CN111291358A - Authority authentication method, system, equipment and medium - Google Patents
Authority authentication method, system, equipment and medium Download PDFInfo
- Publication number
- CN111291358A CN111291358A CN202010154276.0A CN202010154276A CN111291358A CN 111291358 A CN111291358 A CN 111291358A CN 202010154276 A CN202010154276 A CN 202010154276A CN 111291358 A CN111291358 A CN 111291358A
- Authority
- CN
- China
- Prior art keywords
- server
- intelligent hardware
- module
- connection
- hardware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000004913 activation Effects 0.000 claims abstract description 63
- 230000008676 import Effects 0.000 claims abstract description 6
- 238000012795 verification Methods 0.000 claims description 27
- 238000003860 storage Methods 0.000 claims description 22
- 238000004891 communication Methods 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 15
- 238000004519 manufacturing process Methods 0.000 claims description 8
- 230000003213 activating effect Effects 0.000 claims description 3
- 230000009286 beneficial effect Effects 0.000 abstract description 4
- 238000012544 monitoring process Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000007726 management method Methods 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 2
- 239000000969 carrier Substances 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
- G06F21/445—Program or device authentication by mutual authentication, e.g. between devices or programs
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Telephonic Communication Services (AREA)
Abstract
A method of rights authentication, the method comprising the steps of: the method comprises the steps that a server imports equipment information of intelligent hardware, the intelligent hardware sends an activation request containing the equipment information to the server, whether the equipment information in the activation request is consistent with the equipment information imported into the intelligent hardware by the server is judged, if so, the server generates a connection code and a secret key, and the server stores and sends the connection code and the secret key to the intelligent hardware; when the intelligent hardware needs to be connected with the server, the unique connection code corresponding to the intelligent hardware and the encrypted key are submitted to the server, the server judges the legality of the equipment by checking the unique connection code of the equipment and the decrypted key, if the equipment is connected, the connection is allowed, and if the equipment is not connected, the connection of the equipment is refused. The permission authentication method simplifies the connection process of the equipment and is more beneficial to the mass connection of the intelligent hardware equipment to the server.
Description
[ technical field ] A method for producing a semiconductor device
The invention relates to the technical field of authority authentication, in particular to an authority authentication method, system, equipment and medium based on intelligent hardware and a server.
[ background of the invention ]
The concept of the internet of things is a network concept which extends and expands a user account end of the internet concept to any article to perform information exchange and communication. Namely, the internet of things is a network which enables all independently addressable common physical objects to be interconnected and intercommunicated based on information carriers such as the internet, a broadcast network, a traditional telecommunication network and the like. And an internet of things card is needed to exchange and communicate information between the articles. Especially in the smart home industry, the internet of things card is widely used as early as 2011, and with the rapid development of the internet in recent years, the application of the internet of things card reaches a new height.
When the intelligent hardware equipment is accessed into the equipment management system, the identity authority of the equipment needs to be checked to confirm the validity of the equipment, the legal equipment passing the identity authentication can be normally accessed, and the non-legal equipment not passing the identity authentication refuses the connection. The intelligent household appliance access system is mainly applied to the field of the Internet of things, for example, various intelligent household appliances such as a camera, an elevator and an intelligent refrigerator are accessed to a server for monitoring and management, and communication and authority authentication of various devices are required in the access process. The existing authentication technology of intelligent hardware and server requires the user of the device to write the generated code to each device, which is very unrealistic for the device requiring mass production.
Therefore, it is necessary to provide an authority authentication method capable of simplifying the authority authentication process between the smart hardware and the server.
[ summary of the invention ]
The invention aims to provide a permission authentication method and a permission authentication system which can simplify the permission authentication process between intelligent hardware and a server.
The technical scheme of the invention is as follows: a method for authority authentication includes
An activation step:
the server imports the device information of the intelligent hardware,
the intelligent hardware sends an activation request containing the device information to the server,
judging whether the equipment information in the activation request is consistent with the equipment information imported into the intelligent hardware by the server, if so, generating a connection code and a secret key by the server, and storing and sending the connection code and the secret key to the intelligent hardware by the server; and
a connection step:
the smart hardware sends a connection request containing the connection code and key to a server,
the server verifies whether the connection code is legal or not, and if so, the server verifies that the connection code is legal
The server checks whether the secret key is correct or not, if so, the intelligent hardware is allowed to be connected with the server, and if not, the intelligent hardware is refused to be connected with the server.
Preferably, the device information includes one or more of a combination of an international mobile equipment identity, a manufacturer, a production lot, a production key and a geographical location of the smart hardware.
Preferably, the server further includes, after importing the device information of the intelligent hardware, the steps of:
the server stores the equipment information of the intelligent hardware;
the server identifies the intelligent hardware as an inactive state.
Preferably, after the intelligent hardware sends the activation request containing the device information to the server, the method further includes the following steps:
and judging whether the equipment information of the intelligent hardware is imported into the server or not, and if not, ending the activation step.
Preferably, in the step of determining whether the device information in the activation request is consistent with the device information imported into the intelligent hardware by the server,
and if not, returning to the step to judge whether the equipment information of the intelligent hardware is imported into the server.
Preferably, in the step of the server verifying whether the connection code is legitimate,
and if the connection is illegal, the intelligent hardware is refused to connect the server.
Preferably, in the step of determining whether the device information in the activation request is consistent with the device information imported into the intelligent hardware by the server, if yes, the server generates a connection code and a key,
if the equipment information in the activation request is consistent with the equipment information of the intelligent hardware imported by the server, the equipment information is used for activating the intelligent hardware
The server identifies the intelligent hardware as an active state.
An authority authentication system, the system comprising:
the server is provided with a plurality of servers,
the hardware of the intelligence is provided with,
the first communication module is used for leading in equipment information of the intelligent hardware by the server, and the first communication module is arranged in the intelligent hardware;
the second communication module is used for sending a connection code and a secret key to the intelligent hardware by the server, and the second communication module is arranged in the server;
the activation request module is used for sending an activation request containing the equipment information to a server by intelligent hardware, the activation request module is arranged in the intelligent hardware, and the activation request module is connected with the server;
the connection request module is used for sending a connection request containing the connection code and the secret key to a server by the intelligent hardware, the connection request module is arranged in the intelligent hardware, and the connection request module is connected with the server;
the activation identification module is used for identifying the intelligent hardware as an activated state or an inactivated state by the server; the activation identification module is arranged in the server;
the connection code generating module is used for the server to generate the connection code, and the connection code generating module is arranged in the server;
the key generation module is used for the server to generate the key, and the key generation module is arranged in the server;
the first storage module is used for storing the equipment information, the connection codes and the secret keys of the intelligent hardware, and the first storage module is arranged on the server;
the second storage module is used for storing the equipment information, the connection code and the secret key of the intelligent hardware; the second storage module is arranged on the intelligent hardware;
the equipment information verification module is used for judging whether the equipment information in the activation request is consistent with the equipment information imported into the intelligent hardware by the server, if so, the server generates a connection code and a secret key, and the equipment information verification module is arranged in the server;
the connection code verification module is used for verifying whether the connection code is legal or not by the server, and if the connection code is legal, the server verifies whether the verification secret key is correct or not; the connection code verification module is arranged in the server;
and the key verification module is used for verifying whether the secret key is correct or not by the server, allowing the intelligent hardware to be connected with the server if the secret key is correct, and refusing the intelligent hardware to be connected with the server if the secret key is wrong, and is arranged in the server.
A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the method of rights authentication as any one of the above when executing the computer program.
A computer-readable storage medium storing a computer program which, when executed by a processor, implements the method of rights authentication of any of the above.
The invention has the beneficial effects that: the invention generates a unique connection code and a key for the intelligent hardware which applies for activation, and sends the unique connection code and the key to the intelligent hardware. When the intelligent hardware needs to be connected with the server, the unique connection code corresponding to the intelligent hardware and the encrypted key are submitted to the server, the server judges the legality of the equipment by checking the unique connection code of the equipment and the decrypted key, if the equipment is connected, the connection is allowed, and if the equipment is not connected, the connection of the equipment is refused. The permission authentication method simplifies the connection process of the equipment and is more beneficial to the mass connection of the intelligent hardware equipment to the server.
[ description of the drawings ]
FIG. 1 is a diagram illustrating an application environment of the method for right authentication according to the present invention;
FIG. 2 is a flowchart of an activation procedure according to a first embodiment of the present invention;
FIG. 3 is a flowchart of a connection procedure according to a first embodiment of the present invention;
FIG. 4 is a system diagram illustrating a second embodiment of the present invention;
FIG. 5 is a schematic diagram of a computer apparatus according to the present invention.
[ detailed description ] embodiments
The invention is further described with reference to the following figures and embodiments.
Example one
The management method of the internet of things card provided by the present application can be applied to the application environment shown in fig. 1, where the application environment includes a server 10 and intelligent hardware 20, and the server 10 communicates with the intelligent hardware 20 through a wired network or a wireless network. The smart hardware 20 may be, but not limited to, various smart home appliances such as various cameras, elevators, smart refrigerators, personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices. The server 10 may be implemented by an independent server or a server cluster composed of a plurality of servers.
An authority authentication method, comprising an activation step S10 and a connection step S20, wherein
Referring to fig. 2, the activating step S10 includes:
s11 the server 10 imports device information of the smart hardware 20,
in this embodiment, the original device information of the intelligent hardware 20 is imported into the server 10 of the user after the intelligent hardware 20 is purchased, the device information may be device information stored on the intelligent hardware 20, or device information of all the intelligent hardware 20 sent by a manufacturer in a package manner, the device information is imported into the server 10 of the user and stored in the server 10, when the user uses the intelligent hardware 20 in a large scale, the intelligent hardware 20 needs to be connected to a network where the server 10 is located, at this time, whether the device information stored in the intelligent hardware 20 is consistent with the device information stored in the server 10 or not may be compared, and if the device information is consistent, the intelligent hardware 20 is considered to be a legal intelligent hardware 20 which needs to be purchased and deployed for the user and connected to the server 10. For example, a user purchases a batch of 1000 monitoring cameras, the monitoring cameras import the device information of the monitoring cameras into the server 10 before installation and construction, and when the user installs each monitoring camera, the user can determine whether the monitoring camera requesting activation connection is the monitoring camera being installed by the user by comparing whether the device information stored in each monitoring camera is consistent with the device information imported into the server 10 in advance. In this embodiment, the device information includes one or more of International Mobile Equipment Identity (IMEI), manufacturer, production lot, production key, and geographic location of the smart hardware 20.
S12 the server 10 stores the device information of the intelligent hardware 20;
in this embodiment, the server 10 stores the device information imported by the user into all the intelligent hardware 20 to form a database containing the device information of the plurality of intelligent hardware 20. When a user installs the intelligent hardware 20 and sends an activation request for connecting to the server 10, it is determined whether the intelligent hardware 20 is the activation request sent by the intelligent hardware 20 of the user by sending the device information of the intelligent hardware 20 to the database for matching, so as to prevent the illegal activation request from invading the internal server 10 network of the user.
S13 the server 10 identifies the smart hardware 20 as inactive.
In this embodiment, after the server 10 stores the device information of the intelligent hardware 20 in the database, the intelligent hardware 20 that has stored the device information is marked as an inactive state in the database of the server 10, which indicates that the user has ownership of the intelligent hardware 20, but the intelligent hardware 20 is not installed and connected to the server 10. The intelligent hardware 20 may use a certain parameter in the device information as its own identity, for example, the international mobile equipment identity in the device information is used as the number of the intelligent hardware 20, or a unique code representing the specific intelligent hardware 20 is formed by a plurality of parameters, for example, the database identifies the intelligent hardware 20 with an international mobile equipment identity of 000001 as an inactive state.
S14 the smart hardware 20 sends an activation request containing the device information to the server 10,
in this embodiment, when the user installs the intelligent hardware 20, in order to avoid the user manually inputting a code for each intelligent hardware 20, when the intelligent hardware 20 tries to connect to the server 10 network for the first time, the intelligent hardware 20 sends an activation request to the server 10, where the activation request may be a request sent to the server 10 by a control command manually triggered by the user, or may be preset to automatically send an activation request to the server 10 by the intelligent hardware 20 when the intelligent hardware 20 tries to connect to the server 10 network for the first time.
S15 judges whether the device information of the smart hardware 20 has been imported to the server 10,
in this embodiment, when the smart hardware 20 sends an activation request to the server 10, the server 10 determines whether the device information of the smart hardware 20 is imported into the server 10 according to the device information included in the activation request, for example, if the international mobile equipment identity of the smart hardware 20 is 000002, and the smart hardware 20 with the international mobile equipment identity of 000002 does not exist in the database of the server 10, it is determined that the device information of the smart hardware 20 is not imported into the server 10.
S16 a: if not, the activation step is ended.
In this embodiment, if it is determined that the device information of the intelligent hardware 20 is not imported into the server 10, the activation step is directly terminated. For example, if the international mobile equipment identity of the smart hardware 20 is 000002 and the smart hardware 20 with the international mobile equipment identity of 000002 does not exist in the database of the server 10, it is determined that the device information of the smart hardware 20 is not imported into the server 10. The server 10 rejects the activation request of the intelligent hardware 20, and terminates the subsequent authentication process, thereby saving the cost of the authentication process.
S16 b: if yes, judging whether the equipment information in the activation request is consistent with the equipment information imported into the intelligent hardware 20 by the server 10,
in this embodiment, if it is determined that the device information of the smart hardware 20 is already imported into the server 10, it is further determined whether the device information in the activation request is consistent with the device information imported into the smart hardware 20 by the server 10. For example, if the international mobile equipment identity of the smart hardware 20 is 000001, and the smart hardware 20 with the international mobile equipment identity of 000001 exists in the database of the server 10, the server 10 considers that the device information of the smart hardware 20 is imported into the server 10, and then further verifies whether the other device information of the smart hardware 20 matches the device information with the international mobile equipment identity of 000001 in the database of the server 10. To further confirm whether the smart hardware 20 is the smart hardware 20 that the user is installing for use.
If not, S17a returns to step S15.
In this embodiment, if the device information of the smart hardware 20 is not consistent with the corresponding device information stored in the server 10, the process returns to step 15: it is determined whether the device information of the smart hardware 20 has been imported into the server 10. For example, if the international mobile equipment identity of the smart hardware 20 is 000001, and accordingly, the vendor of the device information in the activation request sent by the smart hardware 20 is vendor a, and the vendor of the smart hardware 20 with the international mobile equipment identity 000001 stored in the server 10 is vendor B, the device information of the smart hardware 20 is considered to be inconsistent with the device information stored in the server 10, and the server 10 returns to step 15 to re-determine whether the device information of the smart hardware 20 is imported into the server 10, so as to improve the accuracy of the verification.
S17b, if they are consistent, the server 10 identifies the smart hardware 20 as an active state.
In this embodiment, if the device information of the intelligent hardware 20 is consistent with the corresponding device information stored in the server 10, the server 10 identifies the intelligent hardware 20 as an active state. For example, if the comparison between the device information in the activation request sent by the smart hardware 20 and the other device information stored in the server 10 and having the international mobile equipment identity 000001 is consistent, it is determined that the device information of the smart hardware 20 is consistent with the device information stored in the server 10, and the server 10 identifies the smart hardware 20 as an activated state in the database of the server 10.
S18 the server 10 generates a connection code and a key, and the server 10 stores and sends the connection code and the key to the smart hardware 20;
in this embodiment, the server 10 identifies the intelligent hardware 20 in an activated state in a database, and generates a unique connection code and an encrypted key at the same time, where the connection code and the key are stored in the database of the server 10 and sent to the intelligent hardware 20, and the intelligent hardware 20 stores the connection code and the key.
Referring to fig. 3, the connecting step S20 includes:
s21 the smart hardware 20 sends a connection request containing the connection code and key to the server 10,
in this embodiment, after the smart hardware 20 obtains the connection code and the key sent by the server 10, the smart hardware 20 sends a connection request to the server 10 to connect to the network of the server 10, where the connection request at least includes the connection code and the key, the connection code is a unique connection code associated with the smart hardware 20, and the key is a key encrypted by the server 10.
S22 the server 10 verifies whether the connection code is legitimate,
in this embodiment, the server 10 determines whether the connection code included in the connection request is legal by comparing whether the connection code is consistent with the connection code corresponding to the intelligent hardware 20 in the server 10,
if the result S23a is not legal, the intelligent hardware 20 is refused to connect to the server 10.
In this embodiment, if the connection code included in the connection request is not consistent with the connection code corresponding to the intelligent hardware 20 in the server 10, the connection code is considered as an illegal connection code, for example, the connection code in the connection request sent by the intelligent hardware 20 is a1001, and the same connection code a1001 is stored in the server 10, the connection code of the intelligent hardware 20 is considered as a legal connection code, where the connection code is used as a unique identification code, which is equivalent to replacing the function of the international mobile equipment identification code in the activation step, thereby skipping complicated information pairing and improving the verification efficiency.
S23b, if it is legal, the server 10 checks whether the certification key is correct
In this embodiment, if the connection code included in the connection request is consistent with the connection code corresponding to the intelligent hardware 20 in the server 10, the connection code is considered to be a legal connection code, for example, if the connection code in the connection request sent by the intelligent hardware 20 is consistent with the connection code stored in the server 10 by comparison, the connection code of the intelligent hardware 20 is considered to be a legal connection code. The key is further decrypted and it is verified whether the key is correct compared to the key stored in the server 10.
S24a, if false, refuses the intelligent hardware 20 to connect to the server 10,
in this embodiment, if the key included in the connection request is not identical to the key corresponding to the smart hardware 20 in the server 10, the server 10 rejects the request of the smart hardware 20 to connect to the server 10.
S24b, if correct, allows the intelligent hardware 20 to connect to the server 10,
in this embodiment, if the key included in the connection request is consistent with the key corresponding to the smart hardware 20 in the server 10, the server 10 allows the smart hardware 20 to connect to the server 10
Example two
Referring to fig. 4, the present embodiment provides an authority authentication system, including:
a server 10, the server 10 being provided with a second communication module 11, an activation identification module 12, a connection code generation module 13, a key generation module 14, a first storage module 15, a device information verification module 16, a connection code verification module 17, a key verification module 18,
an intelligent hardware 20, the intelligent hardware 20 is provided with a first communication module 21, an activation request module 22, a connection request module 23, a second storage module 24,
the first communication module 21 is configured to enable the server 10 to import the device information of the intelligent hardware 20, and the first communication module 21 is disposed in the intelligent hardware 20;
a second communication module 11, configured to send a connection code and a key to the smart hardware 20 by the server 10, where the second communication module 11 is disposed in the server 10;
an activation request module 22, configured to send an activation request including the device information to the server 10 by the smart hardware 20, where the activation request module 22 is disposed in the smart hardware 20, and the activation request module 22 is connected to the server 10;
a connection request module 23, configured to send, by the smart hardware 20, a connection request including the connection code and the key to the server 10, where the connection request module 23 is disposed in the smart hardware 20, and the connection request module 23 is connected to the server 10;
an activation identification module 12, configured to identify, by the server 10, that the smart hardware 20 is in an activated state or an inactivated state; the activation identification module 12 is disposed in the server 10;
a connection code generating module 13, configured to generate the connection code by the server 10, where the connection code generating module 13 is disposed in the server 10;
a key generation module 14, configured to generate the key by the server 10, where the key generation module 14 is disposed in the server 10;
the first storage module 15 is configured to store the device information, the connection code, and the secret key of the intelligent hardware 20, where the first storage module 15 is disposed on the server 10;
a second storage module 24, configured to store the device information, the connection code, and the secret key of the intelligent hardware 20; the second storage module 24 is disposed on the intelligent hardware 20;
the device information verification module 16 is configured to determine whether device information in the activation request is consistent with device information of the server 10 imported into the intelligent hardware 20, if yes, the server 10 generates a connection code and a key, and the device information verification module 16 is disposed in the server 10;
a connection code verification module 17, configured to verify, by the server 10, whether the connection code is legal, and if so, verify, by the server 10, whether the verification key is correct; the connection code verification module 17 is arranged in the server 10;
and the key verification module 18 is configured to verify whether the verification key is correct by the server 10, allow the smart hardware 20 to connect to the server 10 if the verification key is correct, and deny the smart hardware 20 to connect to the server 10 if the verification key is incorrect, where the key verification module 18 is disposed in the server 10.
EXAMPLE III
The embodiment provides a computer device, which may be a server, and the internal structure diagram of the computer device may be as shown in fig. 5. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing the data related to the connection of the authority authentication method. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of rights authentication, such as the steps shown in fig. 2. Alternatively, the processor, when executing the computer program, implements the functions of each module/unit of the authority authentication system in the above-described embodiments, for example, the functions of each module shown in fig. 4. To avoid repetition, further description is omitted here.
Example four
Referring to fig. 5, the present embodiment provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the method for managing the card-to-card secret of the internet of things card in the foregoing method embodiment, or the computer program is executed by the processor to implement the functions of each module/unit in the authority authentication system in the foregoing device embodiment. To avoid repetition, further description is omitted here. It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), synchronous link (Synchlink) DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the system is divided into different functional units or modules to perform all or part of the above-mentioned functions.
Therefore, the invention generates a unique connection code and a unique key for the intelligent hardware which is applied for activation and sends the unique connection code and the unique key to the intelligent hardware. When the intelligent hardware needs to be connected with the server, the unique connection code corresponding to the intelligent hardware and the encrypted key are submitted to the server, the server judges the legality of the equipment by checking the unique connection code of the equipment and the decrypted key, if the equipment is connected, the connection is allowed, and if the equipment is not connected, the connection of the equipment is refused. The permission authentication method simplifies the connection process of the equipment and is more beneficial to the mass connection of the intelligent hardware equipment to the server.
While the foregoing is directed to embodiments of the present invention, it will be understood by those skilled in the art that various changes may be made without departing from the spirit and scope of the invention.
Claims (10)
1. A method for authenticating authority, the method comprising
An activation step:
the server imports the device information of the intelligent hardware,
the intelligent hardware sends an activation request containing the device information to the server,
judging whether the equipment information in the activation request is consistent with the equipment information imported into the intelligent hardware by the server, if so, generating a connection code and a secret key by the server, and storing and sending the connection code and the secret key to the intelligent hardware by the server; and
a connection step:
the smart hardware sends a connection request containing the connection code and key to a server,
the server verifies whether the connection code is legal or not, and if so, the server verifies that the connection code is legal
The server checks whether the secret key is correct or not, if so, the intelligent hardware is allowed to be connected with the server, and if not, the intelligent hardware is refused to be connected with the server.
2. The rights authentication method of claim 1, wherein the device information comprises a combination of one or more of an international mobile equipment identity, a vendor, a production lot, a production key, and a geographic location of the smart hardware.
3. The method for authenticating authority according to claim 1, wherein the server further comprises, after importing the device information of the intelligent hardware, the steps of:
the server stores the equipment information of the intelligent hardware;
the server identifies the intelligent hardware as an inactive state.
4. The method for authenticating authority according to claim 1 or 3, wherein the intelligent hardware further comprises, after sending the activation request containing the device information to a server, the steps of:
and judging whether the equipment information of the intelligent hardware is imported into the server or not, and if not, ending the activation step.
5. The privilege authentication method according to claim 4, wherein in the step of determining whether the device information in the activation request is consistent with the device information imported into the smart hardware by the server,
and if not, returning to the step to judge whether the equipment information of the intelligent hardware is imported into the server.
6. The rights authentication method according to claim 1, wherein in the step of the server verifying whether the connection code is legitimate,
and if the connection is illegal, the intelligent hardware is refused to connect the server.
7. The method of claim 3, wherein in the step of determining whether the device information in the activation request is consistent with the device information imported into the smart hardware by the server, if yes, the server generates a connection code and a key,
if the equipment information in the activation request is consistent with the equipment information of the intelligent hardware imported by the server, the equipment information is used for activating the intelligent hardware
The server identifies the intelligent hardware as an active state.
8. An authority authentication system, comprising:
the server is provided with a plurality of servers,
the hardware of the intelligence is provided with,
the first communication module is used for leading in equipment information of the intelligent hardware by the server, and the first communication module is arranged in the intelligent hardware;
the second communication module is used for sending a connection code and a secret key to the intelligent hardware by the server, and the second communication module is arranged in the server;
the activation request module is used for sending an activation request containing the equipment information to a server by intelligent hardware, the activation request module is arranged in the intelligent hardware, and the activation request module is connected with the server;
the connection request module is used for sending a connection request containing the connection code and the secret key to a server by the intelligent hardware, the connection request module is arranged in the intelligent hardware, and the connection request module is connected with the server;
the activation identification module is used for identifying the intelligent hardware as an activated state or an inactivated state by the server; the activation identification module is arranged in the server;
the connection code generating module is used for the server to generate the connection code, and the connection code generating module is arranged in the server;
the key generation module is used for the server to generate the key, and the key generation module is arranged in the server;
the first storage module is used for storing the equipment information, the connection codes and the secret keys of the intelligent hardware, and the first storage module is arranged on the server;
the second storage module is used for storing the equipment information, the connection code and the secret key of the intelligent hardware; the second storage module is arranged on the intelligent hardware;
the equipment information verification module is used for judging whether the equipment information in the activation request is consistent with the equipment information imported into the intelligent hardware by the server, if so, the server generates a connection code and a secret key, and the equipment information verification module is arranged in the server;
the connection code verification module is used for verifying whether the connection code is legal or not by the server, and if the connection code is legal, the server verifies whether the verification secret key is correct or not; the connection code verification module is arranged in the server;
and the key verification module is used for verifying whether the secret key is correct or not by the server, allowing the intelligent hardware to be connected with the server if the secret key is correct, and refusing the intelligent hardware to be connected with the server if the secret key is wrong, and is arranged in the server.
9. A computer device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the rights authentication method as claimed in any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the rights authentication method as recited in any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010154276.0A CN111291358A (en) | 2020-03-07 | 2020-03-07 | Authority authentication method, system, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010154276.0A CN111291358A (en) | 2020-03-07 | 2020-03-07 | Authority authentication method, system, equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111291358A true CN111291358A (en) | 2020-06-16 |
Family
ID=71022595
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010154276.0A Pending CN111291358A (en) | 2020-03-07 | 2020-03-07 | Authority authentication method, system, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111291358A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112329000A (en) * | 2020-07-22 | 2021-02-05 | 深圳Tcl新技术有限公司 | Device verification method, master control device, controlled device and readable storage medium |
| CN112398824A (en) * | 2020-11-03 | 2021-02-23 | 珠海格力电器股份有限公司 | Authority verification method, storage medium and electronic equipment |
| CN113626856A (en) * | 2021-07-20 | 2021-11-09 | 慕贝尔汽车部件(太仓)有限公司 | Employee file management method and device and network side server |
| CN114333457A (en) * | 2022-01-06 | 2022-04-12 | 湖南汽车工程职业学院 | Cross-multi-platform interactive English teaching dialogue scenario deduction system |
| CN112329000B (en) * | 2020-07-22 | 2024-06-04 | 深圳Tcl新技术有限公司 | Device verification method, master control device, controlled device and readable storage medium |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023917A (en) * | 2012-12-26 | 2013-04-03 | 百度在线网络技术(北京)有限公司 | Method, system and device for authorization aiming at intelligent household electrical appliance |
| CN104144424A (en) * | 2013-05-07 | 2014-11-12 | 华为终端有限公司 | Method for establishing connection between devices, configuration device and wireless devices |
| CN104270758A (en) * | 2014-10-10 | 2015-01-07 | 乐鑫信息科技(上海)有限公司 | Method for safely establishing connection with server and conducting authorization through WIFI |
| CN105099704A (en) * | 2015-08-13 | 2015-11-25 | 上海博路信息技术有限公司 | Biometric identification-based OAuth service |
| CN106452798A (en) * | 2016-12-09 | 2017-02-22 | 吴思齐 | Password authentication method and password authentication system for network devices which are deployed massively |
| CN107135205A (en) * | 2017-04-14 | 2017-09-05 | 天地融科技股份有限公司 | A kind of method for network access and system |
| WO2017177435A1 (en) * | 2016-04-15 | 2017-10-19 | 深圳前海达闼云端智能科技有限公司 | Identity authentication method, terminal and server |
| CN108366063A (en) * | 2018-02-11 | 2018-08-03 | 广东美的厨房电器制造有限公司 | Data communications method, device and its equipment of smart machine |
| CN108683996A (en) * | 2018-03-30 | 2018-10-19 | 努比亚技术有限公司 | A kind of equipment finding method, terminal and computer readable storage medium |
| CN109194694A (en) * | 2018-10-30 | 2019-01-11 | 浙江理工大学 | A kind of knitting equipment conversation managing method Internet-based and system |
| CN109600223A (en) * | 2017-09-30 | 2019-04-09 | 腾讯科技(深圳)有限公司 | Verification method, Activiation method, device, equipment and storage medium |
| CN110727938A (en) * | 2019-10-18 | 2020-01-24 | 北京云迹科技有限公司 | Configuration method and device of intelligent equipment, electronic equipment and storage medium |
| CN110740424A (en) * | 2019-10-28 | 2020-01-31 | 杭州涂鸦信息技术有限公司 | networking method and system, readable storage medium and device |
-
2020
- 2020-03-07 CN CN202010154276.0A patent/CN111291358A/en active Pending
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103023917A (en) * | 2012-12-26 | 2013-04-03 | 百度在线网络技术(北京)有限公司 | Method, system and device for authorization aiming at intelligent household electrical appliance |
| CN104144424A (en) * | 2013-05-07 | 2014-11-12 | 华为终端有限公司 | Method for establishing connection between devices, configuration device and wireless devices |
| CN104270758A (en) * | 2014-10-10 | 2015-01-07 | 乐鑫信息科技(上海)有限公司 | Method for safely establishing connection with server and conducting authorization through WIFI |
| CN105099704A (en) * | 2015-08-13 | 2015-11-25 | 上海博路信息技术有限公司 | Biometric identification-based OAuth service |
| WO2017177435A1 (en) * | 2016-04-15 | 2017-10-19 | 深圳前海达闼云端智能科技有限公司 | Identity authentication method, terminal and server |
| CN106452798A (en) * | 2016-12-09 | 2017-02-22 | 吴思齐 | Password authentication method and password authentication system for network devices which are deployed massively |
| CN107135205A (en) * | 2017-04-14 | 2017-09-05 | 天地融科技股份有限公司 | A kind of method for network access and system |
| CN109600223A (en) * | 2017-09-30 | 2019-04-09 | 腾讯科技(深圳)有限公司 | Verification method, Activiation method, device, equipment and storage medium |
| CN108366063A (en) * | 2018-02-11 | 2018-08-03 | 广东美的厨房电器制造有限公司 | Data communications method, device and its equipment of smart machine |
| CN108683996A (en) * | 2018-03-30 | 2018-10-19 | 努比亚技术有限公司 | A kind of equipment finding method, terminal and computer readable storage medium |
| CN109194694A (en) * | 2018-10-30 | 2019-01-11 | 浙江理工大学 | A kind of knitting equipment conversation managing method Internet-based and system |
| CN110727938A (en) * | 2019-10-18 | 2020-01-24 | 北京云迹科技有限公司 | Configuration method and device of intelligent equipment, electronic equipment and storage medium |
| CN110740424A (en) * | 2019-10-28 | 2020-01-31 | 杭州涂鸦信息技术有限公司 | networking method and system, readable storage medium and device |
Non-Patent Citations (2)
| Title |
|---|
| 张白影等: "《图书馆工作论丛》", 31 December 2017, 北京理工大学出版社 * |
| 王米成: "《智能家居 重新定义生活》", 智能家居 重新定义生活 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112329000A (en) * | 2020-07-22 | 2021-02-05 | 深圳Tcl新技术有限公司 | Device verification method, master control device, controlled device and readable storage medium |
| CN112329000B (en) * | 2020-07-22 | 2024-06-04 | 深圳Tcl新技术有限公司 | Device verification method, master control device, controlled device and readable storage medium |
| CN112398824A (en) * | 2020-11-03 | 2021-02-23 | 珠海格力电器股份有限公司 | Authority verification method, storage medium and electronic equipment |
| CN113626856A (en) * | 2021-07-20 | 2021-11-09 | 慕贝尔汽车部件(太仓)有限公司 | Employee file management method and device and network side server |
| CN113626856B (en) * | 2021-07-20 | 2024-03-08 | 慕贝尔汽车部件(太仓)有限公司 | Staff file management method and device and network server |
| CN114333457A (en) * | 2022-01-06 | 2022-04-12 | 湖南汽车工程职业学院 | Cross-multi-platform interactive English teaching dialogue scenario deduction system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111291358A (en) | Authority authentication method, system, equipment and medium | |
| US9280653B2 (en) | Security access method for automotive electronic control units | |
| EP3451222B1 (en) | Post-manufacture certificate generation | |
| CN111131307B (en) | Method and system for controlling access authority | |
| US9697359B2 (en) | Secure software authentication and verification | |
| CN110535877B (en) | Internet of things terminal identity authentication method and system based on double authentication | |
| CN113038451B (en) | Machine-card binding method and device, communication module and storage medium | |
| CN111107073A (en) | Application automatic login method and device, computer equipment and storage medium | |
| CN104580235A (en) | Authentication method and authentication system for equipment connection | |
| CN111953634B (en) | Access control method and device for terminal equipment, computer equipment and storage medium | |
| CN104348616A (en) | Method for visiting terminal security component, device thereof and system thereof | |
| CN112514323A (en) | Electronic device for processing digital key and operation method thereof | |
| CN112272093B (en) | Token management method, electronic equipment and readable storage medium | |
| CN106576239B (en) | Method and device for managing content in security unit | |
| CN112954654B (en) | Vehicle NFC key registration method, computer device and storage medium | |
| CN112637167A (en) | System login method and device, computer equipment and storage medium | |
| KR20230019032A (en) | Pre-personalized secure element and embedded personalization | |
| CN112118229B (en) | Internet of things equipment, server security authentication method and device and electronic equipment | |
| CN113849798A (en) | Secure login authentication method, system, computer equipment and storage medium | |
| CN109561093B (en) | Unauthorized behavior detection method and device, computer equipment and storage medium | |
| CN113065120A (en) | Interface calling authentication method and device, electronic equipment and readable storage medium | |
| CN114582048A (en) | NFC-based vehicle door control method, mobile terminal and vehicle | |
| CN114338060A (en) | Authority verification method, device, system, equipment and storage medium | |
| CN108154361B (en) | Access method of U shield embedded in mobile terminal and mobile terminal | |
| CN112543454B (en) | Authentication method and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200616 |