CN111865592A - Internet of things equipment fast access method and device, Internet of things platform and storage medium - Google Patents
Internet of things equipment fast access method and device, Internet of things platform and storage medium Download PDFInfo
- Publication number
- CN111865592A CN111865592A CN202010995373.2A CN202010995373A CN111865592A CN 111865592 A CN111865592 A CN 111865592A CN 202010995373 A CN202010995373 A CN 202010995373A CN 111865592 A CN111865592 A CN 111865592A
- Authority
- CN
- China
- Prior art keywords
- internet
- things equipment
- things
- identity
- piece
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Abstract
The application provides a method and a device for quickly accessing Internet of things equipment, an Internet of things platform and a storage medium, and the method comprises the following steps: establishing a metadata base related to a plurality of pieces of Internet of things equipment on an Internet of things gateway, writing a preset identity and an asymmetric key into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity, and the identity of each piece of Internet of things equipment corresponds to the asymmetric key one by one; acquiring a plurality of pieces of internet-of-things equipment metadata corresponding to the identity in each piece of internet-of-things equipment based on the identity in each piece of internet-of-things equipment and a metadata database; based on the plurality of asymmetric keys, encrypting the metadata of the internet of things equipment corresponding to the identity of each piece of internet of things equipment respectively to obtain a plurality of verification fingerprints corresponding to the identity in the internet of things equipment; each piece of Internet of things equipment decrypts the verification fingerprint corresponding to the identity in the piece of Internet of things equipment, judges whether the Internet of things gateway is legal or not, and provides a simple and efficient safe access mechanism.
Description
Technical Field
The application relates to the technical field of communication of the Internet of things, in particular to a method and a device for quickly accessing Internet of things equipment, an Internet of things platform and a storage medium.
Background
The concept of the internet of things is developed on the basis of the internet, the user side is extended and expanded to any article for information exchange and communication, the internet of things digitalizes the real world, and the application range is very wide.
Currently, there are some specific standards or actual standards in the aspect of internet of things protocol, such as Zigbee, Nb-Iot, MQTT, COAP, etc., but there is no systematic standard specification in the entire field of internet of things, for example, in the aspects of discovery and self-registration of internet of things devices, and due to differences in application scenarios, access networks, and access platforms, access and maintenance of each internet of things device are often complicated. On the one hand, when the internet of things equipment is accessed, the normal communication between the terminal and the access end can be realized only by configuring various parameters at the access terminal and the access end. When the equipment fails and is replaced by new equipment, the process needs to be repeated once, and the operation and maintenance difficulty and the possibility of errors are increased. On the other hand, a simple and efficient safe access mode is lacked between a plurality of internet of things terminals and the access end, some internet of things devices even do not consider safe access, and any device can be connected to the access end as long as the same connection protocol is adopted.
Disclosure of Invention
The application aims to provide a quick access method and device for Internet of things equipment, an Internet of things platform and a storage medium, which are used for effectively overcoming the technical defects that the configuration-free access terminal cannot be realized, the difficulty of installation, deployment, operation and maintenance is increased and a simple and efficient safe access mechanism is lacked in the prior art.
In a first aspect, an embodiment of the present application provides a method for quickly accessing internet of things devices, where the method is used for identifying and authenticating multiple internet of things devices to access an internet of things gateway, and the method includes: establishing a metadata base related to multiple pieces of Internet of things equipment on an Internet of things gateway, and writing a preset identity and an asymmetric key into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity, and the identity of each piece of Internet of things equipment corresponds to the asymmetric key one by one; acquiring a plurality of pieces of internet-of-things equipment metadata corresponding to the identity in each piece of internet-of-things equipment based on the identity in each piece of internet-of-things equipment and a metadata database; based on the plurality of asymmetric keys, respectively encrypting the metadata of the internet of things equipment corresponding to the identity in each piece of internet of things equipment to obtain a plurality of verification fingerprints corresponding to the identity in the internet of things equipment; and each piece of Internet of things equipment decrypts the verification fingerprint corresponding to the identity identifier in the piece of Internet of things equipment, judges whether the Internet of things gateway is legal or not, and starts data transmission if the Internet of things gateway is legal.
With reference to the first aspect, in a first possible implementation manner, establishing a metadata base related to a plurality of internet of things devices on an internet of things gateway, and writing a preset identity and an asymmetric key into each internet of things device includes: the method comprises the steps of establishing Internet of things equipment metadata related to each Internet of things equipment on an Internet of things gateway, wherein the Internet of things equipment metadata form a metadata base, and the Internet of things equipment metadata comprise: firmware information and a transmission protocol of the Internet of things equipment; respectively writing the unique identity corresponding to each piece of Internet of things equipment and the private key in the asymmetric key corresponding to the identity of the piece of Internet of things equipment one to one into the corresponding piece of Internet of things equipment, wherein the asymmetric key comprises: a public key and a private key, the private key having uniqueness.
With reference to the first possible implementation manner of the first aspect, in a second possible implementation manner, obtaining, based on the identity identifier and the metadata base in each internet of things device, a plurality of internet of things device metadata corresponding to the identity identifier in each internet of things device includes: and respectively sending the identity in each piece of Internet of things equipment to the Internet of things gateway, and respectively searching corresponding Internet of things equipment metadata in the metadata base by the Internet of things gateway according to the identity in each piece of Internet of things equipment to obtain a plurality of pieces of Internet of things equipment metadata corresponding to the identity in each piece of Internet of things equipment.
With reference to the second possible implementation manner of the first aspect, in a third possible implementation manner, based on a plurality of asymmetric keys, the method respectively encrypts internet-of-things device metadata corresponding to an identity identifier in each internet-of-things device to obtain a plurality of verification fingerprints corresponding to the identity identifier in the internet-of-things device, including: and encrypting the metadata of the internet of things equipment corresponding to the identity identifier in each internet of things equipment by using the public key in the asymmetric key corresponding to the identity identifier of each internet of things equipment one to obtain a plurality of verification fingerprints corresponding to the identity identifier in the internet of things equipment. The verification fingerprint further comprises a symmetric encryption key, and the symmetric encryption key is used for symmetrically encrypting data during data transmission.
With reference to the third possible implementation manner of the first aspect, in a fourth possible implementation manner, each piece of internet of things equipment decrypts a verification fingerprint corresponding to an identity identifier in the piece of internet of things equipment, and determines whether the internet of things gateway is legal, including: the method comprises the steps that each piece of Internet of things equipment decrypts the verification fingerprints corresponding to the identity marks in the piece of Internet of things equipment by using a private key in an asymmetric key corresponding to the identity mark of each piece of Internet of things equipment one by one, and Internet of things equipment metadata corresponding to the identity mark in each piece of Internet of things equipment is obtained; and respectively comparing the internet of things equipment metadata which is obtained by decryption and corresponds to the identity in each internet of things equipment with the first internet of things equipment metadata prestored in the internet of things equipment, judging whether the internet of things equipment metadata are consistent with the first internet of things equipment metadata, if so, determining that the internet of things gateway is legal, and starting data transmission.
In a second aspect, an embodiment of the present application provides an internet of things device quick access apparatus, and the apparatus includes: the first processing module is used for establishing a metadata base related to a plurality of pieces of Internet of things equipment on the Internet of things gateway and writing a preset identity and an asymmetric key into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity, and the identity of each piece of Internet of things equipment corresponds to the asymmetric key one by one; the metadata database is used for storing the identity identification of each piece of Internet of things equipment; the encryption module is used for encrypting the metadata of the internet of things equipment corresponding to the identity identifier in each piece of internet of things equipment respectively based on the plurality of asymmetric keys to obtain a plurality of verification fingerprints corresponding to the identity identifiers in the internet of things equipment; and the second processing module is used for decrypting the verification fingerprints corresponding to the identity identifiers in the Internet of things equipment by each Internet of things equipment respectively, judging whether the Internet of things gateway is legal or not, and starting data transmission if the Internet of things gateway is legal.
In a third aspect, an embodiment of the present application provides an internet of things platform, where the internet of things platform includes: a processor, a communication bus, a communication interface, and a memory; the communication bus is respectively connected with the processor, the communication interface and the memory; the memory stores computer readable instructions, and when the processor executes the readable instructions, the method for fast accessing the internet of things device provided by the first aspect and any possible implementation manner of the first aspect is executed.
In a fourth aspect, an embodiment of the present application provides a storage medium, where a computer program is stored on the storage medium, and when the computer program is executed by a computer, the method for quickly accessing an internet of things device, where the method is provided in the first aspect and any possible implementation manner of the first aspect.
The technical scheme of the embodiment of the application has at least the following advantages and beneficial effects: the metadata description mode is adopted, a metadata base related to the Internet of things equipment is established on the Internet of things gateway in advance, the Internet of things equipment metadata is placed in advance before the Internet of things equipment leaves a factory, the Internet of things equipment can be automatically verified and accessed into the Internet of things gateway after being installed without any configuration at the Internet of things gateway and an equipment end, a specific encryption means is used for assisting in the verification and access processes of the Internet of things equipment, and after verification, reliable data transmission is achieved. Meanwhile, the technical scheme provided by the embodiment of the application also has the advantages when the Internet of things equipment is replaced, and the plug and play can be realized only by replacing a new equipment consistent with the identity identification of the original Internet of things equipment.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a schematic flow chart of a method for quickly accessing an internet of things device according to an embodiment of the present application;
fig. 2 is a block diagram of a fast access apparatus for an internet of things device according to an embodiment of the present disclosure;
fig. 3 is a structural block diagram of an internet of things platform provided in the embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
The gateway is a product which is produced for difficult conversion between different protocols, and in the architecture of the internet of things, an intermediate device is needed between two different networks of a sensing layer and a network layer, namely the gateway of the internet of things. The internet of things gateway is internally responsible for protocol conversion among different devices of the whole internet of things system, and externally enters the internet through wireless communication such as Ethernet or WiFi to realize remote communication. The gateway of the internet of things can integrate the information collected by different objects and transmit the information to the next level, so that the information can be transmitted among all parts. The gateway of the Internet of things can realize protocol conversion between the sensing network and the communication network and between different types of sensing networks; the wide area interconnection and the local area interconnection can be realized.
Metadata is data used to describe data, allowing the description and classification of information to be formatted, creating possibilities for machine processing.
Referring to fig. 1, fig. 1 is a schematic flow chart of a fast access method for an internet of things device according to an embodiment of the present disclosure. In the embodiment of the application, the method for quickly accessing the internet of things equipment comprises the following steps: step S11, step S12, step S13, and step S14.
Step S11: establishing a metadata base related to multiple pieces of Internet of things equipment on an Internet of things gateway, and writing a preset identity and an asymmetric key into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity, and the identity of each piece of Internet of things equipment corresponds to the asymmetric key one by one;
step S12: acquiring a plurality of pieces of internet-of-things equipment metadata corresponding to the identity in each piece of internet-of-things equipment based on the identity in each piece of internet-of-things equipment and a metadata database;
step S13: based on the plurality of asymmetric keys, respectively encrypting the metadata of the internet of things equipment corresponding to the identity in each piece of internet of things equipment to obtain a plurality of verification fingerprints corresponding to the identity in the internet of things equipment;
step S14: and each piece of Internet of things equipment decrypts the verification fingerprint corresponding to the identity identifier in the piece of Internet of things equipment, judges whether the Internet of things gateway is legal or not, and starts data transmission if the Internet of things gateway is legal.
The flow of the fast access method of the internet of things device will be described in detail below.
Step S11: the method comprises the steps of establishing a metadata base related to multiple pieces of Internet of things equipment on an Internet of things gateway, and writing preset identity marks and asymmetric keys into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity mark, and the identity marks of each piece of Internet of things equipment correspond to the asymmetric keys one to one.
In detail, internet of things device metadata related to each internet of things device is established on the internet of things gateway, and the internet of things device metadata form a metadata base, wherein the internet of things device metadata include: firmware information and a transmission protocol of the Internet of things equipment; respectively writing the unique identity corresponding to each piece of Internet of things equipment and the private key in the asymmetric key corresponding to the identity of the piece of Internet of things equipment one to one into the corresponding piece of Internet of things equipment, wherein the asymmetric key comprises: a public key and a private key, the private key having uniqueness.
And establishing and storing the Internet of things equipment metadata related to each Internet of things equipment on the Internet of things gateway. The firmware information in the metadata of the internet of things equipment comprises manufacturing information of the internet of things equipment, sales information of the internet of things equipment and operation information of the internet of things equipment; the transmission protocol in the metadata of the Internet of things equipment is used for transmitting data to the Internet of things gateway according to the physical layer transmission protocol after the Internet of things gateway and the Internet of things equipment pass authentication; the internet of things equipment metadata also comprises version information, namely the internet of things equipment metadata comprises related information such as manufacturing, selling and operating of the internet of things equipment. And a plurality of metadata sets of the Internet of things equipment form a metadata base related to the Internet of things equipment.
The unique identification is set for each piece of Internet of things equipment, so that each piece of Internet of things equipment can be distinguished and identified accurately, namely each piece of Internet of things equipment has the unique identification. The identity of each piece of internet of things equipment corresponds to one asymmetric key, and the asymmetric key has uniqueness, namely, each piece of internet of things equipment has the unique asymmetric key, and the identity of each piece of internet of things equipment corresponds to the asymmetric key one to one. The asymmetric key comprises a private key and a public key, and the identity of the Internet of things equipment and the private key in the asymmetric key corresponding to the identity one to one are written into the Internet of things equipment to become pre-stored first Internet of things equipment metadata.
In the above description, it is easy to know that each internet of things device has a unique identity, and each identity has a one-to-one asymmetric key, where the asymmetric key includes a public key and a private key, that is, each identity has a one-to-one public key and a private key. And different internet of things devices have different identities, and different identities are matched with different asymmetric keys.
Step S12: and acquiring a plurality of pieces of Internet of things equipment metadata corresponding to the identity in each piece of Internet of things equipment based on the identity in each piece of Internet of things equipment and the metadata base.
In detail, the identity identifiers in each piece of internet-of-things equipment are sent to the internet-of-things gateway respectively, the internet-of-things gateway searches corresponding internet-of-things equipment metadata in the metadata base according to the identity identifiers in each piece of internet-of-things equipment respectively, and a plurality of pieces of internet-of-things equipment metadata corresponding to the identity identifiers in each piece of internet-of-things equipment are obtained.
In the process of sending the identity identifier in each piece of Internet of things equipment to the Internet of things gateway, plaintext sending can be selected, namely sending without encryption, and sending with encryption can also be selected. Optionally, in this embodiment of the application, a plaintext sending manner is selected to send the identity identifier in each piece of internet-of-things equipment to the internet-of-things gateway.
Step S13: based on the plurality of asymmetric keys, the metadata of the internet of things equipment corresponding to the identity in each piece of internet of things equipment is encrypted respectively, and a plurality of verification fingerprints corresponding to the identity in the internet of things equipment are obtained.
In detail, the public keys in the asymmetric keys corresponding to the identity identifiers of the internet of things equipment are used for encrypting the internet of things equipment metadata corresponding to the identity identifiers of the internet of things equipment respectively, and a plurality of verification fingerprints corresponding to the identity identifiers of the internet of things equipment are obtained. The verification fingerprint further comprises a symmetric encryption key, and the symmetric encryption key is used for symmetrically encrypting data during data transmission.
According to the characteristic of asymmetric encryption, the metadata of the Internet of things equipment obtained from a metadata base in the Internet of things gateway is encrypted by using a public key in an asymmetric key, and the verification fingerprint is obtained.
It should be noted that the symmetric encryption key is determined as a symmetric encryption key from the result obtained by processing the private key in the asymmetric key and the identity of the internet of things device through an algorithm, and the symmetric encryption key is used for data transmission in a symmetric encryption manner after the internet of things gateway and the internet of things device pass validity verification. The symmetric encryption has the advantage of high transmission speed, and the symmetric encryption key is obtained based on some information such as a private key in the corresponding asymmetric key and an identity of the internet of things device, that is, the symmetric encryption key and the symmetric encryption key of the internet of things device are mutually independent, so that the normal communication between other internet of things devices connected with the internet of things gateway and the internet of things gateway is not influenced under the condition of cracking one symmetric encryption key, and thus, the security of accessing the internet of things gateway is higher.
Step S14: and each piece of Internet of things equipment decrypts the verification fingerprint corresponding to the identity identifier in the piece of Internet of things equipment, judges whether the Internet of things gateway is legal or not, and starts data transmission if the Internet of things gateway is legal.
In detail, each piece of internet-of-things equipment decrypts the verification fingerprints corresponding to the identity identifiers in the piece of internet-of-things equipment by using the private keys in the asymmetric keys in one-to-one correspondence with the identity identifiers of the piece of internet-of-things equipment, and obtains internet-of-things equipment metadata corresponding to the identity identifiers in the piece of internet-of-things equipment; and respectively comparing the internet of things equipment metadata which is obtained by decryption and corresponds to the identity in each internet of things equipment with the first internet of things equipment metadata prestored in the internet of things equipment, judging whether the internet of things equipment metadata are consistent with the first internet of things equipment metadata, if so, determining that the internet of things gateway is legal, and starting data transmission.
Only the internet of things device metadata obtained after the verification fingerprint is decrypted by using the private key is compared with the first internet of things device metadata prestored in the internet of things device, when the identity identifications and other information with uniqueness are matched, the internet of things gateway can be determined to be accessible, namely the communication access between the internet of things gateway and the internet of things device is legal, and subsequent data transmission can be started.
The metadata base about the Internet of things equipment is established at the Internet of things gateway, the asymmetric encryption is adopted in the processes of self-registration, identification and the like of the Internet of things gateway and the Internet of things equipment, after the legality is verified, the symmetric encryption is adopted in the data transmission process, through the technical scheme in the embodiment of the application, the Internet of things equipment can be installed, any configuration is not required to be carried out at a cloud end and an equipment end, the automatic verification and the access to the cloud end gateway can be realized, and the trusted data transmission can be realized. In addition, through the technical scheme in the embodiment of the application, the method and the device have the advantages that equipment can be replaced, and the method and the device can be used in a plug-and-play manner only by replacing a new device consistent with the original device identity, so that the method and the device are suitable for manufacturing of equipment in batches, and the metadata burning before the equipment leaves a factory can be quickly integrated with a Manufacturing Execution System (MES) of a factory.
Referring to fig. 2, an embodiment of the present application provides an internet of things device fast access apparatus 10, which includes:
the first processing module 110 is configured to establish a metadata base related to a plurality of internet of things devices on an internet of things gateway, and write a preset identity and an asymmetric key into each internet of things device, where each internet of things device has a unique identity, and the identity of each internet of things device corresponds to the asymmetric key one to one; the metadata database is used for storing the identity identification of each piece of Internet of things equipment;
the encryption module 120 is configured to encrypt internet-of-things device metadata corresponding to the identity identifier in each internet-of-things device based on the plurality of asymmetric keys, respectively, to obtain a plurality of verification fingerprints corresponding to the identity identifiers in the internet-of-things devices;
the second processing module 130 is configured to decrypt, by each piece of internet of things equipment, the verification fingerprint corresponding to the identity identifier in the piece of internet of things equipment, determine whether the internet of things gateway is legal, and if so, start data transmission.
Referring to fig. 3, an embodiment of the present application further provides an internet of things platform 20, where the internet of things platform 20 includes: a processor 210, a communication bus 220, a communication interface 230, and a memory 240; the communication bus 220 connects the processor 210, the communication interface 230, and the memory 240, respectively; the memory 240 stores computer readable instructions that, when executed by the processor 210, perform the method for fast access to internet of things devices as described in detail above.
The Memory 240 may include a Random Access Memory (RAM) and may further include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory.
The communication bus 230 may be an ISA bus (Industry Standard Architecture), PCI bus (Peripheral Component Interconnect), EISA bus (Extended Industry Standard Architecture), or the like.
The processor 210 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 210. The Processor 210 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; but may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof, that may implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present invention. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art.
To sum up, the embodiment of the present application provides a method for quickly accessing internet of things devices, where the method is used for identifying and authenticating a plurality of internet of things devices to access an internet of things gateway, and the method includes: establishing a metadata base related to multiple pieces of Internet of things equipment on an Internet of things gateway, and writing a preset identity and an asymmetric key into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity, and the identity of each piece of Internet of things equipment corresponds to the asymmetric key one by one; acquiring a plurality of pieces of internet-of-things equipment metadata corresponding to the identity in each piece of internet-of-things equipment based on the identity in each piece of internet-of-things equipment and a metadata database; based on the plurality of asymmetric keys, respectively encrypting the metadata of the internet of things equipment corresponding to the identity in each piece of internet of things equipment to obtain a plurality of verification fingerprints corresponding to the identity in the internet of things equipment; and each piece of Internet of things equipment decrypts the verification fingerprint corresponding to the identity identifier in the piece of Internet of things equipment, judges whether the Internet of things gateway is legal or not, and starts data transmission if the Internet of things gateway is legal.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (8)
1. A quick access method for Internet of things equipment is used for identifying and authenticating a plurality of Internet of things equipment to access an Internet of things gateway, and is characterized by comprising the following steps:
establishing a metadata base related to a plurality of pieces of Internet of things equipment on an Internet of things gateway, and writing a preset identity and an asymmetric key into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity, and the identity of each piece of Internet of things equipment corresponds to the asymmetric key one by one;
obtaining a plurality of internet of things equipment metadata corresponding to the identity in each internet of things equipment based on the identity in each internet of things equipment and the metadata base;
based on the plurality of asymmetric keys, respectively encrypting the metadata of the internet of things equipment corresponding to the identity in each piece of internet of things equipment to obtain a plurality of verification fingerprints corresponding to the identity in the internet of things equipment;
and each piece of Internet of things equipment decrypts the verification fingerprint corresponding to the identity in the piece of Internet of things equipment, judges whether the Internet of things gateway is legal or not, and starts data transmission if the Internet of things gateway is legal.
2. The method for fast accessing to internet of things equipment according to claim 1, wherein the establishing a metadata base related to a plurality of internet of things equipment on an internet of things gateway and writing a preset identity and an asymmetric key into each internet of things equipment comprises:
establishing Internet of things equipment metadata related to each Internet of things equipment on an Internet of things gateway, wherein the Internet of things equipment metadata form the metadata base, and the Internet of things equipment metadata comprise: firmware information and a transmission protocol of the Internet of things equipment;
respectively writing the unique identity corresponding to each piece of Internet of things equipment and the private key in the asymmetric key corresponding to the identity of the piece of Internet of things equipment one to one into the corresponding piece of Internet of things equipment, wherein the asymmetric key comprises: a public key and a private key, the private key having uniqueness.
3. The method for quickly accessing internet-of-things equipment according to claim 2, wherein the obtaining a plurality of internet-of-things equipment metadata corresponding to the identity in each internet-of-things equipment based on the identity in each internet-of-things equipment and the metadata base comprises:
and respectively sending the identity in each piece of Internet of things equipment to an Internet of things gateway, and respectively searching corresponding Internet of things equipment metadata in the metadata base by the Internet of things gateway according to the identity in each piece of Internet of things equipment to obtain a plurality of pieces of Internet of things equipment metadata corresponding to the identity in each piece of Internet of things equipment.
4. The method for fast accessing to internet of things equipment according to claim 3, wherein the encrypting metadata of the internet of things equipment corresponding to the id in each of the internet of things equipment based on the plurality of asymmetric keys to obtain a plurality of verification fingerprints corresponding to the id in the internet of things equipment comprises:
and encrypting the metadata of the internet of things equipment corresponding to the identity identifier in each internet of things equipment by using a public key in an asymmetric key corresponding to the identity identifier of each internet of things equipment one to one, and obtaining a plurality of verification fingerprints corresponding to the identity identifier in the internet of things equipment, wherein the verification fingerprints further comprise a symmetric encryption key which is used for symmetrically encrypting data during data transmission.
5. The method for quickly accessing internet of things equipment according to claim 4, wherein the step of decrypting the verification fingerprint corresponding to the identity identifier in the internet of things equipment by each internet of things equipment and judging whether the internet of things gateway is legal or not comprises the following steps:
the method comprises the steps that each piece of Internet of things equipment decrypts a verification fingerprint corresponding to an identity identifier in the piece of Internet of things equipment by using a private key in an asymmetric key corresponding to the identity identifier of each piece of Internet of things equipment in a one-to-one mode, and Internet of things equipment metadata corresponding to the identity identifier in each piece of Internet of things equipment is obtained;
and respectively comparing the internet of things equipment metadata obtained by decryption and corresponding to the identity identifier in each internet of things equipment with first internet of things equipment metadata prestored in the internet of things equipment, judging whether the internet of things equipment metadata and the first internet of things equipment metadata are consistent, if so, determining that the internet of things gateway is legal, and starting data transmission.
6. The utility model provides a quick access device of thing networking equipment which characterized in that, the device includes:
the first processing module is used for establishing a metadata base related to a plurality of pieces of Internet of things equipment on an Internet of things gateway, and writing preset identity identification and asymmetric keys into each piece of Internet of things equipment, wherein each piece of Internet of things equipment has a unique identity identification, and the identity identification of each piece of Internet of things equipment corresponds to the asymmetric keys one to one; and also for
Obtaining a plurality of internet of things equipment metadata corresponding to the identity in each internet of things equipment based on the identity in each internet of things equipment and the metadata base;
the encryption module is used for encrypting the metadata of the internet of things equipment corresponding to the identity identifier in each piece of internet of things equipment respectively based on the plurality of asymmetric keys to obtain a plurality of verification fingerprints corresponding to the identity identifiers in the internet of things equipment;
and the second processing module is used for decrypting the verification fingerprints corresponding to the identity identifiers in the Internet of things equipment by each Internet of things equipment respectively, judging whether the Internet of things gateway is legal or not, and starting data transmission if the Internet of things gateway is legal.
7. An internet of things platform, comprising: a processor, a communication bus, a communication interface, and a memory;
the communication bus is respectively connected with the processor, the communication interface and the memory;
the memory stores computer readable instructions which, when executed by the processor, perform the method of fast access to internet of things devices as claimed in any one of claims 1 to 5.
8. A storage medium, wherein the storage medium stores thereon a computer program, and the computer program is executed by a computer to perform the method for fast accessing the internet of things device according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010995373.2A CN111865592A (en) | 2020-09-21 | 2020-09-21 | Internet of things equipment fast access method and device, Internet of things platform and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010995373.2A CN111865592A (en) | 2020-09-21 | 2020-09-21 | Internet of things equipment fast access method and device, Internet of things platform and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111865592A true CN111865592A (en) | 2020-10-30 |
Family
ID=72967729
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010995373.2A Pending CN111865592A (en) | 2020-09-21 | 2020-09-21 | Internet of things equipment fast access method and device, Internet of things platform and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111865592A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112469034A (en) * | 2020-11-25 | 2021-03-09 | 中国科学技术大学 | Internet of things gateway device capable of safely authenticating physical sensing equipment and access method thereof |
Citations (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1832394A (en) * | 2005-03-07 | 2006-09-13 | 微软公司 | Method and system for personal identity verification with secrecy |
| CN101222331A (en) * | 2007-01-09 | 2008-07-16 | 华为技术有限公司 | Authentication server, method and system for bidirectional authentication in mesh network |
| CN101822083A (en) * | 2008-11-03 | 2010-09-01 | 华为技术有限公司 | Authentication method, trusted environment unit and home nodeb |
| CN102685741A (en) * | 2011-03-09 | 2012-09-19 | 华为终端有限公司 | Access authentication processing method and system, terminal as well as network equipment |
| CN104717225A (en) * | 2015-03-30 | 2015-06-17 | 中国联合网络通信集团有限公司 | Internet of Things gateway access authentication method and system |
| CN105391540A (en) * | 2014-08-28 | 2016-03-09 | 北京握奇智能科技有限公司 | IOT safety system, interconnection equipment, and implementation method |
| CN106412897A (en) * | 2016-10-08 | 2017-02-15 | 西安瀚炬网络科技有限公司 | WiFi authentication method based on server |
| US20170063823A1 (en) * | 2015-08-26 | 2017-03-02 | Tatung University | Identity verification method, internet of thins gateway device, and verification gateway device using the same |
| CN106850209A (en) * | 2017-02-28 | 2017-06-13 | 苏州福瑞思信息科技有限公司 | A kind of identity identifying method and device |
| CN107911370A (en) * | 2017-11-22 | 2018-04-13 | 深圳市智物联网络有限公司 | A kind of data ciphering method and device, data decryption method and device |
| US20180220476A1 (en) * | 2017-01-31 | 2018-08-02 | Grib Co., Ltd | Internet of things gateway and operating method of the same |
| CN109150502A (en) * | 2018-09-19 | 2019-01-04 | 广州通达汽车电气股份有限公司 | Data ciphering method, device, system, computer equipment and storage medium |
| US20190036906A1 (en) * | 2017-07-28 | 2019-01-31 | SmartAxiom, Inc. | System and method for iot security |
| CN110535877A (en) * | 2019-09-20 | 2019-12-03 | 南京中谷芯信息科技有限公司 | Internet-of-things terminal identity identifying method and Verification System based on double authentication |
| US10615982B2 (en) * | 2016-08-19 | 2020-04-07 | Futurewei Technologies, Inc. | Method and device for providing a key for internet of things (IoT) communication |
-
2020
- 2020-09-21 CN CN202010995373.2A patent/CN111865592A/en active Pending
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1832394A (en) * | 2005-03-07 | 2006-09-13 | 微软公司 | Method and system for personal identity verification with secrecy |
| CN101222331A (en) * | 2007-01-09 | 2008-07-16 | 华为技术有限公司 | Authentication server, method and system for bidirectional authentication in mesh network |
| CN101822083A (en) * | 2008-11-03 | 2010-09-01 | 华为技术有限公司 | Authentication method, trusted environment unit and home nodeb |
| CN102685741A (en) * | 2011-03-09 | 2012-09-19 | 华为终端有限公司 | Access authentication processing method and system, terminal as well as network equipment |
| CN105391540A (en) * | 2014-08-28 | 2016-03-09 | 北京握奇智能科技有限公司 | IOT safety system, interconnection equipment, and implementation method |
| CN104717225A (en) * | 2015-03-30 | 2015-06-17 | 中国联合网络通信集团有限公司 | Internet of Things gateway access authentication method and system |
| CN106487777A (en) * | 2015-08-26 | 2017-03-08 | 大同股份有限公司 | Identity identifying method and things-internet gateway device and authentication gateway device |
| US20170063823A1 (en) * | 2015-08-26 | 2017-03-02 | Tatung University | Identity verification method, internet of thins gateway device, and verification gateway device using the same |
| US10615982B2 (en) * | 2016-08-19 | 2020-04-07 | Futurewei Technologies, Inc. | Method and device for providing a key for internet of things (IoT) communication |
| CN106412897A (en) * | 2016-10-08 | 2017-02-15 | 西安瀚炬网络科技有限公司 | WiFi authentication method based on server |
| US20180220476A1 (en) * | 2017-01-31 | 2018-08-02 | Grib Co., Ltd | Internet of things gateway and operating method of the same |
| CN106850209A (en) * | 2017-02-28 | 2017-06-13 | 苏州福瑞思信息科技有限公司 | A kind of identity identifying method and device |
| US20190036906A1 (en) * | 2017-07-28 | 2019-01-31 | SmartAxiom, Inc. | System and method for iot security |
| CN107911370A (en) * | 2017-11-22 | 2018-04-13 | 深圳市智物联网络有限公司 | A kind of data ciphering method and device, data decryption method and device |
| CN109150502A (en) * | 2018-09-19 | 2019-01-04 | 广州通达汽车电气股份有限公司 | Data ciphering method, device, system, computer equipment and storage medium |
| CN110535877A (en) * | 2019-09-20 | 2019-12-03 | 南京中谷芯信息科技有限公司 | Internet-of-things terminal identity identifying method and Verification System based on double authentication |
Non-Patent Citations (2)
| Title |
|---|
| 邵欣: "《物联网技术及应用》", 30 June 2018 * |
| 郭文书: "《物联网技术导论》", 30 June 2017 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112469034A (en) * | 2020-11-25 | 2021-03-09 | 中国科学技术大学 | Internet of things gateway device capable of safely authenticating physical sensing equipment and access method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106656907B (en) | Method, device, terminal equipment and system for authentication | |
| JP6199335B2 (en) | Communication network system and message inspection method | |
| US20150229654A1 (en) | Secured transactions in internet of things embedded systems networks | |
| CN112019647A (en) | Method and device for obtaining equipment identifier | |
| US10931464B2 (en) | Communication system, hardware security module, terminal device, communication method, and program | |
| CN110545252B (en) | Authentication and information protection method, terminal, control function entity and application server | |
| TW202211047A (en) | Data acquisition method, apparatus and device, and medium | |
| CN110874747A (en) | Product service data uploading method, product service data storing device, product service data storing equipment and product service data storing medium | |
| US20190268338A1 (en) | Extended trust for onboarding | |
| CN112398894A (en) | Safety verification method and device for vehicle | |
| CN113079508A (en) | Data transmission method, device and equipment based on block chain network | |
| CN104618401A (en) | Real-name system-based wifi one-key logging method | |
| CN106790036B (en) | A kind of information tamper resistant method, device, server and terminal | |
| CN111901303A (en) | Device authentication method and apparatus, storage medium, and electronic apparatus | |
| US20100183152A1 (en) | Network and method for initializing a trust center link key | |
| CN109451504B (en) | Internet of things module authentication method and system | |
| CN111327561B (en) | Authentication method, system, authentication server, and computer-readable storage medium | |
| CN111865592A (en) | Internet of things equipment fast access method and device, Internet of things platform and storage medium | |
| CN113055257B (en) | Terminal equipment binding method and system based on identification code | |
| CN110198538B (en) | Method and device for obtaining equipment identifier | |
| CN115150109A (en) | Authentication method, device and related equipment | |
| KR101880708B1 (en) | DATA TRANSFER SYSTEM OF DEVICE IN IoT HAVING IMPROVED SECURITY | |
| CN112583594A (en) | Data processing method, acquisition device, gateway, trusted platform and storage medium | |
| CN111510288A (en) | Key management method, electronic device and storage medium | |
| CN106162644A (en) | A kind of WiFi system preventing camouflage equipment and safe verification method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |
|
| RJ01 | Rejection of invention patent application after publication |