CN112073421B - Communication processing method, communication processing device, terminal and storage medium - Google Patents
Communication processing method, communication processing device, terminal and storage medium Download PDFInfo
- Publication number
- CN112073421B CN112073421B CN202010962616.2A CN202010962616A CN112073421B CN 112073421 B CN112073421 B CN 112073421B CN 202010962616 A CN202010962616 A CN 202010962616A CN 112073421 B CN112073421 B CN 112073421B
- Authority
- CN
- China
- Prior art keywords
- terminal
- server
- communication information
- communication
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The application provides a communication processing method, a communication processing device, a terminal and a storage medium, and belongs to the technical field of network security. The method comprises the following steps: generating first communication information signed by a terminal private key of the terminal, wherein the first communication information comprises a random number acquired from a server, a type identifier of the terminal and a unique identifier of the terminal; encrypting the first communication information and the second communication information according to a server public key of the server to obtain third communication information, wherein the second communication information comprises service data; and establishing communication connection with the server according to an access response returned by the server, wherein the access response is generated after the server decrypts and authenticates the third communication information. The terminal encrypts the sent data in sequence through the terminal private key of the terminal and the server public key of the server, so that the data sent by the terminal are not easy to steal and tamper, the server can determine the legality of the terminal after authentication, and the safety of the terminal and the server is ensured.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a communication processing method, an apparatus, a terminal, and a storage medium.
Background
Along with the rapid development of the internet of things technology, a user can communicate with the intelligent equipment through the intelligent terminal, such as an intelligent entrance guard, an intelligent gate, an intelligent camera and the like, so that the purpose of controlling the intelligent equipment or acquiring information collected by the intelligent equipment is achieved.
At present, when communication is performed between devices based on the internet of things, check information and communication information when the devices are accessed are usually packaged in a communication protocol of MQTT (Message queue Telemetry Transport) to perform communication and check.
The scheme has the problems that data in communication information is easy to steal by malicious users, so that the intelligent device or the server is easy to attack, and the safety of the intelligent device and the server is influenced.
Disclosure of Invention
The embodiment of the application provides a communication processing method, a communication processing device, a terminal and a storage medium, wherein sent data are sequentially encrypted through a terminal private key of the terminal and a server public key of a server, so that the data sent by the terminal are not easy to steal and tamper, the server can determine the legality of the terminal after authentication, and the safety of the terminal and the server is ensured. The technical scheme is as follows:
in one aspect, a communication processing method is provided, and the method includes:
generating first communication information signed by a terminal private key of the terminal, wherein the first communication information comprises a random number acquired from a server, a type identifier of the terminal and a unique identifier of the terminal;
encrypting the first communication information and the second communication information according to a server public key of the server to obtain third communication information, wherein the second communication information comprises service data;
and establishing communication connection with the server according to an access response returned by the server, wherein the access response is generated after the server decrypts and authenticates the third communication information.
In another aspect, a communication processing apparatus is provided, the apparatus including:
the first information processing module is used for generating first communication information signed by a terminal private key of the terminal, and the first communication information comprises a random number acquired from a server, a type identifier of the terminal and a unique identifier of the terminal;
the second information processing module is used for encrypting the first communication information and the second communication information according to a server public key of the server to obtain third communication information, wherein the second communication information comprises service data;
and the communication connection module is used for establishing communication connection with the server according to an access response returned by the server, and the access response is generated after the server decrypts and authenticates the third communication information.
In an optional implementation manner, the first information processing module is configured to obtain the random number from the server according to a challenge response; and signing the random number, the type identifier of the terminal and the unique identifier of the terminal based on a first encryption algorithm according to a terminal private key of the terminal to obtain the first communication information.
In an optional implementation manner, the second information processing module includes:
the encryption processing unit is used for encrypting the first communication information and the second communication information based on a first encryption algorithm according to a server public key of the server to obtain fourth communication information;
and the conversion processing unit is used for converting the fourth communication information into hexadecimal to obtain the third communication information.
In an optional implementation manner, the conversion processing unit is configured to convert the fourth communication information into hexadecimal to obtain intermediate data; coding the intermediate data to obtain a verification code, wherein the verification code is used for verifying the consistency of the intermediate data; and combining the intermediate data and the verification code to obtain the third communication information.
In an optional implementation, the apparatus further includes:
the third information processing module is used for decrypting fifth communication information returned by the server based on a first encryption algorithm according to the terminal private key to obtain a connection key and an authentication identifier, and the fifth communication information is generated by the server based on the first encryption algorithm according to the terminal public key of the terminal;
a fourth information processing module for generating sixth communication information encrypted by the connection key;
and the information sending module is used for responding to the authentication passing of the authentication identification and sending the sixth communication information.
In an optional implementation manner, the fourth information processing module is configured to encrypt, according to the connection key, communication data to be sent based on a second encryption algorithm, so as to obtain the sixth communication information.
In an optional implementation, the apparatus further includes:
the information acquisition module is used for acquiring the running environment information returned by the server;
and the information receiving and sending module is used for responding to the difference between a first operation environment indicated by the operation environment information and a current second operation environment of the terminal, and receiving and sending messages according to a service processing flow corresponding to the first operation environment.
In another aspect, a terminal is provided, where the terminal includes a processor and a memory, where the memory is used to store at least one program code, and the at least one program code is loaded and executed by the processor to implement the operations performed in the communication processing method in the embodiments of the present application.
In another aspect, a computer-readable storage medium is provided, where at least one program code is stored, and the at least one program code is loaded and executed by a processor to implement the operations performed in the communication processing method in the embodiments of the present application.
In another aspect, a computer program product or computer program is provided, the computer program product or computer program comprising computer program code, the computer program code being stored in a computer readable storage medium. The processor of the terminal reads the computer program code from the computer-readable storage medium, and the processor executes the computer program code, so that the terminal performs the communication processing method provided in the various alternative implementations of the above-described aspects or aspects.
The technical scheme provided by the embodiment of the application has the following beneficial effects:
the embodiment of the application provides a communication processing method, when a terminal applies for establishing communication connection with a server, the terminal encrypts sent data in sequence through a terminal private key of the terminal and a server public key of the server, so that the data sent by the terminal is not easy to steal and tamper, the server can determine the legality of the terminal after authentication, and the safety of the terminal and the server is ensured.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of an implementation environment of a communication processing method according to an embodiment of the present application;
fig. 2 is a flowchart of a communication processing method according to an embodiment of the present application;
fig. 3 is an interaction flow chart of a communication processing method according to an embodiment of the present application;
fig. 4 is an interaction flow diagram of another communication processing method provided according to an embodiment of the present application;
FIG. 5 is a schematic diagram illustrating an interaction flow at an MQTT according to an embodiment of the present application;
fig. 6 is an interaction flowchart of another communication processing method provided in an embodiment of the present application;
fig. 7 is a block diagram of a communication processing apparatus according to an embodiment of the present application;
fig. 8 is a block diagram of a terminal according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of a server provided according to an embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The following describes techniques that may be used in embodiments of the present application.
The Internet of Things (The Internet of Things, IOT for short) is to collect any object or process needing monitoring, connection and interaction in real time and collect various required information such as sound, light, heat, electricity, mechanics, chemistry, biology and location through various devices and technologies such as various information sensors, radio frequency identification technologies, global positioning systems, infrared sensors and laser scanners, and to realize ubiquitous connection of objects and people through various possible network accesses, so as to realize intelligent sensing, identification and management of objects and processes. The internet of things is an information bearer based on the internet, a traditional telecommunication network and the like, and all common physical objects which can be independently addressed form an interconnected network.
The Cloud IOT aims to connect information sensed by sensing equipment in the traditional Internet of things and received instructions into the Internet, really realizes networking, and realizes mass data storage and operation through a Cloud computing technology.
Cloud Security (Cloud Security) refers to a generic term of Security software, hardware, users, organizations, Security Cloud platforms based on Cloud computing business model applications. The cloud security integrates emerging technologies and concepts such as parallel processing, grid computing and unknown virus behavior judgment, the latest information of Trojan horses and malicious programs in the internet is obtained through abnormal monitoring of a large number of netted clients on software behaviors in the network, the latest information is sent to a server for automatic analysis and processing, and then the solutions of viruses and Trojan horses are distributed to each client.
The main research directions of cloud security include: 1. the cloud computing security mainly researches how to guarantee the security of the cloud and various applications on the cloud, including the security of a cloud computer system, the secure storage and isolation of user data, user access authentication, information transmission security, network attack protection, compliance audit and the like; 2. the cloud of the security infrastructure mainly researches how to adopt cloud computing to newly build and integrate security infrastructure resources and optimize a security protection mechanism, and comprises the steps of constructing a super-large-scale security event and an information acquisition and processing platform through a cloud computing technology, realizing the acquisition and correlation analysis of mass information, and improving the handling control capability and the risk control capability of the security event of the whole network; 3. the cloud security service mainly researches various security services, such as anti-virus services and the like, provided for users based on a cloud computing platform.
Private Cloud (Private Cloud) is a method for creating Cloud infrastructure and software and hardware resources in a firewall so that each department in an organization or enterprise can share the resources in a data center. A private cloud is created, typically with cloud equipment as a Service (IaaS) software in addition to hardware resources.
The private cloud computing also comprises three layers of cloud hardware, a cloud platform and cloud service. In contrast, the cloud hardware is the user's own personal computer or server, not the cloud computing vendor's data center. Cloud computing vendors build data centers to provide public cloud services for millions of users, and therefore need to have tens of millions of servers. Private cloud computing serves only friends and relatives for an individual and the employees and customers and suppliers of the enterprise for the enterprise, so that the personal computer or server of the individual or enterprise is sufficient to provide cloud services.
Public Cloud (Public Cloud) generally refers to a Cloud that can be used by a third-party provider for a user, the Public Cloud can be generally used through the Internet, and can be free or low-cost, and the core attribute of the Public Cloud is a shared resource service. There are many instances of such a cloud that can provide services throughout the open public network today.
TCP (Transmission Control Protocol) is a connection-oriented, reliable transport layer communication Protocol based on a byte stream. TCP is intended to accommodate layered protocol hierarchies that support multiple network applications. Reliable communication services are provided by means of TCP between pairs of processes in host computers connected to different but interconnected computer communication networks. TCP assumes that it can obtain simple, possibly unreliable, datagram service from lower level protocols.
MQTT (Message queue Telemetry Transport) is an internet of things Transport protocol designed for lightweight publish/subscribe messaging, and is intended to provide reliable network services for internet of things devices in low-bandwidth and unstable network environments. The MQTT is a lightweight transmission protocol developed specially for the Internet of things. The MQTT protocol is specially optimized for equipment with low bandwidth network and low computing power, so that the MQTT protocol can adapt to various application scenes of the Internet of things. At present, the MQTT has various platforms and clients on equipment, and forms a primary ecosystem.
Challenge-Response approach (Challenge-Response) is an approach with zero knowledge proof. As the name implies, the identity authentication system based on Challenge/Response (Challenge/Response) is a system developed by the mechanism that the authentication server sends a different "Challenge" string to the client during each authentication, and the client program receives the "Challenge" string and then makes a corresponding "Response". The authentication process is as follows: 1. the client sends a request to an authentication server to request identity authentication; 2. the authentication server inquires whether the user is a legal user from the user database, and if not, no further processing is carried out; 3. the authentication server generates a random number as a question and sends the question to a client; 4. the client combines the user name and the random number, and generates a byte string as a response by using a one-way Hash function (such as an MD5 algorithm); 5. the authentication server compares the response string with the calculation result of the authentication server, and if the response string is the same as the calculation result of the authentication server, the authentication server passes one-time authentication; otherwise, the authentication fails; 6. the authentication server informs the client of the success or failure of the authentication.
SM2 is an elliptic curve public key cryptographic algorithm issued by the national crypto-authority on 12 months and 17 days 2010.
MD5(Message-Digest Algorithm), a widely used cryptographic hash function, may generate a 128-bit (16-byte) hash value to ensure the integrity of the Message transmission.
MAC, Media Access Control Address, translates to a MAC Address, also called local area network Address (LAN Address), MAC Address, Ethernet Address or Physical Address, which is an Address used to identify the location of a network device.
The Token is a string of character strings generated by the server and used as a Token for the client to request, after the server logs in for the first time, the server generates a Token and returns the Token to the client, and the client only needs to take the Token to request data before later without taking a user name and a password again.
Ack (acknowledgement character) is an acknowledgment character, and in data communication, a transmission control character is sent from a receiving station to a transmitting station. Indicating that the transmitted data is received without errors. In the TCP/IP protocol, if the receiving side successfully receives the data, an ACK data is replied.
TLS (Transport Layer Security) is used to provide privacy and data integrity between two communicating applications. The protocol consists of two layers: TLS recording protocol (TLS Record) and TLS Handshake protocol (TLS Handshake)
Hereinafter, an implementation environment of the communication processing method provided in the embodiment of the present application is described. Fig. 1 is a schematic diagram of an implementation environment of a communication processing method according to an embodiment of the present application. Referring to fig. 1, the implementation environment includes a terminal 101 and a server 102.
The terminal 101 and the server 102 can be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.
Optionally, the terminal 101 is a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, or the like, but is not limited thereto. The terminal 101 is installed and operated with an application program. The application is used for data acquisition.
Optionally, the server 102 is an independent physical server, may also be a server cluster or a distributed system formed by a plurality of physical servers, and may also be a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a CDN (Content Delivery Network), a big data and artificial intelligence platform, and the like. The server 102 is used to provide background services for the application. Alternatively, the server 102 may undertake primary communication processing work, and the terminal 101 may undertake secondary communication processing work; or, the server 102 undertakes the secondary communication processing work, and the terminal 101 undertakes the primary communication processing work; or, the server 102 and the terminal 101 perform cooperative processing by using a distributed communication processing architecture.
Those skilled in the art will appreciate that the number of terminals described above may be greater or fewer. For example, the number of the terminals may be only one, or several tens or hundreds of the terminals, or more. The number of terminals and the type of the device are not limited in the embodiments of the present application.
Fig. 2 is a flowchart of a communication processing method according to an embodiment of the present application, and as shown in fig. 2, the embodiment of the present application is described by taking an application to a terminal as an example. The communication processing method comprises the following steps:
201. the terminal generates first communication information signed by a terminal private key of the terminal, the first communication information including a random number acquired from a server, a type identifier of the terminal, and a unique identifier of the terminal.
In the embodiment of the application, a terminal can access a server through a TCP communication protocol, when the terminal accesses the server, the terminal firstly obtains a random number from the server according to a challenge response, and then the terminal signs the random number, a type identifier of the terminal and a unique identifier of the terminal based on a first encryption algorithm according to a terminal private key of the terminal to obtain first communication information. In the embodiment of the present application, the first encryption algorithm is SM 2. Of course, other asymmetric encryption algorithms can be selected as the first encryption algorithm, which is not limited in the embodiment of the present application.
202. And the terminal encrypts the first communication information and the second communication information according to the server public key of the server to obtain third communication information, wherein the second communication information comprises service data.
In this embodiment, the terminal may encrypt the first communication information and the service data according to a public key of the server, so as to obtain the third communication information. The method for encrypting the third communication information by the terminal may be the same as or different from the method for encrypting the first communication information. The embodiment of the present application does not limit this.
203. And the terminal establishes communication connection with the server according to an access response returned by the server, and the access response is generated after the server decrypts and authenticates the third communication information.
In the embodiment of the application, after receiving third communication information sent when a terminal applies for access, a server can verify whether the third communication information is tampered, and if the third communication information is tampered in the transmission process, the server can directly reject the information; if the third communication information is tampered in the transmission process, the server can decrypt and authenticate the third communication information, and if the authentication is successful, the type identifier of the terminal and the unique identifier of the terminal can be obtained, so that an access response is returned to the terminal, and the terminal can be accessed.
The embodiment of the application provides a communication processing method, when a terminal applies for establishing communication connection with a server, the terminal encrypts sent data in sequence through a terminal private key of the terminal and a server public key of the server, so that the data sent by the terminal is not easy to steal and tamper, the server can determine the legality of the terminal after authentication, and the safety of the terminal and the server is ensured.
Fig. 3 is an interaction flowchart of a communication processing method according to an embodiment of the present application, and as shown in fig. 3, the embodiment of the present application is described by taking an application to a terminal as an example. The communication processing method comprises the following steps:
301. the terminal acquires the random number from the server according to the challenge response.
In the embodiment of the application, the terminal can access the server through the TCP communication protocol, and when the terminal accesses the server, the terminal firstly needs to go to the server to perform challenge response so as to acquire the random number returned by the server.
302. The terminal generates first communication information signed by a terminal private key of the terminal, wherein the first communication information comprises a random number acquired from a server, a type identifier of the terminal and a unique identifier of the terminal.
In the embodiment of the application, after the terminal acquires the random number, the type identifier of the terminal and the unique identifier of the terminal can be signed based on a first encryption algorithm according to a terminal private key of the terminal, so that first communication information is obtained. In this embodiment, the first encryption algorithm is SM 2. Of course, other asymmetric encryption algorithms can be selected as the first encryption algorithm, which is not limited in the embodiment of the present application.
For example, the terminal is taken as a device in the rail transit industry as an example, and the terminal is a gate product and is used for checking tickets and entering stations. The equipment serial number of the terminal is the unique identification of the terminal, and the product number of the gate product to which the terminal belongs is the type identification of the terminal. The terminal carries out SM2 algorithm signature on the random number, the product number and the equipment serial number according to a terminal private key of the terminal, then assigns the data obtained by signature into a license field to obtain license information, and takes the license information as first communication information.
It should be noted that terminals belonging to the same type of product can have the same private key and can also have different private keys, which is not limited in the embodiment of the present application.
303. And the terminal encrypts the first communication information and the second communication information according to the server public key of the server to obtain third communication information, wherein the second communication information comprises service data.
In this embodiment, the terminal may encrypt the first communication information and the service data according to a public key of the server, so as to obtain the third communication information. The method for encrypting the third communication information by the terminal may be the same as or different from the method for encrypting the first communication information. The embodiment of the present application does not limit this.
In an optional implementation manner, the terminal may encrypt the first communication information and the second communication information based on the first encryption algorithm according to a server public key of the server to obtain fourth communication information, and then the terminal converts the fourth communication information into hexadecimal to obtain the third communication information. By carrying out the binary conversion on the information encrypted by the private key again, the information is more difficult to crack and modify, and the safety of the information is improved.
In an optional implementation manner, after the terminal converts the fourth communication information into hexadecimal, the terminal can obtain intermediate data, and the terminal can encode the intermediate data to obtain a verification code, where the verification code is used to verify consistency of the intermediate data. The terminal can combine the intermediate data and the verification code to obtain the third communication information. By encoding the intermediate data converted into hexadecimal, the server can verify the consistency of the intermediate data by verifying the encoding and determine whether the third communication information is falsified.
For example, continuing to describe by taking the terminal as an example of a device in the rail transit industry, the terminal encrypts the license information and the service data according to the public key of the server by using the SM2 algorithm, converts the encrypted data into hexadecimal to obtain intermediate data, and then encodes the intermediate data by using the MD5 to obtain a verification code. The terminal can assign the verification code to the MAC field to obtain MAC information, and the MAC information is added to the third communication information.
And after the terminal obtains the third communication information, the third communication information can be sent to the server through the TCP protocol so that the terminal can be accessed to the server.
304. And the server decrypts and authenticates the received third communication information and generates an access response.
In the embodiment of the application, after receiving third communication information sent when a terminal applies for access, a server can verify whether the third communication information is tampered, and if the third communication information is tampered in the transmission process, the server can directly reject the information; if the third communication information is not tampered in the transmission process, the server can decrypt and authenticate the third communication information, and if the authentication is successful, the type identifier of the terminal and the unique identifier of the terminal can be obtained, so that an access response is returned to the terminal, and the terminal can be accessed.
For example, after receiving the third communication information sent by the terminal, the server can encode the third communication information to obtain another verification code, and if the values of the MAC fields in the verification code and the third communication information are different, the server can directly reject the third communication information if the third communication information is tampered with; if the verification code is the same as the value of the MAC field in the third communication information, the third communication information is not tampered, the server can decrypt the third communication information based on an SM2 algorithm according to the private key of the server, and the content of the license field is extracted to obtain the first communication information. And the server decrypts the content of the license field by using the SM2 algorithm according to the terminal public key of the terminal to obtain the product number and the equipment serial number in the first communication information. Then the server can check the signature according to the product number, the equipment serial number, the random number obtained by the challenge response and the license, if the signature is successfully checked, the server can return an access response to the terminal, and the terminal can complete the connection with the server according to the access response; if the signature verification fails, the server cannot return an access response to the terminal, so that the server cannot establish connection with the terminal.
305. And the terminal establishes communication connection with the server according to the access response returned by the server.
In the embodiment of the application, after the server successfully checks the signature, an access response can be returned to the terminal, where the access response can include data such as an address of the accessed server, an accessed user name, and a password. And the terminal completes the establishment of the communication connection with the server according to the access response.
In an optional implementation manner, the terminal can be applied to different operation environments, such as a public cloud, a private cloud, and a single server environment. The corresponding server can also return operation environment information to the terminal, after the terminal acquires the operation environment information returned by the server, whether a first operation environment indicated by the operation environment information is the same as a second operation environment currently operated by the terminal can be judged, and in response to the fact that the first operation environment is different from the second operation environment, the terminal can switch the current operation environment into the first operation environment and process the receiving and sending of the message according to the service processing flow corresponding to the first operation environment. The operating environment of the terminal is indicated through the operating environment information, so that the terminal can be seamlessly switched among various operating environments.
For example, the default operating environment when the terminal leaves the factory is a public cloud operating environment, that is, when a product to which the terminal belongs is created, the operating environment of the terminal belonging to the product is set as a shared cloud through the configuration file. The server of the public cloud can regularly acquire the operating environment of the terminal of various products set by the configuration file. When a terminal is accessed into the public cloud, the server of the public cloud can bind the product to which the terminal belongs, and the running environment information of the terminal is obtained. If the operation environment indicated by the operation environment information is a public cloud operation environment, the terminal processes the receiving and sending of the message through a business processing flow of the public cloud; if the operation environment indicated by the operation environment information is not a public cloud operation environment, if the operation environment of the terminal which is regularly acquired and belongs to the product is configured as a private cloud operation environment, the terminal switches the operation environment into the private cloud environment, and the receiving and sending of the message are processed through the business processing flow of the private cloud.
306. And the server returns the fifth communication information obtained by encrypting according to the terminal public key of the terminal to the terminal, wherein the fifth communication information comprises a connection key and an authentication identifier.
In the implementation of the application, after the terminal successfully accesses the server, the server can encrypt the returned data according to the terminal public key of the terminal to obtain the fifth communication information.
In an optional implementation manner, the server may encrypt the connection key and the authentication identifier based on a first encryption algorithm according to a terminal public key of the terminal, so as to obtain the fifth communication information.
For example, taking the connection key as the key of the terminal and the authentication identifier as token as an example, the server performs SM2 algorithm encryption on the key of the terminal and the token according to the terminal public key of the terminal to obtain the information returned to the terminal.
307. And responding to the authentication passing of the authentication identification, and sending sixth communication information obtained by encryption according to the connection key to the server by the terminal.
In this embodiment of the application, after the terminal obtains the fifth communication information returned by the server, the terminal can decrypt the fifth communication information according to the terminal private key to obtain the connection key and the authentication identifier.
In an optional implementation manner, the terminal may decrypt, according to a terminal private key, fifth communication information returned by the server based on the first encryption algorithm to obtain a connection key and an authentication identifier, then generate sixth communication information encrypted by the connection key, and in response to the authentication identifier passing authentication, the terminal may send the sixth communication information to the server.
For example, the terminal decrypts the fifth communication information by using the SM2 algorithm according to the terminal private key to obtain the key and token of the terminal, assembles the communication information required to be sent by the terminal, encrypts the communication information by using the SM4 algorithm through the device key, calls a message sending request by the terminal, authenticates the token by the server, and sends the MQTT message to the server after the authentication is passed.
When MQTT communication is performed, the server is called a subscriber and the terminal is called a publisher. After receiving the sixth communication information sent by the terminal, the server performs SM4 algorithm decryption by using the key of the terminal, and then performs verification according to the device number of the terminal in the topic (header field) of the sixth communication information and the device number in the message body of the sixth communication information, after the verification is passed, the server can perform different service processing according to different data, for example, 30001 is a device heartbeat, 30010 is a registered device, and the like, which is not limited in this embodiment of the application.
It should be noted that, in order to make the communication processing method described in the above step 301 to step 307 clearer, referring to fig. 4, fig. 4 is an interaction flowchart of another communication processing method provided according to an embodiment of the present application. As shown in fig. 4, the terminal is equipped with a client, and the server is equipped with a server. And the terminal carries out challenge response to the server through the client. And the server returns the random number to the terminal through the server. The terminal executes the following steps: 1. carrying out SM2 signature on the message data through a terminal private key; 2. SM2 encryption is carried out on the message DATA through the server public key, and then the message DATA is transferred into hexadecimal DATA; 3. DATA is encoded and assigned as MAC field by MD 5. After the terminal accesses the server, the server executes the following steps: 1. encoding the received data by MD5 and verifying the message body with MAC; 2. decrypting the DATA with the SM2 algorithm through the server private key; 3. checking the signature by using an SM2 algorithm according to a terminal public key of the terminal; 4. and encrypting the return data according to the public key of the terminal. And the server returns the encrypted connection key and token to the terminal.
Correspondingly, the interaction mode that the terminal establishes a connection with the server and performs message communication through the MQTT can be seen in fig. 5, where fig. 5 is a schematic view of an interaction flow of the MQTT according to the embodiment of the present application. The terminal, as a publisher of information, connects to a broker (middleware), and the broker returns a connection ACK. The server, as a subscriber of the information, connects to a broker (middleware), and the broker returns a connection ACK. After the connection is established, the server sends subscription information to the browser, such as: topic: "/welink/msg/receive/{ din }", the browser returns a subscription ACK. The terminal sends push information to the browser, such as: topic: "welink/msg/receive/{ din }, payload: SM4 encrypts the message content and the broker returns a push ACK. The broker sends the decrypted push information to the server: topic: "welink/msg/receive/{ din }, payload: SM4 decrypts message content ".
It should be noted that, the above steps 301 to 304 are optional implementations of the communication processing method provided in the embodiment of the present application, and accordingly, the communication processing method has other optional implementations, such as a step of adding TLS certificate verification before the terminal accesses the server. Referring to fig. 6, fig. 6 is an interaction flowchart of another communication processing method provided in the embodiment of the present application, where an authentication step of a TLS certificate is added on the basis of fig. 4: firstly, the terminal applies for creating the product type to which the terminal belongs to the server, and the server returns the TLS certificate. When the terminal is connected through the TCP protocol, the terminal is connected with the server through socket connection, the server authenticates the TLS certificate, and the server returns authentication passing information after the authentication passes. The following steps refer to the related contents in fig. 4, and are not described in detail here.
The embodiment of the application provides a communication processing method, when a terminal applies for establishing communication connection with a server, the terminal encrypts sent data in sequence through a terminal private key of the terminal and a server public key of the server, so that the data sent by the terminal is not easy to steal and tamper, the server can determine the legality of the terminal after authentication, and the safety of the terminal and the server is ensured.
Fig. 7 is a block diagram of a communication processing apparatus according to an embodiment of the present application. The apparatus is used for executing the steps executed by the communication processing method, and referring to fig. 7, the apparatus includes: a first information processing module 701, a second information processing module 702, and a communication connection module 703.
A first information processing module 701, configured to generate first communication information signed by a terminal private key of the terminal, where the first communication information includes a random number acquired from a server, a type identifier of the terminal, and a unique identifier of the terminal;
a second information processing module 702, configured to encrypt the first communication information and the second communication information according to a server public key of the server to obtain third communication information, where the second communication information includes service data;
the communication connection module 703 is configured to establish a communication connection with the server according to an access response returned by the server, where the access response is generated after the server decrypts and authenticates the third communication information.
In an optional implementation manner, the first information processing module 701 is configured to obtain the random number from the server according to a challenge response; and signing the random number, the type identifier of the terminal and the unique identifier of the terminal based on a first encryption algorithm according to a terminal private key of the terminal to obtain the first communication information.
In an optional implementation manner, the second information processing module 702 includes:
the encryption processing unit is used for encrypting the first communication information and the second communication information based on a first encryption algorithm according to a server public key of the server to obtain fourth communication information;
and the conversion processing unit is used for converting the fourth communication information into hexadecimal to obtain the third communication information.
In an optional implementation manner, the conversion processing unit is configured to convert the fourth communication information into hexadecimal to obtain intermediate data; coding the intermediate data to obtain a verification code, wherein the verification code is used for verifying the consistency of the intermediate data; and combining the intermediate data and the verification code to obtain the third communication information.
In an optional implementation, the apparatus further includes:
a third information processing module 704, configured to decrypt, according to the terminal private key and based on a first encryption algorithm, fifth communication information returned by the server to obtain a connection key and an authentication identifier, where the fifth communication information is generated by the server according to the terminal public key of the terminal and based on the first encryption algorithm;
a fourth information processing module 705 for generating sixth communication information encrypted by the connection key;
an information sending module 706, configured to send the sixth communication information in response to the authentication identifier passing the authentication.
In an optional implementation manner, the fourth information processing module 705 is configured to encrypt, according to the connection key, communication data to be sent based on a second encryption algorithm, so as to obtain the sixth communication information.
In an optional implementation manner, the apparatus further includes:
an information obtaining module 707, configured to obtain the running environment information returned by the server;
the information transceiver module 708 is configured to, in response to that a first operating environment indicated by the operating environment information is different from a current second operating environment of the terminal, process receiving and sending of a message according to a service processing flow corresponding to the first operating environment.
The embodiment of the application provides a communication processing method, when a terminal applies for establishing communication connection with a server, the terminal encrypts sent data in sequence through a terminal private key of the terminal and a server public key of the server, so that the data sent by the terminal is not easy to steal and tamper, the server can determine the legality of the terminal after authentication, and the safety of the terminal and the server is ensured.
It should be noted that: in the communication processing apparatus provided in the above embodiment, only the division of the functional modules is illustrated when performing communication processing, and in practical applications, the functions may be distributed by different functional modules as needed, that is, the internal structure of the apparatus may be divided into different functional modules to complete all or part of the functions described above. In addition, the communication processing apparatus and the communication processing method provided in the foregoing embodiments belong to the same concept, and specific implementation processes thereof are described in the method embodiments, and are not described herein again.
Fig. 8 is a block diagram of a terminal 800 according to an embodiment of the present application. The terminal 800 may be a portable mobile terminal such as: a smart phone, a tablet computer, an MP3 player (Moving Picture Experts Group Audio Layer III, motion video Experts compression standard Audio Layer 3), an MP4 player (Moving Picture Experts Group Audio Layer IV, motion video Experts compression standard Audio Layer 4), a notebook computer, or a desktop computer. The terminal 800 may also be referred to by other names such as user equipment, portable terminal, laptop terminal, desktop terminal, etc.
In general, the terminal 800 includes: a processor 801 and a memory 802.
The processor 801 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and so forth. The processor 801 may be implemented in at least one hardware form of a DSP (Digital Signal Processing), an FPGA (Field-Programmable Gate Array), and a PLA (Programmable Logic Array). The processor 801 may also include a main processor and a coprocessor, where the main processor is a processor for Processing data in an awake state, and is also called a Central Processing Unit (CPU); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 801 may be integrated with a GPU (Graphics Processing Unit) which is responsible for rendering and drawing the content required to be displayed by the display screen. In some embodiments, the processor 801 may further include an AI (Artificial Intelligence) processor for processing computing operations related to machine learning.
In some embodiments, the terminal 800 may further optionally include: a peripheral interface 803 and at least one peripheral. The processor 801, memory 802, and peripheral interface 803 may be connected by buses or signal lines. Various peripheral devices may be connected to peripheral interface 803 by a bus, signal line, or circuit board. Specifically, the peripheral device includes: at least one of a radio frequency circuit 804, a display screen 805, a camera assembly 806, an audio circuit 807, a positioning assembly 808, and a power supply 809.
The peripheral interface 803 may be used to connect at least one peripheral related to I/O (Input/Output) to the processor 801 and the memory 802. In some embodiments, the processor 801, memory 802, and peripheral interface 803 are integrated on the same chip or circuit board; in some other embodiments, any one or two of the processor 801, the memory 802, and the peripheral interface 803 may be implemented on separate chips or circuit boards, which are not limited by this embodiment.
The Radio Frequency circuit 804 is used for receiving and transmitting RF (Radio Frequency) signals, also called electromagnetic signals. The radio frequency circuitry 804 communicates with communication networks and other communication devices via electromagnetic signals. The rf circuit 804 converts an electrical signal into an electromagnetic signal to be transmitted, or converts a received electromagnetic signal into an electrical signal. Optionally, the radio frequency circuit 804 includes: an antenna system, an RF transceiver, one or more amplifiers, a tuner, an oscillator, a digital signal processor, a codec chipset, a subscriber identity module card, and so forth. The radio frequency circuit 804 may communicate with other terminals via at least one wireless communication protocol. The wireless communication protocols include, but are not limited to: the world wide web, metropolitan area networks, intranets, generations of mobile communication networks (2G, 3G, 4G, and 5G), Wireless local area networks, and/or WiFi (Wireless Fidelity) networks. In some embodiments, the radio frequency circuit 804 may further include NFC (Near Field Communication) related circuits, which are not limited in this application.
The display screen 805 is used to display a UI (User Interface). The UI may include graphics, text, icons, video, and any combination thereof. When the display 805 is a touch display, the display 805 also has the ability to capture touch signals on or above the surface of the display 805. The touch signal may be input to the processor 801 as a control signal for processing. At this point, the display 805 may also be used to provide virtual buttons and/or a virtual keyboard, also referred to as soft buttons and/or a soft keyboard. In some embodiments, the display 805 may be one, disposed on a front panel of the terminal 800; in other embodiments, the display 805 may be at least two, respectively disposed on different surfaces of the terminal 800 or in a foldable design; in other embodiments, the display 805 may be a flexible display disposed on a curved surface or a folded surface of the terminal 800. Even further, the display 805 may be arranged in a non-rectangular irregular pattern, i.e., a shaped screen. The Display 805 can be made of LCD (Liquid Crystal Display), OLED (Organic Light-Emitting Diode), and other materials.
The camera assembly 806 is used to capture images or video. Optionally, camera assembly 806 includes a front camera and a rear camera. Generally, a front camera is disposed at a front panel of the terminal, and a rear camera is disposed at a rear surface of the terminal. In some embodiments, the number of the rear cameras is at least two, and each rear camera is any one of a main camera, a depth-of-field camera, a wide-angle camera and a telephoto camera, so that the main camera and the depth-of-field camera are fused to realize a background blurring function, and the main camera and the wide-angle camera are fused to realize panoramic shooting and VR (Virtual Reality) shooting functions or other fusion shooting functions. In some embodiments, camera head assembly 806 may also include a flash. The flash lamp can be a monochrome temperature flash lamp or a bicolor temperature flash lamp. The double-color-temperature flash lamp is a combination of a warm-light flash lamp and a cold-light flash lamp and can be used for light compensation under different color temperatures.
The audio circuit 807 may include a microphone and a speaker. The microphone is used for collecting sound waves of a user and the environment, converting the sound waves into electric signals, and inputting the electric signals to the processor 801 for processing or inputting the electric signals to the radio frequency circuit 804 to realize voice communication. For the purpose of stereo sound collection or noise reduction, a plurality of microphones may be provided at different portions of the terminal 800. The microphone may also be an array microphone or an omni-directional acquisition microphone. The speaker is used to convert electrical signals from the processor 801 or the radio frequency circuit 804 into sound waves. The loudspeaker can be a traditional film loudspeaker or a piezoelectric ceramic loudspeaker. When the speaker is a piezoelectric ceramic speaker, the speaker can be used for purposes such as converting an electric signal into a sound wave audible to a human being, or converting an electric signal into a sound wave inaudible to a human being to measure a distance. In some embodiments, the audio circuitry 807 may also include a headphone jack.
The positioning component 808 is used to locate the current geographic position of the terminal 800 for navigation or LBS (Location Based Service). The Positioning component 808 may be a Positioning component based on the Global Positioning System (GPS) in the united states, the beidou System in china, or the galileo System in russia.
A power supply 809 is used to supply power to the various components in the terminal 800. The power supply 809 can be ac, dc, disposable or rechargeable. When the power supply 809 includes a rechargeable battery, the rechargeable battery can be a wired rechargeable battery or a wireless rechargeable battery. The wired rechargeable battery is a battery charged through a wired line, and the wireless rechargeable battery is a battery charged through a wireless coil. The rechargeable battery may also be used to support fast charge technology.
In some embodiments, the terminal 800 also includes one or more sensors 810. The one or more sensors 810 include, but are not limited to: acceleration sensor 811, gyro sensor 812, pressure sensor 813, fingerprint sensor 814, optical sensor 815 and proximity sensor 816.
The acceleration sensor 811 may detect the magnitude of acceleration in three coordinate axes of the coordinate system established with the terminal 800. For example, the acceleration sensor 811 may be used to detect components of the gravitational acceleration in three coordinate axes. The processor 801 may control the display 805 to display the user interface in a landscape view or a portrait view according to the gravitational acceleration signal collected by the acceleration sensor 811. The acceleration sensor 811 may also be used for acquisition of motion data of a game or a user.
The gyro sensor 812 may detect a body direction and a rotation angle of the terminal 800, and the gyro sensor 812 may cooperate with the acceleration sensor 811 to acquire a 3D motion of the user with respect to the terminal 800. From the data collected by the gyro sensor 812, the processor 801 may implement the following functions: motion sensing (such as changing the UI according to a user's tilting operation), image stabilization at the time of photographing, game control, and inertial navigation.
Pressure sensors 813 may be disposed on the side frames of terminal 800 and/or underneath display 805. When the pressure sensor 813 is disposed on the side frame of the terminal 800, the holding signal of the user to the terminal 800 can be detected, and the processor 801 performs left-right hand recognition or shortcut operation according to the holding signal collected by the pressure sensor 813. When the pressure sensor 813 is disposed at a lower layer of the display screen 805, the processor 801 controls the operability control on the UI interface according to the pressure operation of the user on the display screen 805. The operability control comprises at least one of a button control, a scroll bar control, an icon control and a menu control.
The fingerprint sensor 814 is used for collecting a fingerprint of the user, and the processor 801 identifies the identity of the user according to the fingerprint collected by the fingerprint sensor 814, or the fingerprint sensor 814 identifies the identity of the user according to the collected fingerprint. Upon identifying that the user's identity is a trusted identity, the processor 801 authorizes the user to perform relevant sensitive operations including unlocking a screen, viewing encrypted information, downloading software, paying for and changing settings, etc. Fingerprint sensor 814 may be disposed on the front, back, or side of terminal 800. When a physical button or a vendor Logo is provided on the terminal 800, the fingerprint sensor 814 may be integrated with the physical button or the vendor Logo.
The optical sensor 815 is used to collect the ambient light intensity. In one embodiment, processor 801 may control the display brightness of display 805 based on the ambient light intensity collected by optical sensor 815. Specifically, when the ambient light intensity is high, the display brightness of the display screen 805 is increased; when the ambient light intensity is low, the display brightness of the display 805 is reduced. In another embodiment, the processor 801 may also dynamically adjust the shooting parameters of the camera assembly 806 based on the ambient light intensity collected by the optical sensor 815.
A proximity sensor 816, also known as a distance sensor, is typically provided on the front panel of the terminal 800. The proximity sensor 816 is used to collect the distance between the user and the front surface of the terminal 800. In one embodiment, when the proximity sensor 816 detects that the distance between the user and the front surface of the terminal 800 gradually decreases, the processor 801 controls the display 805 to switch from the bright screen state to the dark screen state; when the proximity sensor 816 detects that the distance between the user and the front surface of the terminal 800 is gradually increased, the display 805 is controlled by the processor 801 to switch from the rest state to the light state.
Those skilled in the art will appreciate that the configuration shown in fig. 8 is not intended to be limiting of terminal 800, and may include more or fewer components than shown, or some components may be combined, or a different arrangement of components may be used.
Fig. 9 is a schematic structural diagram of a server according to an embodiment of the present application, where the server 900 may generate a relatively large difference due to different configurations or performances, and can include one or more processors (CPUs) 901 and one or more memories 902, where the memory 902 stores at least one program code, and the at least one program code is loaded and executed by the processors 901 to implement the communication Processing method provided by the foregoing method embodiments. Certainly, the server can also have components such as a wired or wireless network interface, a keyboard, an input/output interface, and the like so as to perform input and output, and the server can also include other components for realizing the functions of the device, which is not described herein again.
The embodiment of the present application further provides a computer-readable storage medium, which is applied to a terminal or a server, and at least one program code is stored in the computer-readable storage medium, and the at least one program code is loaded and executed by a processor to implement the operations performed by the terminal or the server in the communication processing method of the foregoing embodiment.
Embodiments of the present application also provide a computer program product or a computer program comprising computer program code stored in a computer readable storage medium. The processor of the terminal reads the computer program code from the computer-readable storage medium, and the processor executes the computer program code, so that the terminal performs the communication processing method provided in the above-described various alternative implementations.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only exemplary of the present application and should not be taken as limiting, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the protection scope of the present application.
Claims (9)
1. A communication processing method is applied to a terminal, and the method comprises the following steps:
generating first communication information signed by a terminal private key of the terminal, wherein the first communication information comprises a random number acquired from a server, a type identifier of the terminal and a unique identifier of the terminal;
encrypting the first communication information and the second communication information according to a server public key of the server to obtain third communication information, wherein the second communication information comprises service data;
establishing communication connection with the server according to an access response returned by the server, wherein the access response is generated after the server decrypts and authenticates the third communication information;
acquiring running environment information returned by the server, wherein the running environment information is used for indicating the running environment of the server, and the running environment comprises a public cloud, a private cloud and a single server;
and responding to the fact that a first operation environment indicated by the operation environment information is different from a current second operation environment of the terminal, and receiving and sending messages according to a service processing flow corresponding to the first operation environment.
2. The method of claim 1, wherein generating the first communication signed by a terminal private key of the terminal comprises:
acquiring the random number from the server according to the challenge response;
and signing the random number, the type identifier of the terminal and the unique identifier of the terminal based on a first encryption algorithm according to a terminal private key of the terminal to obtain the first communication information.
3. The method according to claim 1, wherein the encrypting the first communication information and the second communication information according to the server public key of the server to obtain third communication information comprises:
encrypting the first communication information and the second communication information based on a first encryption algorithm according to a server public key of the server to obtain fourth communication information;
and converting the fourth communication information into hexadecimal to obtain the third communication information.
4. The method according to claim 3, wherein the converting the fourth communication information into hexadecimal to obtain the third communication information comprises:
converting the fourth communication information into hexadecimal to obtain intermediate data;
coding the intermediate data to obtain a verification code, wherein the verification code is used for verifying the consistency of the intermediate data;
and combining the intermediate data and the verification code to obtain the third communication information.
5. The method according to claim 1, wherein after establishing the communication connection with the server according to the access response returned by the server, the method further comprises:
according to the terminal private key, based on a first encryption algorithm, decrypting fifth communication information returned by the server to obtain a connection key and an authentication identifier, wherein the fifth communication information is generated by the server according to a terminal public key of the terminal based on the first encryption algorithm;
generating sixth communication information encrypted by the join key;
and responding to the authentication identification passing the authentication, and sending the sixth communication information.
6. The method according to claim 5, wherein the generating the sixth communication information encrypted by the join key comprises:
and encrypting the communication data to be sent based on a second encryption algorithm according to the connection key to obtain the sixth communication information.
7. A communication processing apparatus, applied to a terminal, the apparatus comprising:
the first information processing module is used for generating first communication information signed by a terminal private key of the terminal, and the first communication information comprises a random number acquired from a server, a type identifier of the terminal and a unique identifier of the terminal;
the second information processing module is used for encrypting the first communication information and the second communication information according to a server public key of the server to obtain third communication information, wherein the second communication information comprises service data;
the communication connection module is used for establishing communication connection with the server according to an access response returned by the server, and the access response is generated after the server decrypts and authenticates the third communication information;
the information acquisition module is used for acquiring running environment information returned by the server, wherein the running environment information is used for indicating the running environment of the server, and the running environment comprises a public cloud, a private cloud and a single server;
and the information receiving and sending module is used for responding to the difference between the first operating environment indicated by the operating environment information and the current second operating environment of the terminal, and processing the receiving and sending of the message according to the business processing flow corresponding to the first operating environment.
8. A computer device, characterized in that the computer device comprises a processor and a memory for storing at least one piece of program code, which is loaded by the processor and executes the communication processing method of any of claims 1 to 6.
9. A storage medium for storing at least one piece of program code for executing the communication processing method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010962616.2A CN112073421B (en) | 2020-09-14 | 2020-09-14 | Communication processing method, communication processing device, terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010962616.2A CN112073421B (en) | 2020-09-14 | 2020-09-14 | Communication processing method, communication processing device, terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112073421A CN112073421A (en) | 2020-12-11 |
| CN112073421B true CN112073421B (en) | 2022-07-08 |
Family
ID=73695632
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010962616.2A Active CN112073421B (en) | 2020-09-14 | 2020-09-14 | Communication processing method, communication processing device, terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112073421B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112953968A (en) * | 2021-03-30 | 2021-06-11 | 云谷技术(珠海)有限公司 | Power distribution terminal operation and maintenance communication method and device based on security authentication |
| CN113114775A (en) * | 2021-04-17 | 2021-07-13 | 深圳前海云充科技有限公司 | Finite resource networking method, system, computer device and storage medium |
| CN113905368A (en) * | 2021-12-06 | 2022-01-07 | 武汉天喻信息产业股份有限公司 | Mobile terminal secure communication method, device, equipment and readable storage medium |
| CN115296825A (en) * | 2022-10-09 | 2022-11-04 | 安徽华云安科技有限公司 | Authentication method based on random number, first terminal, device and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007274101A (en) * | 2006-03-30 | 2007-10-18 | Nec Corp | Portable telephone terminal, tampering prevention system and method |
| CN101552986A (en) * | 2009-05-06 | 2009-10-07 | 中兴通讯股份有限公司 | Access authentication method and system of streaming media service |
| CN101795301A (en) * | 2009-12-30 | 2010-08-04 | 北京交通大学 | Key complaint method for enhancement of authenticity guarantee of source address |
| CN102761420A (en) * | 2012-08-08 | 2012-10-31 | 飞天诚信科技股份有限公司 | Security certification method |
| CN107948213A (en) * | 2018-01-17 | 2018-04-20 | 深圳中电国际信息科技有限公司 | A kind of encryption and authentication method, system, device and computer-readable recording medium |
| CN109547471A (en) * | 2018-12-24 | 2019-03-29 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Network communication method and device |
| CN111148098A (en) * | 2019-12-30 | 2020-05-12 | 江苏全链通信息科技有限公司 | 5G terminal equipment registration method, equipment and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016106510A1 (en) * | 2014-12-29 | 2016-07-07 | 华为技术有限公司 | Security protection method and device |
-
2020
- 2020-09-14 CN CN202010962616.2A patent/CN112073421B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007274101A (en) * | 2006-03-30 | 2007-10-18 | Nec Corp | Portable telephone terminal, tampering prevention system and method |
| CN101552986A (en) * | 2009-05-06 | 2009-10-07 | 中兴通讯股份有限公司 | Access authentication method and system of streaming media service |
| CN101795301A (en) * | 2009-12-30 | 2010-08-04 | 北京交通大学 | Key complaint method for enhancement of authenticity guarantee of source address |
| CN102761420A (en) * | 2012-08-08 | 2012-10-31 | 飞天诚信科技股份有限公司 | Security certification method |
| CN107948213A (en) * | 2018-01-17 | 2018-04-20 | 深圳中电国际信息科技有限公司 | A kind of encryption and authentication method, system, device and computer-readable recording medium |
| CN109547471A (en) * | 2018-12-24 | 2019-03-29 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Network communication method and device |
| CN111148098A (en) * | 2019-12-30 | 2020-05-12 | 江苏全链通信息科技有限公司 | 5G terminal equipment registration method, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112073421A (en) | 2020-12-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112733107B (en) | Information verification method, related device, equipment and storage medium | |
| JP7338044B2 (en) | Face image transmission method, value transfer method, device and electronic device | |
| CN112073421B (en) | Communication processing method, communication processing device, terminal and storage medium | |
| US20210243603A1 (en) | Wireless network access method, apparatus, device, equipment and system | |
| CN111245745B (en) | Message sending method, device, node equipment and storage medium | |
| CN112711774B (en) | Data processing method, device, equipment and storage medium | |
| US20140068261A1 (en) | Methods And Apparatus For Use In Sharing Credentials Amongst A Plurality Of Mobile Communication Devices | |
| CN112417425A (en) | Equipment authentication method, device, system, terminal equipment and storage medium | |
| CN107968783B (en) | Traffic management method, device, terminal and computer readable storage medium | |
| CN108810019B (en) | Denial-of-service attack defense method, device, equipment and storage medium | |
| CN112765684B (en) | Block chain node terminal management method, device, equipment and storage medium | |
| CN112003879B (en) | Data transmission method for virtual scene, computer device and storage medium | |
| CN111506884A (en) | User invitation method, device, computer equipment and computer readable storage medium | |
| CN108769992B (en) | User authentication method, device, terminal and storage medium | |
| CN111355732B (en) | Link detection method and device, electronic equipment and storage medium | |
| CN110597924B (en) | Block chain-based user identification processing method, device, equipment and storage medium | |
| CN110598386B (en) | Block chain-based data processing method, device, equipment and storage medium | |
| CN110826103A (en) | Block chain-based document authority processing method, device, equipment and storage medium | |
| CN111404991A (en) | Method, device, electronic equipment and medium for acquiring cloud service | |
| CN113726521A (en) | Communication method, communication device, electronic equipment and readable storage medium | |
| CN110365501B (en) | Method and device for group joining processing based on graphic code | |
| CN110677262A (en) | Block chain-based information notarization method, device and system | |
| CN111970298A (en) | Application access method and device, storage medium and computer equipment | |
| CN113852459B (en) | Key agreement method, device and computer readable storage medium | |
| CN110597840A (en) | Partner relationship establishing method, device, equipment and storage medium based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |