CN111356132B - Bluetooth access control method, system, electronic equipment and storage medium - Google Patents
Bluetooth access control method, system, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN111356132B CN111356132B CN201811565435.5A CN201811565435A CN111356132B CN 111356132 B CN111356132 B CN 111356132B CN 201811565435 A CN201811565435 A CN 201811565435A CN 111356132 B CN111356132 B CN 111356132B
- Authority
- CN
- China
- Prior art keywords
- data
- access
- attribute
- bluetooth
- characteristic value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W80/00—Wireless network protocols or protocol adaptations to wireless operation
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Abstract
The invention relates to a Bluetooth access control method, a system, an electronic device and a storage medium, wherein the Bluetooth access control method is used in a Bluetooth access process based on a GATT protocol and comprises the following steps: presetting a state characteristic value, an operation characteristic value and an operation characteristic value corresponding to each state value of the state characteristic value, and respectively presetting operation attribute authority corresponding to the operation characteristic value; receiving first operation data of a first operation characteristic value of the Bluetooth client electronic equipment through Bluetooth; analyzing and reading a current first state value of the state characteristic value; and determining that the received first operation characteristic value corresponds to the first state value of the state characteristic value according to the preset corresponding relation, and if the operation attribute of the first operation data is matched with the preset operation attribute authority, executing the operation corresponding to the operation attribute according to the preset first operation data. The invention realizes the access control under different states of Bluetooth based on the improvement of the GATT Bluetooth protocol.
Description
Technical Field
The present invention relates to the field of bluetooth GATT protocols, and in particular, to a bluetooth access control method, system, electronic device, and storage medium.
Background
Some conventional bluetooth control means include: based on Bluetooth Serial Port Protocol (SPP), bidirectional streaming is realized, different types of data frames are defined, different internal states are divided, and different data frames are transmitted and received to trigger corresponding state conversion and actions, so that the safety of an application layer is realized. Some security protocols that directly interface the open system interconnect reference model are directly carried over, such as by simple Challenge Handshake Authentication Protocol (CHAP) to verify the peer identity.
Conventional such safety control means have the following drawbacks: because the system is required to analyze/package different types of data frames and can perform reliable context judgment according to the internal state, the system has the weakness of being easy to suffer from denial-of-service attacks and malformed message attacks.
Because the state machine is very complex to design/implement, the development of the embedded system application is not facilitated.
Part of protocol analysis/packaging functions need to be packaged into the mobile terminal App, and development of the mobile terminal is not utilized.
Because the traditional GATT protocol needs a system to analyze/package data kernels with different kernel data structures and can perform reliable context judgment according to internal states, the traditional GATT protocol has the weakness of being vulnerable to denial-of-service attacks and malformed message attacks.
Disclosure of Invention
The technical problem solved by the invention is how to realize access control under different states of Bluetooth based on improvement of the GATT Bluetooth protocol.
In order to solve the technical problems, an embodiment of the present invention provides a bluetooth access control method, which is used in a bluetooth access process of a bluetooth server electronic device based on GATT protocol, and includes the following steps:
presetting a state characteristic value, at least one operation characteristic value and one or more operation characteristic values in the at least one operation characteristic value corresponding to each state value of the state characteristic values, wherein operation attribute authorities corresponding to the at least one operation characteristic value are preset respectively;
receiving access data of a Bluetooth client electronic device through Bluetooth, wherein the access data is first operation data of a first operation characteristic value, and the first operation data at least comprises operation attributes;
analyzing and reading a current first state value of the state characteristic value;
determining whether the received first operation characteristic value corresponds to a first state value of the state characteristic value according to a preset corresponding relation, and judging whether the operation attribute of the first operation data is matched with a preset operation attribute authority;
If so, executing the operation corresponding to the operation attribute according to the preset first operation data.
In order to solve the technical problems, the embodiment of the invention also discloses a Bluetooth access control method, which is used in the Bluetooth access process of the Bluetooth client electronic equipment based on the GATT protocol, and comprises the following steps:
presetting an acquired state characteristic value, at least one operation characteristic value, one or more operation characteristic values in the at least one operation characteristic value corresponding to each data value of the state characteristic value, and an access initiating attribute, wherein the access initiating attribute comprises one of reading and writing;
acquiring a current second state value of a state characteristic value of the Bluetooth server-side electronic device through Bluetooth;
determining that the acquired second state value matches a corresponding operation characteristic value and an initiating access attribute according to a preset corresponding relation;
and executing access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value and the access initiating attribute.
In order to solve the technical problem, the embodiment of the invention also discloses an electronic device which comprises a Bluetooth communication antenna, a memory and a processor, wherein the memory stores computer instructions which can be operated on the processor, the processor executes the steps of the Bluetooth access control method for the Bluetooth server electronic device when the processor operates the computer instructions, and the Bluetooth communication antenna performs Bluetooth communication according to the Bluetooth access control method by the processor.
In order to solve the technical problem, the embodiment of the invention also discloses an electronic device which comprises a Bluetooth communication antenna, a memory and a processor, wherein the memory stores computer instructions which can be operated on the processor, the processor executes the steps of the Bluetooth access control method for the Bluetooth client electronic device when the processor operates the computer instructions, and the Bluetooth communication antenna performs Bluetooth communication according to the Bluetooth access control method by the processor.
In order to solve the technical problems, the embodiment of the invention also discloses a computer storage medium, on which computer instructions are stored, wherein the computer instructions execute the steps of the Bluetooth access control method for the Bluetooth server electronic equipment when running.
In order to solve the technical problem, the embodiment of the invention also discloses a computer storage medium, on which computer instructions are stored, wherein the computer instructions execute the steps of the Bluetooth access control method for the Bluetooth client electronic equipment when running.
In order to solve the technical problem, the embodiment of the invention also discloses a bluetooth access control system, which is used in the bluetooth access process of the bluetooth server electronic equipment based on the GATT protocol, and comprises the following steps:
The first preset module is used for presetting a state characteristic value, at least one operation characteristic value and one or more operation characteristic values in the at least one operation characteristic value corresponding to each data value of the state characteristic value, wherein operation attribute authorities corresponding to the at least one operation characteristic value are preset respectively;
the system comprises a data receiving module, a data processing module and a data processing module, wherein the data receiving module is used for receiving access data of a Bluetooth client electronic device through Bluetooth, the access data are first operation data of a first operation characteristic value, and the first operation data at least comprise operation attributes;
the state analyzing module is used for analyzing and reading the current first state value of the state characteristic value;
the permission matching module is used for determining whether the received first operation characteristic value corresponds to a first state value of the state characteristic value according to a preset corresponding relation, and judging whether the operation attribute of the received first operation data is matched with a preset operation attribute permission or not;
and the operation execution module is used for executing the operation corresponding to the operation attribute according to the preset first operation data if the operation attribute authority is matched with the operation attribute authority.
In order to solve the technical problem, the embodiment of the invention also discloses a Bluetooth access control system, which is used in the Bluetooth access process of the Bluetooth client electronic equipment based on the GATT protocol, and comprises the following steps:
The second presetting module is used for presetting the acquired state characteristic value, at least one operation characteristic value, one operation characteristic value in the at least one operation characteristic value corresponding to each data value of the state characteristic value and an initiating access attribute, wherein the initiating access attribute comprises one of reading and writing;
the state acquisition module is used for acquiring a second state value of the state characteristic value of the Bluetooth server-side electronic equipment through Bluetooth;
the state value matching module is used for determining that the second state value of the acquired state characteristic value matches the corresponding operation characteristic value, the initiating access attribute and the kernel data structure according to a preset corresponding relation;
and the access operation execution module is used for executing the access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value, the initiating access attribute and the kernel data structure.
Compared with the prior art, the technical scheme of the embodiment of the invention has the following beneficial effects:
according to the technical scheme, the Bluetooth server-side electronic equipment defines a definite internal state according to the state value of the preset state characteristic value, and the characteristic value with limited operation is limited in different states; the corresponding operation attribute authority and the operation characteristic value are matched with corresponding operation, so that the control of the form of the accessed data is realized, and the internal state is converted through the operations such as reading, writing, notifying and the like of the operation characteristic value; for a specific characteristic value, only data of a specific kernel data structure can be received and transmitted; different characteristic values are independently defined according to encryption attributes and encryption information. Through the comprehensive application of the above means, the defects of the traditional Bluetooth safety control aspect are avoided. The development of both mobile and embedded systems is simplified.
Drawings
Fig. 1 is a flowchart of a first embodiment of a bluetooth access control method according to the present invention;
fig. 2 is a flowchart of a second example of a bluetooth access control method according to the present invention;
fig. 3 is a flowchart illustrating a third embodiment of a bluetooth access control method according to the present invention;
fig. 4 is a flowchart illustrating a second embodiment of a bluetooth access control method according to the present invention;
fig. 5 is a flowchart illustrating a second embodiment of a bluetooth access control method according to the present invention;
fig. 6 is a flowchart illustrating a third embodiment of a bluetooth access control method according to the present invention;
fig. 7 is a flowchart of another bluetooth access control method according to a fourth embodiment of the present invention.
Fig. 8 is a schematic diagram of the structure of a first embodiment of a bluetooth access control system according to the present invention;
fig. 9 is a schematic diagram of a second embodiment of a bluetooth access control system according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Fig. 1 is a flowchart of a first embodiment of bluetooth access control according to the present invention.
As shown in fig. 1, a bluetooth access control method is used in a process that a bluetooth server electronic device is accessed by bluetooth based on GATT protocol, wherein the bluetooth server electronic device may be provided with a bluetooth device capable of executing bluetooth GATT protocol, such as a bluetooth chip, and the bluetooth access control method may include the following steps:
s11: presetting a state characteristic value, at least one operation characteristic value and one or more operation characteristic values in at least one operation characteristic value corresponding to each state value of the state characteristic values, wherein operation attribute authorities corresponding to the at least one operation characteristic value are preset respectively.
The state characteristic value and the operation characteristic value are characteristic values in the GATT protocol, each characteristic value in the GATT protocol is provided with a unique corresponding UUID to identify the characteristic value, the state characteristic value and each operation characteristic value can be preset according to the GATT protocol in the implementation process, and the corresponding relation between the state value of the state characteristic value and the operation characteristic value can be set through a software program of the Bluetooth server electronic equipment. The state value is a specific data segment in the state characteristic value for identifying the current access state.
In a specific implementation, the operation authority attribute of the at least one operation feature value may include one or more of the following operation attributes in the GATT protocol: one or several of read, write and notification, wherein notification includes two: notification only (notify) and indication (indication), and writing includes writing only (write without response) and writing notification (write).
S12: and receiving access data of the Bluetooth client electronic equipment through Bluetooth, wherein the access data is first operation data of a first operation characteristic value, and the first operation data at least comprises operation attributes.
The operation attribute may include one of writing and reading, but is not limited thereto.
S13: and analyzing and reading the current first state value of the state characteristic value.
S14: and determining whether the received first operation characteristic value corresponds to the first state value of the state characteristic value according to the preset corresponding relation, and judging whether the operation attribute of the first operation data is matched with the preset operation attribute authority.
The operation attribute authority of the first operation characteristic value only needs to contain the operation attribute.
S15: if so, executing the operation corresponding to the operation attribute according to the preset first operation data.
The order of implementation of S12 and S13 is not limited.
In this embodiment, the state feature value and the operation feature value are set according to the GATT protocol, and the corresponding correspondence between the state feature value and the operation feature value is set, and then the matching of the operation feature value and the operation attribute of the access data is performed according to the state value, so as to achieve the purpose of restricting the access data, prevent illegal access under a certain state value in the GATT, be applied to the process of information authentication such as identity, authentication, and the like, and be simple and easy to implement in an embedded manner.
As shown in fig. 2, in a first embodiment of the preferred bluetooth access control method, S16 is further included: and determining that the received first operation characteristic value does not correspond to the first state value of the state characteristic value according to the preset corresponding relation, and terminating the access.
In an implementation, when access is terminated, the state characteristic value may be set to be the first state value unchanged.
Further comprising S17: if the operation attribute does not match the operation attribute authority, the access is terminated. .
In the implementation process, when at least one operation attribute in the first characteristic value does not exist in the first operation characteristic value, the first operation attribute is considered to be unmatched, and when the access is terminated, the state characteristic value can be set to be unchanged.
As shown in fig. 3, in a further preferred embodiment of the bluetooth access control method, S18 is further included: presetting an operation state value matrix according to the processing operation corresponding to the operation attribute of at least one operation characteristic value and the trigger jump relation of each state value in the state characteristic values;
after the access termination in S16 or S17, S19 is further included: if the number of times of continuous access termination exceeds the preset number of times, the first state value jumps to the last state value or the initial state value in the operation state value matrix.
After the first state value is skipped, the state value of the skipped state feature value may be notified to the bluetooth service electronic device through bluetooth.
Preferably, in the first embodiment of the bluetooth access control method, based on the first embodiment of the bluetooth access control method, the method includes presetting an operation state value matrix according to a processing operation corresponding to an operation attribute of at least one operation feature value and a trigger jump relationship of each state value in the state feature values, and respectively presetting the processing operation corresponding to each operation attribute of the at least one operation feature value.
S15 specifically comprises the following steps: if the operation attribute is matched, executing the operation corresponding to the operation attribute according to the preset first operation data, and jumping the state value of the state characteristic value to the related state value in the preset operation state value matrix.
After the first state value is skipped, the state value of the skipped state feature value may be notified to the bluetooth service electronic device through bluetooth.
Fig. 4 is a flowchart of a second embodiment of bluetooth access control according to the present invention. In this embodiment, compared to the first embodiment, a preset corresponding kernel data structure is added, and further includes:
s21: presetting a state characteristic value, at least one operation characteristic value and one or more operation characteristic values in at least one operation characteristic value corresponding to each state value of the state characteristic values, wherein operation attribute authorities corresponding to the at least one operation characteristic value are preset respectively.
S22: and presetting a kernel data structure corresponding to at least one operation characteristic value respectively.
The kernel data structure comprises at least the range setting of parameters such as the length, the numerical value size, the structure and the like of each part of data in a data frame of the kernel data.
S23: and receiving access data of the Bluetooth client electronic equipment through Bluetooth, wherein the access data is first operation data of a first operation characteristic value, and the first operation data at least comprises operation attributes.
The operation attribute may include one of writing and reading, but is not limited thereto.
S24: and analyzing and reading the current first state value of the state characteristic value.
S25: and determining whether the received first operation characteristic value corresponds to the first state value of the state characteristic value according to the preset corresponding relation, and judging whether the operation attribute of the first operation data is matched with the preset operation attribute authority.
The operation attribute authority of the first operation characteristic value only needs to contain the operation attribute.
In this embodiment, specific implementation manners of S21-S24 may refer to S11, S13-S15 shown in the first embodiment of bluetooth access control, which are not described herein. The order of implementation of S23 and S24 is not limited.
S26: if so, executing the operation corresponding to the operation attribute according to the kernel data structure of the preset first operation data.
In this embodiment, only data with a specific structure can be received and transmitted, so that the weakness that the GATT protocol is vulnerable to denial of service attack and malformed message attack is effectively overcome.
Preferably, S26 in the second embodiment is specifically: if the operation attribute is writing, the first operation data further comprises kernel data; judging whether the kernel data structure of the first operation data accords with a preset kernel data structure, if so, performing corresponding writing operation, and if not, terminating access; if the operation attribute is reading, generating kernel data of a preset kernel data structure according to the stored data corresponding to the first operation characteristic value, generating corresponding read data according to the kernel data, and sending the read data to the Bluetooth client electronic equipment.
Preferably, S26 further includes: if the operation authority attribute of the first operation characteristic value comprises writing and notification, namely, writing notification (write) in the GATT protocol; the first operational data further includes kernel data; judging whether the kernel data structure of the first operation data accords with a preset kernel data structure, if so, performing corresponding writing, and if not, terminating access; and after performing the corresponding write operation, further comprising: and generating notification data of the first operation characteristic value according to a preset kernel data structure, and sending the notification data to the Bluetooth client electronic equipment through Bluetooth.
As shown in fig. 5, further preferably, S27 is further included before S26 on the basis of the second embodiment: respectively presetting encryption information corresponding to at least one operation characteristic value, wherein the encryption information comprises encryption attributes, an encryption algorithm and an encryption key; wherein the encryption information also includes whether some part of the data frame of the kernel data is encrypted or the data frame is fully encrypted.
In S26, it is determined whether the kernel data of the first operation data conforms to the preset kernel data structure, and if yes, a corresponding reading operation is performed, specifically:
a1: judging whether the encryption attribute is encryption or not;
a2: if yes, determining that the kernel data accords with a preset kernel data structure, decrypting the kernel data according to preset encryption information, and then performing corresponding writing operation;
a3: if not, and the kernel data is determined to accord with the preset kernel data structure, the corresponding writing operation is directly carried out.
The step S26 of generating corresponding read data according to the kernel data specifically includes:
b1: judging whether the encryption attribute is encryption or not;
b2: if yes, encrypting the kernel data according to preset encryption information to obtain encrypted kernel data, and generating corresponding read data according to the encrypted kernel data;
b3: if not, corresponding read data is directly generated according to the kernel data.
In the embodiment, aiming at whether encryption and encryption information are carried out, different operation characteristic values are independently defined, and corresponding encryption attribute definition is carried out on part or all of kernel data in the kernel data, so that the safety in the transmission process and the flexibility in the data kernel structure identification process are improved.
Fig. 6 is a flowchart of a third embodiment of a bluetooth access control method according to the present invention.
As shown in fig. 6, the present invention further relates to a bluetooth access control method, which is used in a bluetooth access process of a bluetooth client electronic device based on the GATT protocol, wherein a bluetooth device capable of executing the bluetooth GATT protocol, such as a bluetooth chip, may be disposed in a bluetooth server electronic device, and the bluetooth access control method may include the following steps:
s31: presetting one or more operation characteristic values in the acquired state characteristic values, the at least one operation characteristic value and the at least one operation characteristic value corresponding to each data value of the acquired state characteristic values respectively, and initiating an access attribute, wherein the initiating the access attribute comprises one of reading and writing.
S32: and acquiring a current second state value of the state characteristic value of the Bluetooth server-side electronic equipment through Bluetooth. The obtained state characteristic value may be obtained through reading or notifying.
S33: and determining that the acquired second state value matches the corresponding operation characteristic value and the initiating access attribute according to the preset corresponding relation.
S34: and executing access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value and the initiating access attribute.
In this embodiment, a state feature value and an operation feature value are set on the side of the bluetooth client electronic device according to the GATT protocol, and corresponding relations between the state feature value and the operation feature value are set, and then access operation is performed on the bluetooth client electronic device according to the currently acquired state value and the access initiation attribute, so that the purpose of performing access operation according to the specific access initiation attribute and the operation feature value is achieved, the access attribute and the corresponding operation feature value under a certain state value in the GATT can be standardized, and the method can be applied to the process of information authentication such as identity and authentication, and is simple and easy to implement in an embedded mode.
Fig. 7 is a flowchart of a fourth embodiment of a bluetooth access control method according to the present invention. In this embodiment, compared to the third embodiment, a preset corresponding kernel data structure is added, and further includes:
s41: presetting one or more operation characteristic values in the acquired state characteristic values, the at least one operation characteristic value and the at least one operation characteristic value corresponding to each data value of the acquired state characteristic values respectively, and initiating an access attribute, wherein the access attribute can comprise one of a reading attribute and a writing attribute.
S42: and presetting a kernel data structure corresponding to at least one operation characteristic value respectively.
S43: and acquiring a current second state value of the state characteristic value of the Bluetooth server-side electronic equipment through Bluetooth. The obtained state characteristic value may be obtained through reading or notifying.
S44: and determining that the acquired second state value matches the corresponding operation characteristic value, the initiating access attribute and the kernel data structure according to the preset corresponding relation.
In this embodiment, specific implementation manners of S41-S44 may refer to S31, S33-S35 shown in the first embodiment of bluetooth access control, which are not described herein.
S45: and executing access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value, the initiating access attribute and the kernel data structure.
Preferably, S45 in the third embodiment specifically includes:
s451 (not shown in the figure): if the access initiating attribute is determined to be writing, generating an access data kernel conforming to the kernel data structure according to the data in the operation characteristic value; generating write access data of a second operation characteristic value according to the access data kernel and the initiating access attribute; and sending the write access data to the Bluetooth server-side electronic equipment through Bluetooth. The access data kernel is the kernel data of the access data, and the initiating access attribute is the operation attribute in the access data.
S452 (not shown in the figure): if the initiating access attribute is determined to be the reading attribute, generating reading access data according to the initiating access attribute; transmitting the read access data to the Bluetooth server-side electronic equipment through Bluetooth; receiving corresponding read data matched with a second state value sent by the Bluetooth service electronic equipment through Bluetooth; judging whether the read data is matched with the kernel data structure of the second operation characteristic value, and if so, storing corresponding data of the read data for subsequent preset operation; if not, the read access fails.
The order of execution is not limited between S451 and S452, and implementation is selected according to the access attribute.
In this embodiment, only data with a specific structure can be received and transmitted, so that the weakness that GATT protocol is vulnerable to denial of service attack and malformed message attack is effectively overcome.
Preferably, the notification attribute is added on the basis of the above, and determining that the access attribute is initiated in S451 includes: determining that the access initiating attribute is writing, and presetting a second state value to also correspond to the notification and the kernel data structure corresponding to the notification respectively. In S451, after sending the write access data to the bluetooth server electronic device through bluetooth, the method further includes: receiving notification data of an operation characteristic value corresponding to a second state value sent by the Bluetooth server-side electronic equipment, and judging whether the notification data is matched with a kernel data structure of the notification of the second state value; if the data are matched, storing corresponding data of the notification data for subsequent preset operation; if not, notifying the operation failure.
Further preferably, the fourth embodiment further includes S46: respectively presetting encryption information corresponding to the initiating access attribute of at least one operation characteristic value, wherein the encryption information comprises an encryption attribute, an encryption algorithm and an encryption key;
the step S452 of generating the write access data of the second state value according to the access data kernel and the access initiating attribute specifically includes:
if the encryption attribute is determined to be encryption, encrypting the generated access data kernel according to the encryption information to obtain an encrypted access data kernel, and generating write access data according to the encrypted access data kernel and the initiating access attribute;
and if the encryption attribute is determined to be unencrypted, generating write access data according to the access data kernel and the initiating access attribute.
Further preferably, the fourth embodiment further includes S46, on the basis of S451: respectively presetting encryption information corresponding to at least one operation characteristic value; the encryption information includes an encryption attribute, an encryption algorithm, and an encryption key.
After receiving that the second state value sent by the bluetooth service electronic device through bluetooth matches the corresponding read data in S451, the method further includes:
judging whether the encryption attribute is encryption or not, if so, decrypting the data kernel of the read data according to the encryption data to obtain the decrypted data kernel of the read data for subsequent preset operation.
Preferably, the fourth embodiment further includes S46: respectively presetting encryption information corresponding to at least one operation characteristic value, wherein the encryption information comprises encryption attributes, an encryption algorithm and an encryption key; determining a preset second state value, and notifying corresponding to the preset second state value and notifying corresponding kernel data structures respectively;
after receiving the notification data of the operation feature value corresponding to the second state value sent by the bluetooth server-side electronic device in S452, the method further includes: judging whether the encryption attribute is encryption or not, if so, decrypting the data kernel in the notification data according to the encryption information to obtain a plaintext data kernel; if so, storing corresponding data of the notification data, including: and if so, storing corresponding data in the plaintext data kernel.
The following is an example combination to explain how bluetooth access control is performed between a bluetooth server-side electronic device and a bluetooth client-side electronic device.
C1: bluetooth connection based on GATT protocol is established between Bluetooth server side electronic equipment and Bluetooth client side electronic equipment. The following communication interactions are all based on the GATT protocol.
C2: and the STATE value of the STATE characteristic value STATE of the Bluetooth server-side electronic equipment is 0, and the STATE value is sent to the Bluetooth client-side electronic equipment.
And C3: and when the Bluetooth client electronic equipment receives the STATE characteristic value STATE=0, determining that the operation characteristic value is INFO according to a preset corresponding relation, initiating access attribute to read, taking the challenge code as kernel data according to a preset kernel data structure, generating read access data of the INFO, and sending the read access data to the Bluetooth server electronic equipment.
And C4: the Bluetooth server electronic equipment determines whether INFO is matched according to a preset corresponding relation, if so, determines that the read attribute is in a preset access authority attribute, if so, encrypts a challenge code according to preset encryption information, generates read data of an INFO characteristic value according to the preset core data structure, and sends the read data to the Bluetooth client electronic equipment through the INFO characteristic value.
C5: after the Bluetooth client electronic device reads the data through the INFO characteristic value, the INFO reads the preset encrypted data, and further data structure matching and decryption are carried out on the read data to obtain the read data of the plaintext.
C6: after the INFO characteristic value is sent, the Bluetooth server electronic device jumps the STATE to 1, and informs the Bluetooth client electronic device of the new STATE value of the STATE.
Fig. 8 is a schematic diagram of the structure of a first embodiment of a bluetooth access control system according to the present invention.
A bluetooth access control system 50 for use in a bluetooth access procedure in which a bluetooth server electronic device is GATT protocol based, comprising:
a first preset module 51, configured to preset a state feature value, at least one operation feature value, and one or more operation feature values in at least one operation feature value corresponding to each data value of the state feature value, where operation attribute rights corresponding to the at least one operation feature value are preset respectively;
the data receiving module 52 is configured to receive, via bluetooth, access data of a bluetooth client electronic device, where the access data is first operation data of a first operation feature value, and the first operation data includes at least an operation attribute;
the state analyzing module 53 is configured to analyze and read a current first state value of the state feature value;
the permission matching module 54 is configured to determine, according to a preset correspondence, that the received first operation feature value corresponds to a first state value of the state feature value, and determine whether an operation attribute of the received first operation data matches a preset operation attribute permission;
and the operation execution module 55 is configured to execute an operation corresponding to the operation attribute according to the preset first operation data if the operation attribute authority is matched with the operation attribute authority.
Preferably, the method further comprises a second preset module, wherein the second preset module is used for presetting kernel data structures corresponding to at least one operation characteristic value respectively;
the operation execution module 55 is specifically configured to: and if the operation attribute authority is matched with the operation attribute authority, executing the operation corresponding to the operation attribute according to the kernel data structure of the preset first operation data.
Preferably, the operation execution module 55 includes:
the write operation execution unit is used for if the operation attribute is write, the first operation data also comprises kernel data; judging whether the kernel data structure of the first operation data accords with a preset kernel data structure, if so, performing corresponding writing operation, and if not, terminating access; and/or
And the reading operation execution unit is used for generating the kernel data of the preset kernel data structure according to the stored data corresponding to the first operation characteristic value if the operation attribute is reading, generating the corresponding reading data according to the kernel data and sending the reading data to the Bluetooth client electronic equipment.
Preferably, the operation authority attribute of the first operation characteristic value includes writing and notification; and the write operation execution unit is also used for generating notification data of the first operation characteristic value according to a preset kernel data structure after corresponding write operation is carried out, and sending the notification data to the Bluetooth client electronic equipment through Bluetooth.
Preferably, the method further comprises: the operation encryption module is used for presetting encryption information corresponding to at least one operation characteristic value respectively, wherein the encryption information comprises encryption attributes, an encryption algorithm and an encryption key;
the write operation execution unit is specifically configured to: if the operation attribute is writing, judging whether the encryption attribute is encryption, if yes, determining that the kernel data accords with a preset kernel data structure, decrypting the kernel data according to preset encryption information, and then performing corresponding writing operation;
if not, and the kernel data is determined to accord with the preset kernel data structure, the corresponding writing operation is directly carried out.
Preferably, the method further comprises the step of operating an encryption module for: respectively presetting encryption information corresponding to at least one operation characteristic value, wherein the encryption information comprises encryption attributes, an encryption algorithm and an encryption key;
the write operation execution unit is specifically configured to: if the operation attribute is read, judging whether the encryption attribute is encryption, if so, encrypting the kernel data according to preset encryption information to obtain encrypted kernel data, and generating corresponding read data according to the encrypted kernel data; if not, directly generating corresponding read data according to the kernel data, and sending the read data to the Bluetooth client electronic equipment.
Preferably, the system further comprises a matrix setting module, wherein the matrix setting module is used for presetting an operation state value matrix according to the processing operation corresponding to the operation of at least one operation characteristic value and the trigger jump relation of each state value in the state characteristic values;
the processing operation preset module is used for respectively presetting processing operations corresponding to the operation attributes of at least one operation characteristic value;
the operation execution module is specifically configured to execute a processing operation corresponding to the operation attribute according to the preset first operation data if the operation execution module is in authority matching with the operation attribute;
and the state value jump rotor unit is used for jumping the state value of the state characteristic value to the relevant state value in the preset operation state value matrix after the preset processing operation is successfully completed.
Preferably, the method further comprises: the characteristic value unmatched module is used for identifying that the received first operation characteristic value does not correspond to the first state value of the state characteristic value, and the access is terminated.
Preferably, the attribute does not match the block, and is used for terminating the access if the operation attribute does not match the operation attribute authority.
Preferably, the system further comprises a matrix setting module, wherein the matrix setting module is used for presetting an operation state value matrix according to the trigger jump relation between the processing operation corresponding to the operation attribute of at least one operation characteristic value and each state value in the state characteristic values;
The system further comprises a state value resetting module, which is used for determining that the number of times of continuous access termination exceeds the preset number of times after the access termination, and the first state value jumps to the last state value or the initial state value in the operation state value matrix.
The specific implementation manner and beneficial technical effects of this embodiment refer to the first embodiment, the second embodiment, and the third embodiment of the bluetooth access control method, which are not described herein again.
Fig. 9 is a schematic diagram of a second embodiment of a bluetooth access control system according to the present invention. A bluetooth access control system 60 for use in a bluetooth access procedure of a bluetooth client electronic device based on the GATT protocol, comprising:
a second preset module 61, configured to preset an acquired state feature value, at least one operation feature value, and an operation feature value in at least one operation feature value corresponding to each data value of the state feature value, and initiate an access attribute, where the initiating an access attribute includes one of reading and writing;
the state obtaining module 62 is configured to obtain, through bluetooth, a second state value of the state feature value of the bluetooth server electronic device;
the state value matching module 63 is configured to determine, according to a preset correspondence, that the second state value of the obtained state feature value matches the corresponding operation feature value, the initiating access attribute and the kernel data structure;
The access operation executing module 64 is configured to execute an access operation to the bluetooth server electronic device according to the second state value matching the corresponding operation feature value, the initiation access attribute, and the kernel data structure.
Preferably, the method further comprises:
the data structure presetting module 62 is configured to preset kernel data structures corresponding to at least one operation feature value respectively;
the state value matching module 63 is specifically configured to: determining that the acquired second state value matches the corresponding operation characteristic value, the initiating access attribute and the kernel data structure according to a preset corresponding relation;
the access operation execution module 64 is specifically configured to: and executing access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value, the initiating access attribute and the kernel data structure.
Preferably, the access operation execution module 64 specifically includes:
the write access data unit is used for generating an access data kernel of a preset kernel data structure according to the data in the operation characteristic value if the access initiating attribute is determined to be write; generating write access data of a second operation characteristic value according to the access data kernel and the initiating access attribute; transmitting the writing access data to the Bluetooth server-side electronic equipment through Bluetooth; and
The read access data unit is used for generating read access data according to the initiating access attribute if the initiating access attribute is determined to be the read attribute; transmitting the read access data to the Bluetooth server-side electronic equipment through Bluetooth;
the receiving read data unit is used for receiving corresponding read data matched with a second state value sent by the Bluetooth service electronic equipment through Bluetooth; judging whether the read data is matched with the kernel data structure of the second operation characteristic value, and if so, storing corresponding data of the read data for subsequent preset operation; if not, the read access fails.
Preferably, the write access data unit further comprises:
a notification subunit, configured to determine that the preset second state value further corresponds to the notification and a kernel data structure corresponding to the notification respectively;
a notification data receiving subunit, configured to receive notification data of an operation feature value corresponding to the second state value sent by the bluetooth server electronic device after sending the write access data to the bluetooth server electronic device through bluetooth;
a notification data judging subunit, configured to judge whether the notification data matches the core data structure of the notification of the second state value; if the data are matched, storing corresponding data of the notification data for subsequent preset operation; if not, notifying the operation failure.
Preferably, the system further comprises an access encryption module, wherein the access encryption module is used for presetting encryption information corresponding to the initiating access attribute of at least one operation characteristic value, and the encryption information comprises encryption attributes, an encryption algorithm and an encryption key;
an access operation execution module comprising:
the encryption execution unit is used for encrypting the generated access data kernel according to the encryption information if the encryption attribute is determined to be encryption, so as to obtain an encrypted access data kernel, and generating write access data according to the encrypted access data kernel and the initiation access attribute;
and the non-encryption execution unit is used for generating write access data according to the access data kernel and the initiating access attribute if the encryption attribute is determined to be non-encryption.
Preferably, the access encryption module is used for respectively presetting encryption information corresponding to at least one operation characteristic value; the encryption information comprises encryption attributes, encryption algorithms and encryption keys;
and the decryption module is used for judging whether the encryption attribute is encryption after receiving the read data which is matched with the second state value sent by the Bluetooth service electronic equipment through Bluetooth, and if so, decrypting the data kernel of the read data according to the encryption data to obtain the decrypted data kernel of the read data for subsequent preset operation.
Preferably, the access encryption module is configured to preset encryption information corresponding to at least one operation feature value, where the encryption information includes an encryption attribute, an encryption algorithm and an encryption key;
a notification subunit, configured to determine that the preset second state value further corresponds to the notification and a kernel data structure corresponding to the notification respectively;
the notification data receiving subunit is specifically configured to: after receiving notification data of an operation characteristic value corresponding to a second state value sent by the Bluetooth server electronic equipment, judging whether the encryption attribute is encryption or not, if so, decrypting a data kernel in the notification data according to encryption information to obtain a plaintext data kernel;
accepting a read data unit, in particular for: and receiving the read data corresponding to the second state value matching transmitted by the Bluetooth service electronic equipment through Bluetooth, judging whether the read data is matched with the kernel data structure of the second operation characteristic value, and if so, storing the corresponding data in the kernel of the plaintext data.
The specific implementation manner and beneficial technical effects of this embodiment refer to the fourth embodiment and the fifth embodiment of the bluetooth access control method, and are not described herein again.
The embodiment of the invention also provides electronic equipment, which comprises a Bluetooth communication antenna, a memory and a processor, wherein the memory stores computer instructions capable of running on the processor, the processor executes the steps in any one of the first embodiment, the second embodiment and the third embodiment of the Bluetooth access control method when running the computer instructions, and the Bluetooth communication antenna performs Bluetooth communication according to the processor according to any one of the first embodiment, the second embodiment and the third embodiment of the Bluetooth access control method.
The embodiment of the invention also provides another electronic device, which comprises a bluetooth communication antenna, a memory and a processor, wherein the memory stores computer instructions capable of running on the processor, the processor executes the steps in any one of the fourth embodiment and the fifth embodiment of the bluetooth access control method when running the computer instructions, and the bluetooth communication antenna performs bluetooth communication according to the processor according to any one of the fourth embodiment and the fifth embodiment of the bluetooth access control method.
The electronic device may be, without limitation, an electronic terminal such as a smart phone, a smart watch, or a vehicle-mounted electronic device with a bluetooth device, and the bluetooth device may be a bluetooth device with a bluetooth antenna, which may be used in GATT protocol, and may be a BLE bluetooth chip, a classical bluetooth chip, or the like, without limitation.
The embodiment of the invention also provides a computer storage medium, on which computer instructions are stored, which when executed perform the steps of a bluetooth access control method as described in any of the previous embodiments. The computer storage medium may be any tangible medium, such as floppy diskettes, CD-ROMs, DVDs, hard drives, even network media, etc.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of the above embodiments may be implemented by a program to instruct related hardware, the program may be stored in a computer readable storage medium, and the storage medium may include: ROM, RAM, magnetic or optical disks, etc.
It should be understood that while one form of implementation of the embodiments of the present invention has been described above as a computer program product, the method or apparatus of embodiments of the present invention may be implemented in software, hardware, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or special purpose design hardware. Those of ordinary skill in the art will appreciate that the methods and apparatus described above may be implemented using computer executable instructions and/or embodied in processor control code, such as provided on a carrier medium such as a magnetic disk, CD or DVD-ROM, a programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The methods and apparatus of the present invention may be implemented by hardware circuitry, such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., as software executed by various types of processors, or by a combination of the above hardware circuitry and software, such as firmware.
It should be understood that while several modules or units of apparatus are mentioned in the detailed description above, such partitioning is merely exemplary and not mandatory. Indeed, according to exemplary embodiments of the invention, the features and functions of two or more modules/units described above may be implemented in one module/unit, whereas the features and functions of one module/unit described above may be further divided into a plurality of modules/units. Furthermore, certain modules/units described above may be omitted in certain application scenarios.
It should be understood that the description is only intended to describe some key, not necessarily essential, techniques and features in order not to obscure the embodiments of the invention, and may not be illustrative of some features that may be implemented by those skilled in the art.
The foregoing is only illustrative of the present invention and is not to be construed as limiting thereof, but rather as presently claimed, and is intended to cover all modifications, alternatives, and equivalents falling within the spirit and scope of the invention.
Although the present invention is disclosed above, the present invention is not limited thereto. Various changes and modifications may be made by one skilled in the art without departing from the spirit and scope of the invention, and the scope of the invention should be assessed accordingly to that of the appended claims.
Claims (21)
1. The Bluetooth access control method is characterized by comprising the following steps of:
presetting a state characteristic value, at least one operation characteristic value and one or more operation characteristic values in the at least one operation characteristic value corresponding to each state value of the state characteristic values, wherein operation attribute authorities corresponding to the at least one operation characteristic value are preset respectively;
receiving access data of a Bluetooth client electronic device through Bluetooth, wherein the access data is first operation data of a first operation characteristic value, and the first operation data at least comprises operation attributes;
analyzing and reading a current first state value of the state characteristic value;
determining whether the received first operation characteristic value corresponds to a first state value of the state characteristic value according to a preset corresponding relation, and judging whether the operation attribute of the first operation data is matched with a preset operation attribute authority;
if so, executing the operation corresponding to the operation attribute according to the preset first operation data;
the method further comprises the steps of: respectively presetting a kernel data structure corresponding to the at least one operation characteristic value;
If the operation attributes are matched, executing the operation corresponding to the operation attributes according to the preset first operation data, specifically: executing the operation corresponding to the operation attribute according to the kernel data structure of the preset first operation data;
the operation of the corresponding operation attribute according to the kernel data structure of the preset first operation data includes:
if the operation attribute is writing, the first operation data further comprises kernel data; judging whether the kernel data structure of the first operation data accords with a preset kernel data structure, if so, performing corresponding writing operation, and if not, terminating access;
if the operation attribute is reading, generating kernel data of a preset kernel data structure according to the stored data corresponding to the first operation characteristic value, generating corresponding read data according to the kernel data, and sending the read data to the Bluetooth client electronic equipment.
2. The method of claim 1, wherein the operation authority attribute of the at least one operation characteristic value is preset respectively to include one or several of reading, writing, and notification.
3. The method of claim 1, wherein the operational authority attribute of the first operational characteristic value comprises a write and a notification;
after the corresponding writing, the method further comprises the following steps: and generating notification data of the first operation characteristic value according to a preset kernel data structure, and sending the notification data to the Bluetooth client electronic equipment through Bluetooth.
4. The method as recited in claim 1, further comprising: respectively presetting encryption information corresponding to the at least one operation characteristic value, wherein the encryption information comprises encryption attributes, an encryption algorithm and an encryption key; judging whether the kernel data of the first operation data accords with a preset kernel data structure, if so, performing corresponding reading operation, specifically:
judging whether the encryption attribute is encryption or not, if yes, determining that the kernel data accords with a preset kernel data structure, decrypting the kernel data according to preset encryption information, and then performing corresponding writing operation;
if not, and the kernel data is determined to accord with the preset kernel data structure, the corresponding writing operation is directly carried out.
5. The method as recited in claim 1, further comprising: respectively presetting encryption information corresponding to the at least one operation characteristic value, wherein the encryption information comprises encryption attributes, an encryption algorithm and an encryption key;
the generating corresponding read data according to the kernel data specifically includes: judging whether the encryption attribute is encryption or not, if so, encrypting the core data according to preset encryption information to obtain encrypted core data, and generating corresponding read data according to the encrypted core data; if not, directly generating corresponding read data according to the kernel data.
6. The method as recited in claim 1, further comprising: and identifying that the received first operation characteristic value does not correspond to the first state value of the state characteristic value, and terminating the access.
7. The method of claim 1, further comprising terminating access if the operational attribute does not match an operational attribute authority.
8. The method according to claim 1, wherein an operation state value matrix is preset according to a trigger jump relation between a processing operation corresponding to the operation of the at least one operation feature value and each state value in the state feature values, and the processing operation corresponding to each operation attribute of the at least one operation feature value is preset respectively;
After the operation corresponding to the operation attribute is executed according to the preset first operation data,
further comprises: and skipping the state value of the state characteristic value to a related state value in a preset operation state value matrix.
9. The method according to claim 1, 6 or 7, wherein an operation state value matrix is preset according to a trigger jump relationship between a processing operation corresponding to an operation attribute of the at least one operation feature value and each state value in the state feature values;
after the access is terminated, the method further comprises: and if the number of times of continuous access termination exceeds the preset number of times, the first state value jumps to the last state value or the initial state value in the operation state value matrix.
10. The method according to claim 8 or 9, further comprising, after the first state value jumps:
and notifying the state value of the state characteristic value after the jump to the Bluetooth server-side electronic equipment through Bluetooth.
11. The Bluetooth access control method is characterized by comprising the following steps of:
presetting an acquired state characteristic value, at least one operation characteristic value, one or more operation characteristic values in the at least one operation characteristic value corresponding to each data value of the state characteristic value, and an access initiating attribute, wherein the access initiating attribute comprises one of reading and writing;
Acquiring a current second state value of a state characteristic value of the Bluetooth server-side electronic device through Bluetooth;
determining that the acquired second state value matches a corresponding operation characteristic value and an initiating access attribute according to a preset corresponding relation;
executing access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value and the initiating access attribute;
the method further comprises the steps of:
respectively presetting a kernel data structure corresponding to the at least one operation characteristic value;
the determining that the obtained second state value matches the corresponding operation characteristic value and the initiating access attribute according to the preset corresponding relation includes: determining that the acquired second state value matches a corresponding operation characteristic value, an initiating access attribute and a kernel data structure according to a preset corresponding relation;
the executing the access operation to the Bluetooth server-side electronic device according to the second state value matching the corresponding operation characteristic value and the initiating access attribute comprises the following steps: executing access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value, the initiating access attribute and the kernel data structure;
The performing a corresponding access matching operation according to the second state value matching the corresponding operation feature value, the initiating access attribute and the kernel data structure includes:
if the access initiating attribute is determined to be writing, generating an access data kernel of a preset kernel data structure according to the data in the operation characteristic value; generating write access data of a second operation characteristic value according to the access data kernel and the initiating access attribute; transmitting the write access data to Bluetooth server-side electronic equipment through Bluetooth;
if the initiating access attribute is determined to be a reading attribute, generating reading access data according to the initiating access attribute; transmitting the read access data to Bluetooth server-side electronic equipment through Bluetooth;
receiving the read data matched with the second state value sent by the Bluetooth server-side electronic equipment through Bluetooth;
judging whether the read data is matched with the kernel data structure of the second operation characteristic value, and if so, storing corresponding data of the read data; if not, the read access fails.
12. The method of claim 11, wherein the determining that the originating access attribute is a write comprises: determining that the access initiating attribute is writing, and presetting a kernel data structure corresponding to the notification and the notification respectively corresponding to the second state value;
After the write access data is sent to the Bluetooth server-side electronic equipment through Bluetooth, the method further comprises the following steps:
receiving notification data of an operation characteristic value corresponding to the second state value sent by the Bluetooth server-side electronic equipment, and judging whether the notification data is matched with a kernel data structure of the notification of the second state value;
if so, storing corresponding data of the notification data;
if not, the notifying operation fails.
13. The method according to claim 11, wherein encryption information corresponding to the originating access attribute of the at least one operation feature value is preset, and the encryption information includes an encryption attribute, an encryption algorithm, and an encryption key;
the generating the write access data of the second state value according to the access data kernel and the access initiating attribute specifically includes:
if the encryption attribute is determined to be encryption, encrypting the generated access data kernel according to the encryption information to obtain an encrypted access data kernel, and generating write access data according to the encrypted access data kernel and the initiating access attribute;
and if the encryption attribute is determined to be unencrypted, generating write access data according to the access data kernel and the access initiating attribute.
14. The method according to claim 11, wherein encryption information corresponding to the at least one operation feature value is preset respectively; the encryption information comprises encryption attributes, an encryption algorithm and an encryption key;
after receiving the read data corresponding to the second state value matching sent by the bluetooth server-side electronic device through bluetooth, the method further comprises:
judging whether the encryption attribute is encryption or not, if so, decrypting the data kernel of the read data according to the encryption data to obtain the decrypted data kernel of the read data.
15. The method according to claim 12, wherein encryption information corresponding to the at least one operation feature value is preset, and the encryption information includes an encryption attribute, an encryption algorithm, and an encryption key; determining a preset second state value and corresponding notification and a kernel data structure corresponding to the notification respectively;
after receiving the notification data of the operation feature value corresponding to the second state value sent by the bluetooth server-side electronic device, the method further includes: judging whether the encryption attribute is encryption or not, if so, decrypting the data kernel in the notification data according to the encryption information to obtain a plaintext data kernel; and if the notification data are matched, storing corresponding data of the notification data, wherein the corresponding data comprise: and if so, storing corresponding data in the plaintext data kernel.
16. An electronic device comprising a bluetooth communication antenna, a memory and a processor, said memory having stored thereon computer instructions executable on said processor, said processor executing the steps of the bluetooth access control method according to any one of claims 1 to 10 when said computer instructions are executed, said bluetooth communication antenna performing bluetooth communication according to said processor according to the bluetooth access control method according to any one of claims 1 to 10.
17. An electronic device comprising a bluetooth communication antenna, a memory and a processor, the memory having stored thereon computer instructions executable on the processor, the processor executing the steps of the bluetooth access control method according to any one of claims 11 to 15 when the computer instructions are executed, the bluetooth communication antenna performing bluetooth communication according to the processor according to the bluetooth access control method according to any one of claims 11 to 15.
18. A computer storage medium having stored thereon computer instructions, characterized in that the computer instructions, when run, perform the steps of the bluetooth access control method according to any of claims 1 to 10.
19. A computer storage medium having stored thereon computer instructions, characterized in that the computer instructions, when run, perform the steps of the bluetooth access control method according to any of claims 11 to 15.
20. A bluetooth access control system, for use in a bluetooth access procedure in which a bluetooth server electronic device is GATT protocol-based, comprising:
the first preset module is used for presetting a state characteristic value, at least one operation characteristic value and one or more operation characteristic values in the at least one operation characteristic value corresponding to each data value of the state characteristic value, wherein operation attribute authorities corresponding to the at least one operation characteristic value are preset respectively;
the system comprises a data receiving module, a data processing module and a data processing module, wherein the data receiving module is used for receiving access data of a Bluetooth client electronic device through Bluetooth, the access data are first operation data of a first operation characteristic value, and the first operation data at least comprise operation attributes;
the state analyzing module is used for analyzing and reading the current first state value of the state characteristic value;
the permission matching module is used for determining whether the received first operation characteristic value corresponds to a first state value of the state characteristic value according to a preset corresponding relation, and judging whether the operation attribute of the received first operation data is matched with a preset operation attribute permission or not;
The operation execution module is used for executing the operation corresponding to the operation attribute according to the preset first operation data if the operation attribute authority is matched with the operation attribute authority;
the system further comprises:
the second preset module is used for presetting kernel data structures corresponding to at least one operation characteristic value respectively;
the operation execution module is specifically configured to: if the operation attribute authority is matched with the operation attribute authority, executing operation corresponding to the operation attribute according to a kernel data structure of preset first operation data;
the operation execution module includes:
the write operation execution unit is used for if the operation attribute is write, the first operation data also comprises kernel data; judging whether the kernel data structure of the first operation data accords with a preset kernel data structure, if so, performing corresponding writing operation, and if not, terminating access; and/or
And the reading operation execution unit is used for generating the kernel data of the preset kernel data structure according to the stored data corresponding to the first operation characteristic value if the operation attribute is reading, generating the corresponding reading data according to the kernel data and sending the reading data to the Bluetooth client electronic equipment.
21. A bluetooth access control system, for use in a bluetooth access procedure of a bluetooth client electronic device based on the GATT protocol, comprising:
The second presetting module is used for presetting the acquired state characteristic value, at least one operation characteristic value, one operation characteristic value in the at least one operation characteristic value corresponding to each data value of the state characteristic value and an initiating access attribute, wherein the initiating access attribute comprises one of reading and writing;
the state acquisition module is used for acquiring a second state value of the state characteristic value of the Bluetooth server-side electronic equipment through Bluetooth;
the state value matching module is used for determining that the second state value of the acquired state characteristic value matches the corresponding operation characteristic value, the initiating access attribute and the kernel data structure according to a preset corresponding relation;
the access operation execution module is used for executing the access operation to the Bluetooth server-side electronic equipment according to the second state value matching the corresponding operation characteristic value, the initiating access attribute and the kernel data structure;
the system further comprises:
the data structure presetting module is used for presetting kernel data structures corresponding to at least one operation characteristic value respectively;
the state value matching module is specifically configured to: determining that the acquired second state value matches the corresponding operation characteristic value, the initiating access attribute and the kernel data structure according to a preset corresponding relation;
The access operation execution module is specifically configured to: according to the second state value, matching the corresponding operation characteristic value, initiating access attribute and kernel data structure to execute access operation to the Bluetooth server-side electronic equipment;
the access operation execution module specifically includes:
the write access data unit is used for generating an access data kernel of a preset kernel data structure according to the data in the operation characteristic value if the access initiating attribute is determined to be write; generating write access data of a second operation characteristic value according to the access data kernel and the initiating access attribute; transmitting the writing access data to the Bluetooth server-side electronic equipment through Bluetooth; and
the read access data unit is used for generating read access data according to the initiating access attribute if the initiating access attribute is determined to be the read attribute; transmitting the read access data to the Bluetooth server-side electronic equipment through Bluetooth;
the read data receiving unit is used for receiving corresponding read data matched with a second state value sent by the Bluetooth server-side electronic equipment through Bluetooth; judging whether the read data is matched with the kernel data structure of the second operation characteristic value, and if so, storing corresponding data of the read data for subsequent preset operation; if not, the read access fails.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811565435.5A CN111356132B (en) | 2018-12-20 | 2018-12-20 | Bluetooth access control method, system, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811565435.5A CN111356132B (en) | 2018-12-20 | 2018-12-20 | Bluetooth access control method, system, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111356132A CN111356132A (en) | 2020-06-30 |
| CN111356132B true CN111356132B (en) | 2023-04-25 |
Family
ID=71196696
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811565435.5A Active CN111356132B (en) | 2018-12-20 | 2018-12-20 | Bluetooth access control method, system, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111356132B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112399358A (en) * | 2020-11-05 | 2021-02-23 | 北京小米移动软件有限公司 | Telephone notification method, device, system, equipment and medium |
| CN115767486A (en) * | 2021-09-03 | 2023-03-07 | 成都极米科技股份有限公司 | Bluetooth communication method, first device, second device and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104022805A (en) * | 2014-06-06 | 2014-09-03 | 深圳市爱美家电子科技有限公司 | Method and device of connecting Bluetooth devices at master end and slave ends |
| CN106658365A (en) * | 2016-11-18 | 2017-05-10 | 青岛海信移动通信技术股份有限公司 | Communication method and apparatus based on low-loss Bluetooth protocol |
| CN107172579A (en) * | 2017-06-15 | 2017-09-15 | 精伦电子股份有限公司 | A kind of method and system by Bluetooth information control bluetooth controlled terminal |
| CN108416207A (en) * | 2018-03-07 | 2018-08-17 | 北京元心科技有限公司 | Bluetooth access right discrimination method, device and mobile terminal |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10390113B2 (en) * | 2015-09-07 | 2019-08-20 | Lg Electronics Inc. | Method and apparatus for controlling device using bluetooth technology |
-
2018
- 2018-12-20 CN CN201811565435.5A patent/CN111356132B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104022805A (en) * | 2014-06-06 | 2014-09-03 | 深圳市爱美家电子科技有限公司 | Method and device of connecting Bluetooth devices at master end and slave ends |
| CN106658365A (en) * | 2016-11-18 | 2017-05-10 | 青岛海信移动通信技术股份有限公司 | Communication method and apparatus based on low-loss Bluetooth protocol |
| CN107172579A (en) * | 2017-06-15 | 2017-09-15 | 精伦电子股份有限公司 | A kind of method and system by Bluetooth information control bluetooth controlled terminal |
| CN108416207A (en) * | 2018-03-07 | 2018-08-17 | 北京元心科技有限公司 | Bluetooth access right discrimination method, device and mobile terminal |
Non-Patent Citations (2)
| Title |
|---|
| 杨战社.基于蓝牙技术的数据传输.《中国优秀硕士学位论文全文数据库 信息科技辑》.2005,I136-442. * |
| 陈子龙.基于蓝牙4.0及以太网的数据传输系统设计.《中国优秀硕士学位论文全文数据库 信息科技辑》.2016,I136-1050. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111356132A (en) | 2020-06-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10326797B1 (en) | Provisioning a secure connection using a pre-shared key | |
| US9924366B2 (en) | Platform validation and management of wireless devices | |
| US9094823B2 (en) | Data processing for securing local resources in a mobile device | |
| US20050188219A1 (en) | Method and a system for communication between a terminal and at least one communication equipment | |
| EP3099090B1 (en) | Network locking or card locking method and device for a mobile terminal, terminal, sim card, storage media | |
| US20200348361A1 (en) | Systems and methods for intellectual property-secured, remote debugging | |
| CN111314366B (en) | MQTT protocol-based secure login system and method | |
| CN111355684B (en) | Internet of things data transmission method, device and system, electronic equipment and medium | |
| CN113395406B (en) | Encryption authentication method and system based on power equipment fingerprint | |
| CN111356132B (en) | Bluetooth access control method, system, electronic equipment and storage medium | |
| CN109451504B (en) | Internet of things module authentication method and system | |
| US8798261B2 (en) | Data protection using distributed security key | |
| CN111404706A (en) | Application downloading method, secure element, client device and service management device | |
| CN111614496B (en) | Route access method, device, electronic equipment and storage medium | |
| KR101329789B1 (en) | Encryption Method of Database of Mobile Communication Device | |
| CN104994078B (en) | Information transmission, acquisition methods and device, information processing system in local area network | |
| CN111259400B (en) | Vulnerability detection method, device and system | |
| US20220050605A1 (en) | Remote enforcement of device memory | |
| EP3884638A1 (en) | Private key cloud storage | |
| CN114650175B (en) | Verification method and device | |
| KR102259674B1 (en) | Authentication method for operating program using block chain | |
| CN113726720B (en) | Internet of things equipment communication method, equipment, server and communication system | |
| CN113890778B (en) | Intelligent home authentication and encryption method and system based on local area network | |
| CN114928756B (en) | Video data protection, encryption and verification method, system and equipment | |
| CN111970281B (en) | Routing equipment remote control method and system based on verification server and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |