CN111611574A - Information acquisition method, device, equipment and system - Google Patents

Information acquisition method, device, equipment and system Download PDF

Info

Publication number
CN111611574A
CN111611574A CN201910133472.7A CN201910133472A CN111611574A CN 111611574 A CN111611574 A CN 111611574A CN 201910133472 A CN201910133472 A CN 201910133472A CN 111611574 A CN111611574 A CN 111611574A
Authority
CN
China
Prior art keywords
parameter
information
server
access request
terminal device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910133472.7A
Other languages
Chinese (zh)
Other versions
CN111611574B (en
Inventor
肖月振
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201910133472.7A priority Critical patent/CN111611574B/en
Publication of CN111611574A publication Critical patent/CN111611574A/en
Application granted granted Critical
Publication of CN111611574B publication Critical patent/CN111611574B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention provides an information acquisition method, an information acquisition device, information acquisition equipment and an information acquisition system, wherein the method comprises the following steps: responding to the networking operation of the terminal equipment, the terminal equipment sends a first access request to the server, wherein the first access request comprises identity authentication information corresponding to the terminal equipment; the terminal equipment receives equipment description information sent by a server when the server determines that the terminal equipment meets the preset conditions according to the identity verification information; and storing the device description information into a storage space of the terminal device. The networking of the terminal equipment is used as the basis for the user to use the terminal equipment, so that the terminal equipment automatically applies for the equipment description information from the server only when the terminal equipment is really used, the automatic burning of the equipment description information into the terminal equipment is realized, and the problem of equipment description information waste caused by the fact that the equipment description information is burnt into the terminal equipment in advance but the terminal equipment is not used subsequently is solved.

Description

Information acquisition method, device, equipment and system
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a method, an apparatus, a device, and a system for acquiring information.
Background
Although the internet of things industry is developed vigorously at present, the internet of things standards pushed by various internet of things platforms are different, and the standards all require that equipment description information corresponding to the internet of things platform is put into terminal equipment of the internet of things.
At present, after a certain manufacturer produces a terminal device, the manufacturer applies for purchasing device description information from a certain internet of things platform, and then relevant staff of the manufacturer stores (or records) the purchased device description information into the corresponding terminal device, and finally, the terminal device with the device description information recorded in the recording manner is sold to a user for use.
Disclosure of Invention
Embodiments of the present invention provide an information obtaining method, apparatus, device, and system, which can implement automatic burning of device description information into a terminal device, and can avoid waste of the device description information.
In a first aspect, an embodiment of the present invention provides an information obtaining method, applied to a terminal device, including:
responding to the networking operation of the terminal equipment, and sending a first access request to a server, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
receiving equipment description information sent by the server when the server determines that the terminal equipment meets the preset condition according to the identity authentication information;
and storing the device description information into a storage space of the terminal device.
In a second aspect, an embodiment of the present invention provides an information obtaining apparatus, located in a terminal device, including:
the sending module is used for responding to the networking operation of the terminal equipment and sending a first access request to a server, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
the receiving module is used for receiving equipment description information sent by the server when the server determines that the terminal equipment meets the preset condition according to the identity authentication information;
and the storage module is used for storing the device description information into a storage space of the terminal device.
In a third aspect, an embodiment of the present invention provides a terminal device, where the terminal device includes a first processor and a first memory, where the first memory stores an executable code, and when the executable code is executed by the first processor, the first processor is caused to execute the information acquisition method in the first aspect.
An embodiment of the present invention provides a non-transitory machine-readable storage medium, on which an executable code is stored, and when the executable code is executed by a processor of a terminal device, the processor is caused to execute the information acquisition method in the first aspect.
In a fourth aspect, an embodiment of the present invention provides an information obtaining method, which is applied to a server, and the method includes:
receiving a first access request sent by terminal equipment, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
and if the terminal equipment is determined to meet the preset conditions according to the identity authentication information, sending equipment description information to the terminal equipment so that the terminal equipment stores the equipment description information into a storage space of the terminal equipment.
In a fifth aspect, an embodiment of the present invention provides an information acquiring apparatus, located in a server, including:
the terminal equipment comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving a first access request sent by the terminal equipment, and the first access request comprises identity authentication information corresponding to the terminal equipment;
the determining module is used for determining whether the terminal equipment meets a preset condition or not according to the identity authentication information;
and the sending module is used for sending the equipment description information to the terminal equipment if the determining module determines that the terminal equipment meets the preset condition, so that the terminal equipment stores the equipment description information into the storage space of the terminal equipment.
In a sixth aspect, an embodiment of the present invention provides a server, including a second processor and a second memory, where the second memory stores executable code thereon, and when the executable code is executed by the second processor, the second processor is caused to execute the information acquisition method in the fourth aspect.
An embodiment of the present invention provides a non-transitory machine-readable storage medium, on which executable code is stored, and when the executable code is executed by a processor of a server, the processor is caused to execute the information acquisition method in the fourth aspect.
In a seventh aspect, an embodiment of the present invention provides an information acquisition system, including:
a terminal device and a server;
the terminal device is used for responding to the networking operation of the terminal device and sending a first access request to the server, wherein the first access request comprises identity authentication information corresponding to the terminal device; storing the device description information sent by the server into a storage space of the terminal device;
and the server is used for sending equipment description information to the terminal equipment if the terminal equipment is determined to meet the preset condition according to the identity authentication information.
In the embodiment of the invention, if the user networks the terminal equipment, the user really uses the terminal equipment, and at the moment, the terminal equipment is triggered to log in the platform of the internet of things, namely the server. Specifically, the terminal device sends an access request (referred to as a first access request for distinction) to the server, where the first access request includes authentication information corresponding to the terminal device. Therefore, when the server receives the first access request, whether the terminal equipment meets the preset condition or not can be determined according to the identity authentication information, namely whether the terminal equipment is effective or not, if the terminal equipment meets the preset condition, equipment description information is distributed to the terminal equipment, and the equipment description information is sent to the terminal equipment. The terminal equipment stores the received equipment description information into the storage space of the terminal equipment. Therefore, the terminal equipment automatically applies for the equipment description information to the server only when the terminal equipment is actually used, so that the automatic burning of the equipment description information into the terminal equipment is realized, and the problem of equipment description information waste caused by the fact that the equipment description information is burnt into the terminal equipment in advance but the terminal equipment is not used subsequently is solved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of an operation process of an information acquisition system according to an embodiment of the present invention;
fig. 2 is a schematic diagram of another working process of the information acquisition system according to the embodiment of the present invention;
fig. 3 is a schematic diagram of still another operation process of the information acquisition system according to the embodiment of the present invention;
fig. 4 is a schematic structural diagram of an information acquisition apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a terminal device corresponding to the information acquisition apparatus provided in the embodiment shown in fig. 4;
fig. 6 is a schematic structural diagram of another information acquisition apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a server corresponding to the information acquisition apparatus provided in the embodiment shown in fig. 6.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well. "plurality" generally includes at least two unless the context clearly dictates otherwise.
The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrases "if determined" or "if detected (a stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when detected (a stated condition or event)" or "in response to a detection (a stated condition or event)", depending on the context.
It is also noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a good or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such good or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a commodity or system that includes the element.
In addition, the sequence of steps in each method embodiment described below is only an example and is not strictly limited.
Before the information acquisition method provided by the embodiment of the present invention is introduced, the device description information mentioned herein is introduced.
The device description information, which may also be referred to as device attribute information, serves to identify the terminal device. In general, device description information can be divided into three categories: the device comprises a first parameter (also called a device self parameter) for uniquely identifying the terminal device, a second parameter (also called a device manufacturer parameter) for uniquely identifying the manufacturer to which the terminal device belongs, and a third parameter (also called a device category parameter) for uniquely identifying the product category to which the terminal device belongs.
Wherein the second parameter is the equipment manufacturer parameter: various terminal devices made by the same manufacturer have the same device manufacturer parameters, and therefore, the device manufacturer parameters are used to uniquely characterize a certain manufacturer. Device vendor parameters may include, for example, vendor identification, vendor key, etc.
The third parameter, i.e. the device category parameter: terminal devices of the same category from the same manufacturer have the same device category parameters, and therefore the device category parameters are used to uniquely describe a device category. The device category parameter may include, for example, a product category identifier, a key corresponding to the product category, and the like.
The first parameter, the device own parameter: to uniquely describe a terminal device, even different terminal devices of the same category, produced by the same manufacturer, will have different device parameters. The device-own information may include, for example, a serial number, a device key, a MAC address, and the like.
As can be seen from the above meanings of the various parameters, for the second parameter, since all the terminal devices produced by one manufacturer need to burn the same second parameter, and there is no need to distinguish the specific terminal devices, the burning operation is relatively easy and efficient. For the third parameter, only different types of terminal equipment need to be distinguished, and burning is relatively easy. However, for the first parameter, since each terminal device needs to be distinguished, the first parameters to be burned by different terminal devices are different, and the operation is not easy and errors are easy to occur. Therefore, optionally, the information obtaining method herein may be applied to a scenario in which the first parameter is burned into the terminal device. Of course, the information obtaining method herein may also be applicable to a scenario in which the second parameter and the third parameter are burned into the terminal device.
In addition, through research and study of the inventor, at present, before many terminal devices are actually used, relevant personnel of device manufacturers already burn device description information required by each terminal device into the terminal devices. If some of the terminal devices are not actually used subsequently, for example, they are not sold, or the device is damaged and unusable due to some unexpected reason, the device description information burned in advance will be wasted. On one hand, the device description information is purchased by a manufacturer from the internet of things platform, and if the device description information is not used finally, the cost of the manufacturer is wasted, on the other hand, the device description information is also generated by the internet of things platform, and the generation of the device description information will consume the computing resources, the storage resources and the like of the internet of things platform, and if the device description information is not used finally, the resource waste of the internet of things platform will be caused.
Therefore, the embodiment of the invention provides a solution for automatically burning the device description information to the terminal device at a proper time.
Fig. 1 is a schematic diagram of an operation process of an information acquisition system according to an embodiment of the present invention, and as shown in fig. 1, the information acquisition system includes: terminal equipment and server.
In order to realize the burning of the device description information of the terminal device, an optional working process of the terminal device and the server includes:
in step s1, in response to the networking operation of the terminal device, the terminal device sends a first access request to the server, where the first access request includes authentication information corresponding to the terminal device. In step s2, if the server determines that the terminal device meets the preset condition according to the authentication information, the server sends device description information to the terminal device. In step s3, the terminal device stores (or burns) the device description information sent by the server into the storage space of the terminal device.
The terminal device is a device which needs to be entered with device description information, and can be an internet of things terminal device such as a sensor, an intelligent wearable device and an intelligent home device. The terminal equipment can be used only by networking in the using process.
The server may be located in the cloud. The server should be understood as a generic term, which is a generic term for a device that provides device description information and assists the terminal device to burn the device description information.
After the terminal device is produced, a manufacturer corresponding to the terminal device (i.e., a manufacturer producing the terminal device) can sell the terminal device to a user (i.e., a consumer). When the user uses the terminal devices, the terminal devices need to be connected to the network first. For example, before an intelligent audio device in a home environment is used, a user needs to access the intelligent audio device to a home wireless network.
Therefore, in the embodiment of the present invention, the connection and network access of the terminal device is taken as a basis for the user to really use the terminal device, when the terminal device is successfully networked, the terminal device is triggered to execute a process of applying device description information to the server to burn the device description information into the storage space of the terminal device, and the first step of the process is to send the first access request to the server.
In an optional embodiment, the authentication information may be obtained by:
the manufacturer corresponding to the terminal device (i.e. the manufacturer producing the terminal device) may store some manufacturer-defined information into the terminal device in advance, where the manufacturer-defined information may include, for example, a key (referred to as a first key for distinguishing from other keys mentioned later) and other preset information defined by the manufacturer. The preset information may be, for example, the name of the manufacturer, or even a string of randomly generated characters. Of course, the vendor-defined information may also include encryption/decryption algorithm information corresponding to the first key. Therefore, based on a first secret key and preset information, which are stored in the terminal device and generated in advance by a manufacturer of the terminal device, the terminal device can encrypt the preset information according to the first secret key to obtain identity verification information corresponding to the terminal device.
It should be noted that, in order to implement the identity verification of the terminal device, after the manufacturer stores the manufacturer-defined information into the terminal device, the manufacturer-defined information may also be uploaded to the server. For example, when the vendor-defined information includes the first key and the preset information, the first key and the preset information may be further transmitted to the server by the terminal device or other management device of the vendor.
It can be understood that, when a certain manufacturer produces a plurality of terminal devices of the same or different types, the manufacturer may store the same manufacturer-defined information in all the generated terminal devices, so that the server may perform authentication on all the terminal devices generated by the manufacturer based on the manufacturer-defined information. At this time, the server verifies the identity of a certain terminal device, mainly to verify whether the terminal device is a terminal device of a valid manufacturer, and the validity of the manufacturer is determined by whether manufacturer self-defined information corresponding to the manufacturer is stored in the server.
Based on this, after the terminal device encrypts the preset information according to the first key stored in the terminal device to obtain the authentication information, the terminal device may send a first access request at least including the authentication information to the server.
Optionally, in order to facilitate identity verification of the terminal device, the first access request may further include a manufacturer name corresponding to the terminal device, where the manufacturer name may be a part of manufacturer-defined information. Therefore, when the server receives the first access request, the identity verification information and the manufacturer name are obtained through analysis, and then the manufacturer self-defined information (called target manufacturer self-defined information for convenient description) corresponding to the current terminal equipment can be found from the stored manufacturer self-defined information corresponding to a plurality of manufacturers according to the manufacturer name. And then, finding the first secret key from the target manufacturer self-defined information, and decrypting the identity verification information contained in the first access request by using the first password to obtain the encrypted preset information. And comparing whether the preset information contained in the target manufacturer custom information is the same as the preset information obtained by decryption, if so, the terminal equipment passes the identity verification, and the terminal equipment is proved to meet the preset conditions.
Optionally, the first access request may not include a manufacturer name, and at this time, the server may sequentially decrypt the authentication information in the first access request by using the keys included in the locally stored manufacturer-defined information to find a key that can successfully decrypt the authentication information, and then verify the preset information in the authentication information according to the manufacturer-defined information corresponding to the key.
When the server determines that the terminal device meets the preset condition, the server may allocate device description information to the terminal device and send the allocated device description information to the terminal device.
According to the foregoing description of the division of the device description information, the device description information may include any of the following parameters: the first parameter is used for uniquely identifying the terminal device, the second parameter is used for uniquely identifying a manufacturer to which the terminal device belongs, and the third parameter is used for uniquely identifying a product category to which the terminal device belongs. That is, the terminal device may obtain one or more of the first parameter, the second parameter, and the third parameter from the server in the execution flow shown in fig. 1.
It should be noted that, when the device description information is the second parameter, all terminal devices produced by the same manufacturer should be assigned with the same second parameter, that is, when different terminal devices produced by the same manufacturer access the server to apply for the device description information from the server, the server should feed back the same second parameter. To achieve this effect, as described above, the vendor defined information stored in the terminal device and the server may include a vendor name, and after the server allocates a second parameter corresponding to a vendor name for the first time, the server stores a corresponding relationship between the vendor name and the second parameter, so that each terminal device corresponding to the vendor name may obtain the same second parameter from the server subsequently.
Similarly, for the third parameter, the vendor defined information stored in the terminal device and the server may include not only a vendor name but also a product category name, so that, after the server allocates the third parameter corresponding to a certain product category under a certain vendor name for the first time, the corresponding relationship between the vendor name and the product category and the third parameter is saved, so that each terminal device corresponding to the vendor name and the product category may obtain the same third parameter from the server subsequently.
It should be noted that although the manufacturer name and the product category name can identify the manufacturer and the product category, the manufacturer identification, the product category identification and the serial number in the above parameters should be understood as a character string of the difference generated by the server according to a certain set algorithm. Similarly, the vendor key, the key corresponding to the product category, and the device key are also keys that are different from each other and generated by the server according to a set key generation algorithm. The generated character string and key are used as the first parameter, the second parameter, and the third parameter, and are set by the manufacturer. For example, if a manufacturer wants to burn a second parameter for each terminal device produced by the manufacturer, the relevant information representing that the second parameter needs to be applied for may be written in each terminal device, so that the first access request sent by the terminal device to the server may carry the relevant information.
In summary, according to the above scheme, the terminal device automatically applies for the device description information from the server only when the terminal device is actually used, so that automatic burning of the device description information into the terminal device is achieved, and the problem of device description information waste caused by burning of the device description information into the terminal device in advance but subsequent non-use of the terminal device is avoided. Moreover, when the terminal device applies for the device description information from the server, the server needs to verify the identity of the terminal device, and the security of the device description information distribution is ensured in the process of verifying the identity.
FIG. 2 is a schematic diagram of another operation process of the information acquisition system according to the embodiment of the present invention, such as
As shown in fig. 2, the following steps may be included:
201. and the manufacturer writes the first secret key generated by the manufacturer, preset information customized by the manufacturer and the applied second parameter into the terminal equipment.
The meaning of the first key and the preset information can be referred to the description in the foregoing embodiments.
In this embodiment, it is assumed that a second parameter for uniquely identifying a manufacturer to which the terminal device belongs has been burned in the terminal device, or a third parameter for uniquely identifying a product category to which the terminal device belongs has been burned in the terminal device. In fig. 2, for example, the second parameter is burned in the terminal device, and it can be understood that the second parameter may be replaced by a third parameter.
As described above, the same second parameter is burned into all the terminal devices produced by the same manufacturer, and the related staff of the manufacturer does not need to distinguish the terminal devices, so that the burning of the second parameter is easier to implement. Similarly, the same third parameter is burned in the terminal devices of the same product category produced by the same manufacturer, and the related staff of the manufacturer does not need to distinguish the terminal devices of the same product category, so that the burning of the third parameter is easier to realize. Therefore, the burning of the second parameter and the third parameter can be realized by adopting a traditional scheme, namely, the second parameter or the third parameter can be manually burned into the terminal equipment when the terminal equipment leaves a factory. Moreover, since the second parameter and the third parameter are shared by a plurality of terminal devices, even if some terminal devices are not actually used in the end, the cost loss is not large.
Based on this, in this embodiment, the terminal device applies for the device description information from the server, which means that the first parameter for uniquely identifying the terminal device itself is obtained from the server. That is, the terminal device may apply for obtaining the first parameter according to the scheme provided in this embodiment, and burn the first parameter into its own storage space, such as a flash.
202. And the manufacturer sends the first key and preset information customized by the manufacturer to the server.
203. Responding to the networking operation of the terminal equipment, the terminal equipment sends a first access request to the server, wherein the first access request comprises a ciphertext obtained by encrypting the preset information according to the first key.
204. And the server decrypts the ciphertext according to the first secret key to obtain preset information, and if the preset information obtained through decryption exists locally, the terminal equipment is determined to meet the preset condition.
The execution process of steps 202 and 204 can refer to the description in the foregoing embodiments, which are not described herein. Through the steps, whether the terminal device is an effective device belonging to a certain manufacturer is verified, however, when the second parameter or the third parameter is stored in the terminal device, in view of security, whether the second parameter or the third parameter burnt in the terminal device meets the preset condition, that is, whether the second parameter or the third parameter is effective can be further verified, which is equivalent to further identity verification of the terminal device, and the verification process is shown in the following steps.
205. And the server sends authentication information indicating that the terminal equipment passes the identity verification to the terminal equipment.
When the server decrypts the ciphertext contained in the first access request to obtain the preset information and determines that the preset information exists locally, the server may feed back the authentication information to the terminal device to trigger the terminal device to perform the subsequent steps.
206. And the terminal equipment sends a second access request to the server according to the second parameter.
207. And if the server determines that the second parameter meets the preset condition, the server allocates the first parameter.
Taking the example that the terminal device has been burned with the second parameter, after receiving the authentication information, the terminal device may send a second access request to the server according to the second parameter. Wherein the purpose of sending the second access request is to: and the server verifies the validity of the second parameter and distributes the first parameter to the terminal equipment when the second parameter is determined to meet the preset condition. And if the second parameter meets the preset condition, the validity verification is passed.
In order to implement validity verification of the second parameter, optionally, after receiving the authentication information, the terminal device may generate a second key according to a certain key generation algorithm, and may further send the generated second key to the server.
Alternatively, the second key may correspond to a symmetric encryption algorithm, and may also correspond to an asymmetric encryption algorithm. It will be appreciated that when a symmetric encryption algorithm is employed, the same second key is stored in the terminal device and the server. When the asymmetric encryption algorithm is adopted, the second key may be considered to include a public key and a private key, the private key is stored in the terminal device, and the public key is sent to the server.
In addition, it should be noted that, when the server performs authentication on the terminal device based on the first access request sent by the terminal device, the server may obtain network information such as an IP address and a port number of the terminal device, and may use the IP address and the port number as an identifier of the terminal device, so that when receiving the second key, the IP address and the port number of the terminal device may be stored in correspondence with the second key to distinguish the second keys generated by different terminal devices.
In an optional manner, since the second parameter burned into the terminal device is also distributed by the server, the server may also store the second parameter. Based on this, the terminal device sends the second access request to the server according to the second parameter, which may be: and the terminal equipment encrypts the second parameter by adopting a second key, and sends the encrypted ciphertext carried in the second access request to the server. The server queries a corresponding second key according to the IP address and the port number of the terminal device, decrypts the ciphertext by using the queried second key to obtain an encrypted second parameter, further determines whether the decrypted second parameter exists in a second parameter distribution record stored locally, and if so, indicates that the second parameter meets a preset condition.
Since the second parameter may include information such as a manufacturer identifier and a manufacturer key, and the information such as the manufacturer key information is relatively sensitive information, to ensure the security of the sensitive information, the second key may be used to encrypt non-sensitive information such as the manufacturer identifier in the second parameter.
In another optional manner, the terminal device sends the second access request to the server according to the second parameter, and may further be implemented as:
the terminal equipment carries out digital signature processing on a second parameter stored in the terminal equipment according to a second secret key so as to obtain first signature information;
and the terminal equipment sends a second access request to the server, wherein the second access request comprises a second secret key, first signature information and a second parameter subjected to digital signature.
In this way, the server determines that the second parameter subjected to digital signature meets the preset condition when determining that the first signature information passes the signature verification according to the received second key.
Taking the example that the second secret key includes a public key and a private key, the terminal device performs digital signature processing on the second parameter according to the second secret key, which means that the terminal device performs digital signature processing on the second parameter by using the private key. Correspondingly, the server checks the first signature information according to the received second secret key, which means that the server checks the first signature information according to the received public key.
It should be noted that, after generating the second secret key, such as the public key and the private key, the terminal device may immediately send the public key to the server, so that at this time, the second access request carries the first signature information and the digitally signed second parameter. Of course, the terminal device may also carry the generated second key, such as the public key, with the second access request to send to the server when sending the second access request.
Taking the example that the second secret key includes a private key and a public key, the process of performing digital signature processing on the second parameter by the terminal device may optionally be implemented as: the terminal device performs hash operation on the second parameter by using a set hash algorithm to obtain a hash value (assumed to be hash1), and then encrypts the hash1 by using a private key to obtain first signature information. Therefore, after receiving the second access request including the public key, the first signature information and the second parameter, the server may decrypt the first signature information using the public key to obtain a hash1, perform hash operation on the received second parameter according to the set hash algorithm to obtain a hash value (assumed to be hash2), compare the hash1 obtained by decryption with the hash2 obtained by calculation, and if the two are consistent, indicate that the second parameter meets the preset condition.
It will be appreciated that, as described above with respect to the description that the second parameter may contain sensitive information such as a vendor key, in this alternative, only non-sensitive information in the second parameter may be digitally signed.
It should be noted that the digital signature process may further include auxiliary information such as a random number and a timestamp generated by the terminal device in addition to the second parameter, that is, the terminal device may perform a hash operation on a concatenation result of the second parameter, the random number, and the timestamp.
When the server determines that the second parameter meets the preset condition through the method, the validity of the terminal device is further confirmed, and the first parameter can be allocated to the terminal device at this time.
208. And the server sends the first parameter to the terminal equipment.
209. And burning the first parameter into a storage space of the terminal equipment by the terminal equipment.
In this embodiment, the identity of the terminal device is accurately verified in combination with the information customized by the manufacturer of the terminal device and the second parameter or the third parameter that has been burned into the terminal device, so as to ensure that the allocated first parameter is actually allocated to the valid terminal device.
After burning the device description information, such as the first parameter, into the terminal device, in order to enable the server to monitor and manage the use condition of the terminal device, the terminal device needs to log on the server, so that data generated in the subsequent terminal device operation process can be uploaded to the server for storage, analysis, monitoring and the like.
On the basis of the embodiment shown in fig. 1 or fig. 2, when the server allocates the device description information to the terminal device, a process of the terminal device logging in the server based on the burned device description information may be as shown in fig. 3.
In the exemplary embodiment shown in fig. 3, it is shown that the terminal device is assigned a first parameter in the manner of the exemplary embodiment shown in fig. 2, so that the terminal device can log in to the server on the basis of the first parameter. It will be appreciated, however, that,
the process of logging in the server based on the first parameter in the embodiment shown in fig. 3 may also be applied to the embodiment shown in fig. 1, only when the terminal device needs to log in the server based on the device description information (which may be the first parameter, the second parameter, or the third parameter) obtained from the server.
FIG. 3 is a schematic diagram of another operation process of the information acquisition system according to the embodiment of the present invention, such as
As shown in fig. 3, the following steps may be included:
301. and the manufacturer writes the first secret key generated by the manufacturer, preset information customized by the manufacturer and the applied second parameter into the terminal equipment.
302. And the manufacturer sends the first key and preset information customized by the manufacturer to the server.
303. Responding to the networking operation of the terminal equipment, the terminal equipment sends a first access request to the server, wherein the first access request comprises a ciphertext obtained by encrypting the preset information according to the first key.
304. And the server decrypts the ciphertext according to the first secret key to obtain preset information, and if the preset information obtained through decryption exists locally, the terminal equipment is determined to meet the preset condition.
305. And the server sends authentication information indicating that the terminal equipment passes the identity verification to the terminal equipment.
306. And the terminal equipment sends a second access request to the server according to the second parameter.
307. And if the server determines that the second parameter meets the preset condition, the server allocates the first parameter.
308. And the server sends the first parameter to the terminal equipment.
309. And burning the first parameter into a storage space of the terminal equipment by the terminal equipment.
310. And the terminal equipment sends a third access request to the server according to the first parameter.
311. The server establishes a communication connection with the terminal device when determining that the third access request is valid.
The third access request corresponds to the behavior of the terminal device to log in the server based on the first parameter. Similarly to the terminal device sending the second access request to the server according to the second parameter, optionally, the terminal device sending the third access request to the server according to the first parameter may be implemented as:
the terminal equipment generates a third key, performs digital signature processing on the first parameter according to the third key to obtain second signature information, and sends a third access request to the server, wherein the third access request comprises the third key, the second signature information and the first parameter.
Similar to the second key, when the third key is generated by using an asymmetric encryption algorithm, the third key includes a public key and a private key, the private key is stored locally in the terminal device, and the public key is transmitted to the server.
Based on this, after receiving the third access request, the server verifies the second signature information according to the received third secret key (for example, a public key), and if the verification passes, it indicates that the first parameter meets the preset condition, and it is determined that the third access request is valid. The acquisition process and the signature verification process of the second signature information can be implemented by referring to the acquisition and signature verification process of the first signature information.
When the server determines that the third access request is valid, a communication connection with the terminal device is established and maintained, so that data generated in the subsequent operation process of the terminal device can be transmitted to the server based on the communication connection.
In another optional embodiment, after the server assigns the first parameter, the server may further start a timer window of a preset duration, where the timer window is used to: and after the terminal equipment is limited to obtain the first parameter, the login behavior is considered to be effective only when the terminal equipment logs in the server within the time length range of the timing window. Based on this, if the server receives the third access request within a preset time period (i.e. within the above-mentioned time-counting window) after the server sends the first parameter to the terminal device, and determines that the second signature information in the third access request passes the signature verification according to the third key, it is determined that the third access request is valid.
Conversely, if the receiving time of the third access request exceeds the time range defined by the timing window, or the second signature information does not pass the signature verification, both the receiving time and the receiving time indicate that the third access request is invalid, at this time, the server may send a notification message to the terminal device to notify the terminal device to delete the burned first parameter. The terminal device deletes the burned first parameter based on the notification message, and then may resend the second access request to the server to trigger the server to redistribute the first parameter to the terminal device, where the redistributed first parameter may be the same as or different from the previously distributed first parameter.
In the above embodiments, the setting of the timer window is also a protection mechanism for the cost expenditure of the manufacturer. Specifically, a terminal device produced by a manufacturer acquires device description information from a server, and the manufacturer pays for the device description information. However, according to the design of the timer window in the above embodiment, if the terminal device fails to successfully log in the server within the time limit range of the timer window, the server will not charge the device description information allocated to the terminal device. This means that the server charges for the device description information only if the terminal device actually uses the device description information assigned by the server.
The server mentioned in the above embodiments is a service node located in the cloud for managing the terminal devices of the internet of things (i.e., the terminal devices mentioned above). In general, however, the management of the terminal device can be divided into two levels: the control plane may include, for example, various authentication processes as described above, and the data plane may include, for example, storage, analysis, and other processing of data generated during operation of the terminal device.
Based on this, the server can be implemented as a whole device integrating the control plane and the data plane, or as an independent node corresponding to the control plane and the data plane, respectively.
When the server is implemented as a whole device integrating the control plane and the data plane, the working process of the server is as shown in the foregoing embodiments.
When the servers are implemented as independent nodes corresponding to the control plane and the data plane, respectively, the node corresponding to the control plane is referred to as a control server and the node corresponding to the data plane is referred to as a data server. At this time, in
For the embodiment shown in fig. 3, the server mentioned in step 301-308 is a control server, and the server mentioned in step 310 is a data server. Of course, it is understood that the server that starts the timing window is also the control server. Thus, based on the embodiment shown in fig. 3, in the process of determining the validity of the third access request, the coordination between the control server and the data server is required, which is specifically embodied as follows:
the terminal device sends the third access request to the data server according to the first parameter, and the data server determines whether the first parameter corresponding to the third access request is valid, that is, as described above, the data server may check the second signature information according to the third key to determine whether the first parameter is valid.
And if the data server determines that the first parameter is valid, sending a notification message to the control server to notify that the first parameter is valid. At this time, the control server determines whether the timing window corresponding to the first parameter is closed, that is, whether the preset time period has ended, and if not, sends a notification message to the data server to notify that the timing window corresponding to the first parameter is not closed, and at this time, the data server determines that the third access request is valid, and establishes and maintains the communication connection with the terminal device. Otherwise, if the control server determines that the timing window corresponding to the first parameter is closed, a notification message is sent to the data server to inform that the timing window corresponding to the first parameter is closed, and at this time, the data server sends a notification message to the terminal device to inform that the terminal device deletes the burned first parameter.
And if the data server determines that the first parameter is invalid, sending a notification message to the terminal device to inform the terminal device of deleting the burned first parameter.
The information acquisition apparatus of one or more embodiments of the present invention will be described in detail below. Those skilled in the art will appreciate that these information acquisition means can be constructed by configuring the steps taught in the present embodiment using commercially available hardware components.
Fig. 4 is a schematic structural diagram of an information obtaining apparatus according to an embodiment of the present invention, where the information obtaining apparatus is located in a terminal device. As shown in fig. 4, the apparatus includes: a sending module 11, a receiving module 12 and a storage module 13.
The sending module 11 is configured to send a first access request to a server in response to a networking operation of a terminal device, where the first access request includes authentication information corresponding to the terminal device.
A receiving module 12, configured to receive device description information sent by the server when it is determined that the terminal device meets a preset condition according to the identity verification information.
A storage module 13, configured to store the device description information in a storage space of the terminal device.
Optionally, the terminal device stores a first key and preset information, which are generated in advance by a manufacturer of the terminal device. The sending module 11 may further be configured to: and sending the first key and the preset information to the server. The information acquisition device may further include: and the processing module is used for encrypting the preset information according to the first secret key to obtain the identity authentication information, so that the server determines that the terminal equipment meets a preset condition when the server decrypts the preset information according to the obtained first secret key and finds that the preset information is locally stored.
Optionally, the device description information includes any one of the following parameters: the first parameter is used for uniquely identifying the terminal equipment, the second parameter is used for uniquely identifying a manufacturer to which the terminal equipment belongs, and the third parameter is used for uniquely identifying a product category to which the terminal equipment belongs.
In an optional embodiment, the device description information is the first parameter, and the terminal device stores the second parameter or the third parameter. At this time, the sending module 11 may be further configured to: and sending a second access request to the server according to the second parameter or the third parameter so that the server determines whether the second parameter or the third parameter meets a preset condition.
Optionally, to implement sending of the second access request, the processing module may be further configured to: generating a second key; and performing digital signature processing on the second parameter or the third parameter stored in the terminal equipment according to the second key to obtain first signature information. Therefore, a second access request is sent to the server through the sending module 11, where the second access request includes the second key, the first signature information, and the second parameter or the third parameter subjected to digital signature, so that the server determines that the second parameter or the third parameter subjected to digital signature meets a preset condition when determining that the first signature information passes signature verification according to the second key.
In an optional embodiment, the sending module may be further configured to: and sending a third access request to a server according to the device description information so that the server establishes communication connection with the terminal device when determining that the third access request is valid.
Optionally, to implement sending of the second access request, the processing module may be further configured to: generating a third key; and performing digital signature processing on the device description information according to the third key to obtain second signature information. Thus, the third access request is sent to the server through the sending module 11, and the third access request includes the third key, the second signature information, and the device description information. And if the server receives the third access request within a preset time period after the device description information is sent to the terminal device, and the server determines that the second signature information passes signature verification according to the third key, the server determines that the third access request is valid.
The apparatus shown in fig. 4 may execute the method executed by the terminal device in the foregoing embodiments, and for parts not described in detail in this embodiment, reference may be made to the related description of the foregoing embodiments, which is not described herein again.
In one possible design, the structure of the information acquiring apparatus shown in fig. 4 may be implemented as a terminal device, and the terminal device may be, for example, a sensor, a smart home device, a wearable device, and other internet of things devices. As shown in fig. 5, the terminal device may include: a first processor 21, a first memory 22. Wherein the first memory 22 has stored thereon executable code which, when executed by the first processor 21, causes at least the first processor 21 to carry out the steps of:
responding to the networking operation of the terminal equipment, and sending a first access request to a server, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
receiving equipment description information sent by the server when the server determines that the terminal equipment meets the preset condition according to the identity authentication information;
and storing the device description information into a storage space of the terminal device.
The structure of the terminal device may further include a first communication interface 23, which is used for the terminal device to communicate with other devices or a communication network.
In addition, an embodiment of the present invention provides a non-transitory machine-readable storage medium, on which executable code is stored, and when the executable code is executed by a processor of a terminal device, the processor is caused to execute the steps executed by the terminal device in the foregoing embodiments.
Fig. 6 is a schematic structural diagram of another information acquiring apparatus according to an embodiment of the present invention, which is located in a server, and as shown in fig. 6, the apparatus includes: a receiving module 31, a determining module 32, and a sending module 33.
The receiving module 31 is configured to receive a first access request sent by a terminal device, where the first access request includes identity authentication information corresponding to the terminal device.
And the determining module 32 is configured to determine whether the terminal device meets a preset condition according to the identity authentication information.
A sending module 33, configured to send device description information to the terminal device if the determining module 32 determines that the terminal device meets the preset condition, so that the terminal device stores the device description information in a storage space of the terminal device.
Optionally, the receiving module 31 may be further configured to: and receiving a first key and preset information sent by the terminal equipment, wherein the first key and the preset information are generated in advance by a manufacturer of the terminal equipment. The determining module 32 may specifically be configured to: decrypting the authentication information according to the obtained first key to obtain the preset information, wherein the authentication information is a result of the terminal device encrypting the preset information according to the first key; and if the preset information is locally stored, determining that the terminal equipment meets the preset condition.
Wherein the device description information includes any one of the following parameters: the first parameter is used for uniquely identifying the terminal equipment, the second parameter is used for uniquely identifying a manufacturer to which the terminal equipment belongs, and the third parameter is used for uniquely identifying a product category to which the terminal equipment belongs.
In an optional embodiment, the device description information is the first parameter, and at this time, the receiving module 31 is further configured to: and receiving a second access request sent by the terminal device according to the stored second parameter or the stored third parameter. The determination module is further to: and determining whether the second parameter or the third parameter meets a preset condition.
In the process of receiving the second access request, the receiving module 31 may specifically be configured to: receiving the second access request sent by the terminal device, where the second access request includes a second key generated by the terminal device, first signature information, and the second parameter or the third parameter subjected to digital signature, and the first signature information is obtained by the terminal device performing digital signature processing on the second parameter or the third parameter stored in the terminal device according to the second key. In this case, the determining module 32 may specifically be configured to: and if the first signature information passes the signature verification according to the second key, determining that the second parameter or the third parameter meets the preset condition.
In an optional embodiment, the receiving module 31 may further be configured to: and receiving a third access request sent by the terminal equipment according to the equipment description information. The determination module 32 may be further configured to: determining whether the third access request is valid. At this time, the information acquisition apparatus further includes: a processing module, configured to establish a communication connection with the terminal device if the determining module 32 determines that the third access request is valid; and if the third access request is invalid, notifying the terminal equipment that the equipment description information is invalid so as to enable the terminal equipment to delete the equipment description information.
In the process of receiving the third access request, the receiving module 31 may specifically be configured to: receiving the third access request sent by the terminal device, where the third access request includes a third key, second signature information, and the device description information generated by the terminal device, and the second signature information is obtained by the terminal device performing digital signature processing on the device description information according to the third key. In this case, the determining module 32 may specifically be configured to: and if the third access request is received within a preset time period after the device description information is sent to the terminal device, and the second signature information passes the signature verification according to the third key, determining that the third access request is valid.
The apparatus shown in fig. 6 may execute the method executed by the server in the foregoing embodiments, and for parts not described in detail in this embodiment, reference may be made to the related description of the foregoing embodiments, which is not repeated herein.
In one possible design, the structure of the information acquisition apparatus shown in fig. 6 described above may be implemented as a server. As shown in fig. 7, the server may include: a second processor 41, a second memory 42. Wherein the second memory 42 has stored thereon executable code which, when executed by the second processor 41, causes at least the second processor 41 to carry out the steps of:
receiving a first access request sent by terminal equipment, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
and if the terminal equipment is determined to meet the preset conditions according to the identity authentication information, sending equipment description information to the terminal equipment so that the terminal equipment stores the equipment description information into a storage space of the terminal equipment.
The server may further include a second communication interface 43 for the server to communicate with other devices or a communication network.
Additionally, embodiments of the present invention provide a non-transitory machine-readable storage medium having stored thereon executable code, which, when executed by a processor of a server, causes the processor to perform the steps performed by the server in the foregoing embodiments.
The above-described apparatus embodiments are merely illustrative, wherein the units described as separate components may or may not be physically separate. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (20)

1. An information acquisition method is applied to a terminal device, and the method comprises the following steps:
responding to the networking operation of the terminal equipment, and sending a first access request to a server, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
receiving equipment description information sent by the server when the server determines that the terminal equipment meets the preset condition according to the identity authentication information;
and storing the device description information into a storage space of the terminal device.
2. The method according to claim 1, wherein the terminal device stores therein a first key and preset information previously generated by a manufacturer of the terminal device;
the method further comprises the following steps:
sending the first key and the preset information to the server;
and encrypting the preset information according to the first key to obtain the identity authentication information, so that the server determines that the terminal equipment meets a preset condition when decrypting according to the obtained first key to obtain the preset information and finding that the preset information is locally stored.
3. The method according to claim 1, wherein the device description information comprises any one of the following parameters: the first parameter is used for uniquely identifying the terminal equipment, the second parameter is used for uniquely identifying a manufacturer to which the terminal equipment belongs, and the third parameter is used for uniquely identifying a product category to which the terminal equipment belongs.
4. The method according to claim 3, wherein the device description information is the first parameter, and the terminal device stores the second parameter or the third parameter;
the method further comprises the following steps:
and sending a second access request to the server according to the second parameter or the third parameter so that the server determines whether the second parameter or the third parameter meets a preset condition.
5. The method of claim 4, wherein sending a second access request to the server according to the second parameter or the third parameter comprises:
generating a second key;
performing digital signature processing on the second parameter or the third parameter stored in the terminal device according to the second key to obtain first signature information;
and sending a second access request to the server, wherein the second access request comprises the second key, the first signature information and the second parameter or the third parameter subjected to digital signature, so that the server determines that the second parameter or the third parameter subjected to digital signature meets a preset condition when determining that the first signature information passes signature verification according to the second key.
6. The method according to any one of claims 1 to 5, further comprising:
and sending a third access request to a server according to the device description information so that the server establishes communication connection with the terminal device when determining that the third access request meets a preset condition.
7. The method of claim 6, wherein sending a third access request to a server according to the device description information comprises:
generating a third key;
performing digital signature processing on the device description information according to the third key to obtain second signature information;
sending the third access request to the server, wherein the third access request comprises the third key, the second signature information and the device description information;
and if the server receives the third access request within a preset time period after the device description information is sent to the terminal device, and the server determines that the second signature information passes the signature verification according to the third key, the server determines that the third access request meets a preset condition.
8. An information acquisition method, applied to a server, the method comprising:
receiving a first access request sent by terminal equipment, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
and if the terminal equipment is determined to meet the preset conditions according to the identity authentication information, sending equipment description information to the terminal equipment so that the terminal equipment stores the equipment description information into a storage space of the terminal equipment.
9. The method of claim 8, further comprising:
receiving a first key and preset information sent by the terminal equipment, wherein the first key and the preset information are generated in advance by a manufacturer of the terminal equipment;
decrypting the authentication information according to the obtained first key to obtain the preset information, wherein the authentication information is a result of the terminal device encrypting the preset information according to the first key;
and if the preset information is locally stored, determining that the terminal equipment meets the preset condition.
10. The method according to claim 8, wherein the device description information comprises any one of the following parameters: the first parameter is used for uniquely identifying the terminal equipment, the second parameter is used for uniquely identifying a manufacturer to which the terminal equipment belongs, and the third parameter is used for uniquely identifying a product category to which the terminal equipment belongs.
11. The method of claim 10, wherein the device description information is the first parameter, the method further comprising:
receiving a second access request sent by the terminal device according to the stored second parameter or the third parameter;
and determining whether the second parameter or the third parameter meets a preset condition.
12. The method of claim 11, wherein the receiving the second access request sent by the terminal device according to the stored second parameter or the third parameter comprises:
receiving the second access request sent by the terminal device, where the second access request includes a second key generated by the terminal device, first signature information, and the second parameter or the third parameter subjected to digital signature, and the first signature information is obtained by the terminal device performing digital signature processing on the second parameter or the third parameter stored in the terminal device according to the second key;
the determining whether the second parameter or the third parameter meets a preset condition includes:
and if the first signature information passes the signature verification according to the second key, determining that the second parameter or the third parameter meets the preset condition.
13. The method according to any one of claims 8 to 12, further comprising:
receiving a third access request sent by the terminal device according to the device description information;
determining whether the third access request is valid;
and if the third access request is valid, establishing communication connection with the terminal equipment.
14. The method of claim 13, further comprising:
and if the third access request is invalid, notifying the terminal equipment that the equipment description information is invalid so as to enable the terminal equipment to delete the equipment description information.
15. The method of claim 13, wherein the receiving the third access request sent by the terminal device according to the device description information comprises:
receiving the third access request sent by the terminal device, where the third access request includes a third key, second signature information and the device description information generated by the terminal device, and the second signature information is obtained by the terminal device performing digital signature processing on the device description information according to the third key;
the determining whether the third access request is valid comprises:
and if the third access request is received within a preset time period after the device description information is sent to the terminal device, and the second signature information passes the signature verification according to the third key, determining that the third access request is valid.
16. An information acquisition apparatus, located in a terminal device, comprising:
the sending module is used for responding to the networking operation of the terminal equipment and sending a first access request to a server, wherein the first access request comprises identity authentication information corresponding to the terminal equipment;
the receiving module is used for receiving equipment description information sent by the server when the server determines that the terminal equipment meets the preset condition according to the identity authentication information;
and the storage module is used for storing the device description information into a storage space of the terminal device.
17. A terminal device, comprising: a memory, a processor; wherein the memory has stored thereon executable code which, when executed by the processor, causes the processor to perform the information acquisition method of any one of claims 1 to 7.
18. An information acquisition apparatus, located in a server, comprising:
the terminal equipment comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving a first access request sent by the terminal equipment, and the first access request comprises identity authentication information corresponding to the terminal equipment;
the determining module is used for determining whether the terminal equipment meets a preset condition or not according to the identity authentication information;
and the sending module is used for sending the equipment description information to the terminal equipment if the determining module determines that the terminal equipment meets the preset condition, so that the terminal equipment stores the equipment description information into the storage space of the terminal equipment.
19. A server, comprising: a memory, a processor; wherein the memory has stored thereon executable code which, when executed by the processor, causes the processor to carry out the information acquisition method according to any one of claims 8 to 15.
20. An information acquisition system, comprising:
a terminal device and a server;
the terminal device is used for responding to the networking operation of the terminal device and sending a first access request to the server, wherein the first access request comprises identity authentication information corresponding to the terminal device; storing the device description information sent by the server into a storage space of the terminal device;
and the server is used for sending equipment description information to the terminal equipment if the terminal equipment is determined to meet the preset condition according to the identity authentication information.
CN201910133472.7A 2019-02-22 2019-02-22 Information acquisition method, device, equipment and system Active CN111611574B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910133472.7A CN111611574B (en) 2019-02-22 2019-02-22 Information acquisition method, device, equipment and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910133472.7A CN111611574B (en) 2019-02-22 2019-02-22 Information acquisition method, device, equipment and system

Publications (2)

Publication Number Publication Date
CN111611574A true CN111611574A (en) 2020-09-01
CN111611574B CN111611574B (en) 2023-11-17

Family

ID=72201905

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910133472.7A Active CN111611574B (en) 2019-02-22 2019-02-22 Information acquisition method, device, equipment and system

Country Status (1)

Country Link
CN (1) CN111611574B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112788150A (en) * 2021-01-25 2021-05-11 广东电网有限责任公司惠州供电局 Registration method, terminal device, block chain management screen platform and storage medium
CN112953893A (en) * 2021-01-26 2021-06-11 支付宝(杭州)信息技术有限公司 Identity verification method, device, equipment and system based on privacy protection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1691603A (en) * 2004-04-28 2005-11-02 联想(北京)有限公司 A method for implementing equipment group and intercommunication between grouped equipments
CN104065652A (en) * 2014-06-09 2014-09-24 韩晟 Method, device and system for identity verification and related device
CN106714075A (en) * 2015-08-10 2017-05-24 华为技术有限公司 Authorization processing method and equipment
CN107241339A (en) * 2017-06-29 2017-10-10 北京小米移动软件有限公司 Auth method, device and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1691603A (en) * 2004-04-28 2005-11-02 联想(北京)有限公司 A method for implementing equipment group and intercommunication between grouped equipments
US20070223398A1 (en) * 2004-04-28 2007-09-27 Lenovo (Beijing) Limited Method for Implementing Grouping Devices and Interacting Among Grouped Devices
CN104065652A (en) * 2014-06-09 2014-09-24 韩晟 Method, device and system for identity verification and related device
US20160205098A1 (en) * 2014-06-09 2016-07-14 Beijing Stone Sheild Technology Co., Ltd. Identity verifying method, apparatus and system, and related devices
CN106714075A (en) * 2015-08-10 2017-05-24 华为技术有限公司 Authorization processing method and equipment
CN107241339A (en) * 2017-06-29 2017-10-10 北京小米移动软件有限公司 Auth method, device and storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112788150A (en) * 2021-01-25 2021-05-11 广东电网有限责任公司惠州供电局 Registration method, terminal device, block chain management screen platform and storage medium
CN112953893A (en) * 2021-01-26 2021-06-11 支付宝(杭州)信息技术有限公司 Identity verification method, device, equipment and system based on privacy protection
CN112953893B (en) * 2021-01-26 2022-07-08 支付宝(杭州)信息技术有限公司 Identity verification method, device, equipment and system based on privacy protection

Also Published As

Publication number Publication date
CN111611574B (en) 2023-11-17

Similar Documents

Publication Publication Date Title
US20230043229A1 (en) Enhanced monitoring and protection of enterprise data
CN107579958B (en) Data management method, device and system
US8196186B2 (en) Security architecture for peer-to-peer storage system
US10454913B2 (en) Device authentication agent
CN108809953B (en) Anonymous identity authentication method and device based on block chain
CN104184713B (en) Terminal identification method, machine identifier register method and corresponding system, equipment
EP2963958B1 (en) Network device, terminal device and information security improving method
WO2016107333A1 (en) Device and system operating method for online activation of mobile terminal token
CN202795383U (en) Device and system for protecting data
US20190289059A1 (en) Cloud authenticated offline file sharing
CN107612889B (en) Method for preventing user information leakage
CN108289074B (en) User account login method and device
CN103716334A (en) Authentication method and system based on 802.1X protocol
CN106919850B (en) File encryption and decryption method and device
CN110519259B (en) Method and device for configuring communication encryption between cloud platform objects and readable storage medium
CN111611574B (en) Information acquisition method, device, equipment and system
CN111431957B (en) File processing method, device, equipment and system
CN111314269A (en) Address automatic allocation protocol security authentication method and equipment
CN109587134B (en) Method, apparatus, device and medium for secure authentication of interface bus
CN102916982A (en) Network equipment identity authentication method
CN108123917A (en) A kind of newer method and apparatus of the Service Ticket of internet-of-things terminal
CN105610667B (en) The method and apparatus for establishing Virtual Private Network channel
JP6056970B2 (en) Information processing apparatus, terminal, information processing system, and information processing method
CN114157470B (en) Token management method and device
WO2017219886A1 (en) Simple network protocol authentication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant