executable, a thread of execution, a program, and/or a computer. Also, an application or script running on a server, or a server, may be an element. One or more elements may be in a process and/or thread of execution and an element may be localized on one computer and/or distributed between two or more computers and may be operated by various computer-readable media. The elements may also communicate by way of local and/or remote processes based on a signal having one or more data packets, e.g., from a data packet interacting with another element in a local system, distributed system, and/or across a network in the internet with other systems by way of the signal.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
As shown in fig. 1, which is a flowchart of an embodiment of the authentication method for a voice device of the present invention, applied to a terminal device, the method includes:
s11, obtaining an authorization certificate of the current terminal equipment, wherein the authorization certificate is generated by the server according to a product number which is provided by a service application provider and needs to apply for authorization and the number of the terminal equipment which needs to be authorized;
s12, at least sending the authorization certificate of the current terminal device to the server, so that the server can authenticate the current terminal device according to the authorization certificate;
and S13, receiving the authentication result returned by the server.
The present embodiment generates a unique device identification from an authentication and authorization service of a web service provider (e.g., a voice recognition service provider) to be provided as authorization to a device manufacturer. Namely, the authorization scheme does not rely on the inherent device information of the device any more, but adds a unique identifier to the device. And because the additional information is added, the device cannot be strongly dependent on the device, so that backup storage can be realized, and the device can still be identified and used under the condition of local damage.
In some embodiments, the generating, by the server, the authorization certificate according to the product number requiring authorization application and the number of terminal devices requiring authorization provided by the service provider to the service provider includes:
acquiring a product number which needs to be applied for authorization and the number of terminal devices which need to be authorized, wherein the product number and the number are provided by a service provider;
generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
receiving an authorization request sent by terminal equipment of the service application provider, wherein the authorization request comprises an equipment identification file corresponding to the current terminal equipment;
and generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
In some embodiments, said sending at least an authorization certificate of said current terminal device to said server comprises:
generating a voice request by combining an authorization certificate of the current terminal equipment according to the currently detected voice instruction, wherein the voice request comprises voice instruction information and authorization certificate information;
and sending the voice request to the server so that the server can analyze the voice request and authenticate the current terminal equipment according to the authorization certificate information obtained by analysis.
In some embodiments, when the current terminal device passes the authentication of the server, the server parses the voice request, and determines corresponding reply content according to the parsed voice instruction information; at this time, the voice device authentication method further includes: receiving the reply content determined by the server.
In the embodiment of the application, the server analyzes the voice instruction information and performs corresponding response only after the terminal equipment is determined to pass the authentication, so that the validity of the corresponding voice instruction of the server is ensured, and the server overhead caused by analyzing and responding the voice instruction without passing the authentication is avoided.
Fig. 2 is a flowchart of an embodiment of a voice device authorization method of the present invention, which is applied to a server, and the method includes:
s21, acquiring the product number which needs to apply for authorization and the number of terminal devices which need to be authorized, which are provided by the service application provider to the service provider;
s22, generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices, so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
s23, receiving an authorization request sent by the terminal equipment of the service application provider, wherein the authorization request contains an equipment identification file corresponding to the current terminal equipment;
and S24, generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
The present invention generates a unique device identification from an authentication and authorization service of a web service provider, such as a voice recognition service provider, that is provided as authorization to a device manufacturer. The manufacturer needs to burn the identifier into a Read Only Memory (ROM) of the device, and the speech recognition client APP obtains the identifier from the ROM as a unique identifier of the device.
If the device has no read-only memory area, the identifier can be stored in any area on the device which cannot be modified or cleared, namely, only the logical read-only is met; in order to prevent the storage for storing the device identifier from being replaced due to failure, and the device identifier is lost, the identifier can be stored in a plurality of storages and even can be stored in the same path as the client APP, the identifier cannot be lost unless the APP is damaged, and the identifier can be recycled and redistributed during maintenance.
Namely, the authorization scheme does not rely on the inherent device information of the device any more, but adds a unique identifier to the device. And because the additional information is added, the device cannot be strongly dependent on the device, so that backup storage can be realized, and the device can still be identified and used under the condition of local damage.
The invention utilizes the original storage area of the equipment, and does not add extra hardware, so the equipment cost is not increased like a hardware lock.
In some embodiments, an embodiment of the present invention provides a voice device authentication and authorization system, including the terminal device described in any one of the foregoing embodiments and the server described in any one of the foregoing embodiments.
The executing principle of the authentication and authorization system of the voice equipment disclosed by the invention comprises three links of authorization, activation and authentication, and each link comprises a plurality of steps.
An authorization link, namely, a voice service provider provides authorization information to a voice service user, and the user burns the authorization information onto the equipment to complete the authorization of the equipment;
an activation step, namely, the equipment uses the authorization information to activate the equipment to the provider so as to obtain equipment key information for voice request authentication;
in the authentication step, the voice service initiates a voice request to the voice service of the provider, and the voice service authenticates the request through the authentication and authorization service.
Each link is explained in detail as follows:
firstly, an authorization stage:
fig. 3 is a schematic diagram of an embodiment of an authorization phase applied by the speech device authentication and authorization system in the present invention, including:
(1) the service application provider provides the service provider with a product number (product id) to be applied for authorization and the number (number) of devices to be authorized;
(2) the service provider provides the clients with a number (number) of device identification files (deviceName files) of the number (number) of devices to be authorized, each file containing a device identification (deviceName).
Fig. 4 is a schematic diagram of an authorization phase of the speech device authentication and authorization system according to an embodiment of the present invention, including:
(1) the service application provider provides the device identification file to a burning program on the production line;
(2) the production line burning program burns the device identification file onto the devices, one for each device.
II, an activation stage:
fig. 5 is a schematic diagram of an embodiment of device activation of the speech device authentication and authorization system in the present invention, including:
(1) the device makes an activation request using at least a burned device identity and a product number (productId); the information used by the device when the activation request is made may also be, for example, the following information: the manufacturer's product ID (i.e., product number, productId), device identification file, random information (random number, timestamp), and sig calculated by the product's key based on these information:
sig ═ function (product ID + random number + timestamp + device identification file, product key);
(2) the authentication and authorization service issues the equipment authorization certificate when the activation is successful;
in an exemplary manner, the first and second electrodes are,
a. the authentication and authorization server side receives the activation request, calculates sigs according to the uploaded information and a product secret key stored by the server side and the same algorithm, and compares whether the two sigs are consistent;
c. if yes, further checking whether the equipment identification file is in a product equipment identification list stored in the server;
d. if so, generating a random equipment key, binding the random equipment key and the equipment identifier by the server and storing the random equipment key and the equipment identifier in a database, generating an authorization file containing the equipment key to the equipment at the same time, and ending the activation process;
(3) the device obtains the device authorization certificate and stores it in the device (without permanent storage).
Illustratively, the device authorization certificate refers to authorization information issued by the authentication and authorization server when the device is activated, and the authorization information is information encrypted by an asymmetric encryption key. The plaintext information is product number productId, device identifier deviceName, device key deviceSecret, and other device information deviceInfo.
The sig in the device authentication parameter is calculated by using a device secret set, and the calculation formula is as follows:
sig=hmacsha1(deviceSecret,devicename+nonce+productId+timestamp)
the correct sig can be obtained only if the deviceSecret is correct; the device must activate to acquire the authorization certificate to normally request the voice service, and the deviceSecret is updated every time the server is activated, so that a plurality of devices in the same product use the same devicename, and only the deviceSecret in the authorization certificate held by the device which is activated last is correct.
The embodiment of the invention can prevent a plurality of devices from sharing the same 'device authentication parameter' and depending on the activation of the devices; the "device authentication parameter" plays a role of device identification, and the device needs to be activated before the voice service is normally used.
Thirdly, authentication stage:
fig. 6 is a schematic diagram of an embodiment of device authentication of the speech device authentication and authorization system in the present invention, including:
(1) the equipment carries the voice request parameter and the equipment authentication parameter to initiate a voice request to the voice service;
illustratively, the device authentication parameters include a product ID, a device identification file, random information (random number, timestamp), and a sig calculated using a device key based on the information.
(2) The voice service forwards the device authentication parameters to the authentication and authorization service;
(3) the authentication and authorization service authenticates the authentication according to the authentication parameters and returns an authentication result to the voice service; exemplarily, the voice server acquires an equipment key bound by the equipment identifier file at the server according to parameters in the request, and obtains the sig according to the same algorithm;
when two devices use the same device identifier, the two devices need to be activated, and the later activated device refreshes the device key at the moment, so that the authorization information of the first activated device is invalid, namely the device key for calculating the sig when the later activated device is used for a voice request is inconsistent with the service end, and the calculated sig is wrong at the moment.
(4) The voice service responds according to the authentication result.
In a slight difference to the present invention, the inventors have made yet another version: the device identification is not burned on the device, but is directly activated by a production line, and the device authorization information is directly stored on the device, namely the device is directly activated on the production line.
The advantages are that:
(1) the equipment is directly available, and the factory test is convenient.
The disadvantages are as follows:
(1) production line networking is required;
(2) once the authorization information is lost, it will result in the device being unusable; because the authorization information (e.g., device authorization certificate) is generated by activation in the production line, the authorization information is no longer available after the production line is down, resulting in the device being unavailable after the authorization information is lost.
(3) More additional storage space is required.
The invention is well suited for solution vendors that only perform software development, i.e. solution vendors will perform the development of applications used on devices based on the services of the service provider, but do not produce specific physical devices, but instead gain a profit by selling their software application solutions to device manufacturers. The planner may purchase the authorized device identification from the service provider and then sell the authorized device identification to a different device manufacturer.
It should be noted that for simplicity of explanation, the foregoing method embodiments are described as a series of acts or combination of acts, but those skilled in the art will appreciate that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention. In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
As shown in fig. 7, a schematic block diagram of an embodiment of a speech device authentication system 700 according to the present invention is applied to a terminal device, and the system includes:
an authorization certificate obtaining module 710, configured to obtain an authorization certificate of a current terminal device, where the authorization certificate is generated by a server according to a product number that needs to be authorized and a number of terminal devices that need to be authorized, where the product number is provided by a service application provider to a service provider;
an authentication module 720, configured to at least send the authorization certificate of the current terminal device to the server, so that the server authenticates the current terminal device according to the authorization certificate;
and an information receiving module 730, configured to receive the authentication result returned by the server.
In some embodiments, the generating, by the server, the authorization certificate according to the product number requiring authorization application and the number of terminal devices requiring authorization provided by the service provider to the service provider includes:
acquiring a product number which needs to be applied for authorization and the number of terminal devices which need to be authorized, wherein the product number and the number are provided by a service provider;
generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
receiving an authorization request sent by terminal equipment of the service application provider, wherein the authorization request comprises an equipment identification file corresponding to the current terminal equipment;
and generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
In some embodiments, said sending at least an authorization certificate of said current terminal device to said server comprises:
generating a voice request by combining an authorization certificate of the current terminal equipment according to the currently detected voice instruction, wherein the voice request comprises voice instruction information and authorization certificate information;
and sending the voice request to the server so that the server can analyze the voice request and authenticate the current terminal equipment according to the authorization certificate information obtained by analysis.
As shown in fig. 8, there is a schematic block diagram of an embodiment of a speech device authorization system 800 of the present invention, which is applied to a server, and includes:
an information obtaining module 810, configured to obtain a product number that needs to be authorized and the number of terminal devices that need to be authorized, where the product number is provided by a service provider to the service provider;
an equipment identity file generating module 820, configured to generate a plurality of equipment identity files according to the product number requiring authorization application and the number of the terminal devices, so that the terminal devices of the service application provider apply authorization, where the number of the plurality of equipment identity files is equal to the number of the terminal devices;
a request receiving module 830, configured to receive an authorization request sent by a terminal device of the service application provider, where the authorization request includes a device identifier file corresponding to a current terminal device;
and the certificate sending module 840 is configured to generate an authorization certificate according to the identifier file and send the authorization certificate to the current terminal device.
In some embodiments, the present invention provides a non-transitory computer-readable storage medium, in which one or more programs including executable instructions are stored, where the executable instructions can be read and executed by an electronic device (including but not limited to a computer, a server, or a network device, etc.) to perform any one of the above-mentioned voice device authorization method or voice device authentication method of the present invention.
In some embodiments, the present invention further provides a computer program product comprising a computer program stored on a non-volatile computer-readable storage medium, the computer program comprising program instructions that, when executed by a computer, cause the computer to perform any one of the voice device authorization method or the voice device authentication method described above.
In some embodiments, an embodiment of the present invention further provides an electronic device, which includes: at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a voice device authorization method or a voice device authentication method.
In some embodiments, an embodiment of the present invention further provides a storage medium having a computer program stored thereon, wherein the program, when executed by a processor, implements a voice device authorization method or a voice device authentication method.
The voice device authorization system or the voice device authentication system of the embodiment of the present invention may be used to execute the voice device authorization method or the voice device authentication method of the embodiment of the present invention, and accordingly achieve the technical effects achieved by the voice device authorization method or the voice device authentication method of the embodiment of the present invention, which are not described herein again. In the embodiment of the present invention, the relevant functional module may be implemented by a hardware processor (hardware processor).
Fig. 9 is a schematic hardware structure diagram of an electronic device for performing a voice device authorization method or a voice device authentication method according to another embodiment of the present application, and as shown in fig. 9, the electronic device includes:
one or more processors 910 and a memory 920, one processor 910 being illustrated in fig. 9.
The apparatus for performing the voice device authorization method or the voice device authentication method may further include: an input device 930 and an output device 940.
The processor 910, the memory 920, the input device 930, and the output device 940 may be connected by a bus or other means, and fig. 9 illustrates an example of a connection by a bus.
The memory 920 is used as a non-volatile computer readable storage medium and can be used for storing non-volatile software programs, non-volatile computer executable programs, and modules, such as program instructions/modules corresponding to the voice device authorization method or the voice device authentication method in the embodiments of the present application. The processor 910 executes various functional applications of the server and data processing by running nonvolatile software programs, instructions and modules stored in the memory 920, namely, implementing the voice device authorization method or the voice device authentication method of the above-described method embodiments.
The memory 920 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created from use of the voice device authorization apparatus or the voice device authentication apparatus, and the like. Further, the memory 920 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, the memory 920 may optionally include memory located remotely from the processor 910, which may be connected to the voice device authorization apparatus or the voice device authentication apparatus via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input unit 930 may receive input numeric or character information and generate signals related to user settings and function control of the voice device authorization unit or the voice device authentication unit. The output device 940 may include a display device such as a display screen.
The one or more modules are stored in the memory 920 and, when executed by the one or more processors 910, perform a voice device authorization method or a voice device authentication method in any of the method embodiments described above.
The product can execute the method provided by the embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method. For technical details that are not described in detail in this embodiment, reference may be made to the methods provided in the embodiments of the present application.
The electronic device of the embodiments of the present application exists in various forms, including but not limited to:
(1) mobile communication devices, which are characterized by mobile communication capabilities and are primarily targeted at providing voice and data communications. Such terminals include smart phones (e.g., iphones), multimedia phones, functional phones, and low-end phones, among others.
(2) The ultra-mobile personal computer equipment belongs to the category of personal computers, has calculation and processing functions and generally has the characteristic of mobile internet access. Such terminals include PDA, MID, and UMPC devices, such as ipads.
(3) Portable entertainment devices such devices may display and play multimedia content. Such devices include audio and video players (e.g., ipods), handheld game consoles, electronic books, as well as smart toys and portable car navigation devices.
(4) The server is similar to a general computer architecture, but has higher requirements on processing capability, stability, reliability, safety, expandability, manageability and the like because of the need of providing highly reliable services.
(5) And other electronic devices with data interaction functions.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a general hardware platform, and certainly can also be implemented by hardware. Based on such understanding, the above technical solutions substantially or contributing to the related art may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (10)

1. A voice equipment authentication method is applied to terminal equipment, and comprises the following steps:
acquiring an authorization certificate of current terminal equipment, wherein the authorization certificate is generated by a server according to a product number which is provided by a service application provider and needs to be applied for authorization and the number of the terminal equipment which needs to be authorized;
at least sending the authorization certificate of the current terminal equipment to the server so that the server can authenticate the current terminal equipment according to the authorization certificate;
and receiving the authentication result returned by the server.
2. The method of claim 1, wherein the authorization certificate is generated by the server according to the product number requiring authorization application and the number of terminal devices requiring authorization, which are provided by the service application provider to the service provider, comprises:
acquiring a product number which needs to be applied for authorization and the number of terminal devices which need to be authorized, wherein the product number and the number are provided by a service provider;
generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
receiving an authorization request sent by terminal equipment of the service application provider, wherein the authorization request comprises an equipment identification file corresponding to the current terminal equipment;
and generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
3. The method of claim 1, wherein the sending at least the authorization certificate of the current terminal device to the server comprises:
generating a voice request by combining an authorization certificate of the current terminal equipment according to the currently detected voice instruction, wherein the voice request comprises voice instruction information and authorization certificate information;
and sending the voice request to the server so that the server can analyze the voice request and authenticate the current terminal equipment according to the authorization certificate information obtained by analysis.
4. The method according to claim 3, wherein when the current terminal device passes the authentication of the server, the server parses the voice request and determines corresponding reply content according to the parsed voice instruction information;
the method further comprises the following steps: receiving the reply content determined by the server.
5. A voice device authorization method is applied to a server and comprises the following steps:
acquiring a product number which needs to be applied for authorization and the number of terminal devices which need to be authorized, wherein the product number and the number are provided by a service provider;
generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
receiving an authorization request sent by terminal equipment of the service application provider, wherein the authorization request comprises an equipment identification file corresponding to the current terminal equipment;
and generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
6. A voice device authentication and authorization system comprising the terminal device of any one of claims 1-4 and the server of claim 5.
7. A voice equipment authentication system is applied to terminal equipment, and the system comprises:
the system comprises an authorization certificate acquisition module, a service provider and a server, wherein the authorization certificate acquisition module is used for acquiring an authorization certificate of current terminal equipment, and the authorization certificate is generated by the server according to a product number which is provided by the service provider and needs to be applied for authorization and the number of the terminal equipment which needs to be authorized;
the authentication module is used for at least sending the authorization certificate of the current terminal equipment to the server so that the server can authenticate the current terminal equipment according to the authorization certificate;
and the information receiving module is used for receiving the authentication result returned by the server.
8. A voice device authorization system applied to a server, the system comprising:
the information acquisition module is used for acquiring the product number which needs to be applied for authorization and the number of terminal devices which need to be authorized, which are provided by a service provider;
the device identification file generating module is used for generating a plurality of device identification files according to the product number requiring authorization application and the number of the terminal devices so as to allow the terminal devices of the service application provider to apply authorization, wherein the number of the plurality of device identification files is equal to the number of the terminal devices;
a request receiving module, configured to receive an authorization request sent by a terminal device of the service application provider, where the authorization request includes a device identifier file corresponding to a current terminal device;
and the certificate sending module is used for generating an authorization certificate according to the identification file and sending the authorization certificate to the current terminal equipment.
9. An electronic device, comprising: at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the steps of the method of any one of claims 1-5.
10. A storage medium on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 5.
CN201911351935.3A 2019-12-24 2019-12-24 Voice equipment authorization method, authentication method and system Pending CN110971617A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911351935.3A CN110971617A (en) 2019-12-24 2019-12-24 Voice equipment authorization method, authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911351935.3A CN110971617A (en) 2019-12-24 2019-12-24 Voice equipment authorization method, authentication method and system

Publications (1)

Publication Number Publication Date
CN110971617A true CN110971617A (en) 2020-04-07

Family

ID=70036512

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911351935.3A Pending CN110971617A (en) 2019-12-24 2019-12-24 Voice equipment authorization method, authentication method and system

Country Status (1)

Country Link
CN (1) CN110971617A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111914224A (en) * 2020-08-17 2020-11-10 苏州思必驰信息科技有限公司 Pre-registration and peripheral accessory authorization activation method and device
CN112346747A (en) * 2020-11-05 2021-02-09 苏州思必驰信息科技有限公司 Product service authorization method, electronic device and storage medium
CN112632484A (en) * 2020-12-28 2021-04-09 深圳创维-Rgb电子有限公司 Software authorization method and device and computer equipment
CN114726830A (en) * 2020-12-18 2022-07-08 阿里巴巴集团控股有限公司 Voice service access method, system and vehicle

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107911386A (en) * 2017-12-06 2018-04-13 北京小米移动软件有限公司 Obtain the method and device of service authorization information
CN109194673A (en) * 2018-09-20 2019-01-11 江苏满运软件科技有限公司 Authentication method, system, equipment and storage medium based on authorized user message
CN109510802A (en) * 2017-09-15 2019-03-22 华为技术有限公司 Method for authenticating, apparatus and system
CN110401629A (en) * 2019-05-20 2019-11-01 腾讯科技(深圳)有限公司 A kind of method and relevant apparatus of activation authorization

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109510802A (en) * 2017-09-15 2019-03-22 华为技术有限公司 Method for authenticating, apparatus and system
CN107911386A (en) * 2017-12-06 2018-04-13 北京小米移动软件有限公司 Obtain the method and device of service authorization information
CN109194673A (en) * 2018-09-20 2019-01-11 江苏满运软件科技有限公司 Authentication method, system, equipment and storage medium based on authorized user message
CN110401629A (en) * 2019-05-20 2019-11-01 腾讯科技(深圳)有限公司 A kind of method and relevant apparatus of activation authorization

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111914224A (en) * 2020-08-17 2020-11-10 苏州思必驰信息科技有限公司 Pre-registration and peripheral accessory authorization activation method and device
CN111914224B (en) * 2020-08-17 2022-07-12 思必驰科技股份有限公司 Pre-registration and peripheral accessory authorization activation method and device
CN112346747A (en) * 2020-11-05 2021-02-09 苏州思必驰信息科技有限公司 Product service authorization method, electronic device and storage medium
CN112346747B (en) * 2020-11-05 2022-07-08 思必驰科技股份有限公司 Product service authorization method, electronic device and storage medium
CN114726830A (en) * 2020-12-18 2022-07-08 阿里巴巴集团控股有限公司 Voice service access method, system and vehicle
CN112632484A (en) * 2020-12-28 2021-04-09 深圳创维-Rgb电子有限公司 Software authorization method and device and computer equipment

Similar Documents

Publication Publication Date Title
CN110351269B (en) Method for logging in open platform through third-party server
CN110971617A (en) Voice equipment authorization method, authentication method and system
CN110287682B (en) Login method, device and system
CN106936835B (en) Method and system for accessing equipment
CN111478967B (en) Request processing method and device
KR20180011226A (en) Method and device for authentication using dynamic passwords
CN110958118A (en) Certificate authentication management method, device, equipment and computer readable storage medium
CN111538517B (en) Method and system for upgrading server firmware, electronic equipment and storage medium
CN105007280A (en) Application sign-on method and device
CN110198296B (en) Authentication method and device, storage medium and electronic device
CN111125677A (en) Equipment authorization method and system
CN111881441B (en) Method for online activation of device, electronic device and storage medium
US11245577B2 (en) Template-based onboarding of internet-connectible devices
CN111461720B (en) Identity verification method and device based on blockchain, storage medium and electronic equipment
CN108111486B (en) Method and device for avoiding repeated login
CN109587180B (en) Method for establishing connection, client and server
CN110278092A (en) Router long-range control method and system based on MQTT agreement
CN111541649A (en) Password resetting method, device, server and storage medium
CN111046367B (en) Voice equipment authentication method and system
CN111835504B (en) Identification code generation method and server
CN110602133B (en) Intelligent contract processing method, block chain management device and storage medium
CN110034922B (en) Request processing method, processing device, request verification method and verification device
CN107172082B (en) File sharing method and system
US10979287B2 (en) Method and apparatus for receiving a solution when configuration function verification fails in a terminal
CN108574657B (en) Server access method, device and system, computing equipment and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 215123 building 14, Tengfei Innovation Park, 388 Xinping street, Suzhou Industrial Park, Suzhou City, Jiangsu Province

Applicant after: Sipic Technology Co.,Ltd.

Address before: 215123 building 14, Tengfei Innovation Park, 388 Xinping street, Suzhou Industrial Park, Suzhou City, Jiangsu Province

Applicant before: AI SPEECH Co.,Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200407