CN112291296A - Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof - Google Patents

Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof Download PDF

Info

Publication number
CN112291296A
CN112291296A CN202010878651.6A CN202010878651A CN112291296A CN 112291296 A CN112291296 A CN 112291296A CN 202010878651 A CN202010878651 A CN 202010878651A CN 112291296 A CN112291296 A CN 112291296A
Authority
CN
China
Prior art keywords
data
network element
internet
things equipment
sentinel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010878651.6A
Other languages
Chinese (zh)
Other versions
CN112291296B (en
Inventor
杨一峰
陈凯
陆乐
陆杨
陈栋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Badu Technology Co ltd
Original Assignee
Zhejiang Badu Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Badu Technology Co ltd filed Critical Zhejiang Badu Technology Co ltd
Priority to CN202010878651.6A priority Critical patent/CN112291296B/en
Publication of CN112291296A publication Critical patent/CN112291296A/en
Application granted granted Critical
Publication of CN112291296B publication Critical patent/CN112291296B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • AHUMAN NECESSITIES
    • A62LIFE-SAVING; FIRE-FIGHTING
    • A62CFIRE-FIGHTING
    • A62C37/00Control of fire-fighting equipment
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • G16Y30/10Security thereof
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/10Detection; Monitoring
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/561Adding application-functional data or data for application control, e.g. adding metadata
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms

Abstract

The invention discloses an Internet of things equipment access system for an urban fire-fighting remote monitoring system and a method thereof. The access method of the Internet of things equipment for the urban fire-fighting remote monitoring system comprises a data uplink step and a data downlink step, wherein: the data uplink step comprises the following steps: step 1: and a sentinel network element is additionally arranged and is responsible for the connection and management of the Internet of things equipment, the national standard protocol adopted by the Internet of things equipment is analyzed and a private protocol is secondarily encapsulated, and the uplink data is encrypted and sent to the middle station network element. The invention discloses an Internet of things equipment access system for an urban fire-fighting remote monitoring system and a method thereof, which expand a network element system and improve the safety and stability of network elements.

Description

Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof
Technical Field
The invention belongs to the field of urban fire-fighting remote monitoring systems, and particularly relates to an Internet of things equipment access method for an urban fire-fighting remote monitoring system and an Internet of things equipment access system for the urban fire-fighting remote monitoring system.
Background
The internet of things equipment represented by the user information transmission device is core front-end internet of things equipment of the urban fire-fighting remote monitoring system, is used for acquiring and transmitting various user alarm information and equipment state information acquired from traditional fire-fighting equipment, and partially has the function of downlink control of the fire-fighting equipment.
At present, most of the Internet of things equipment adopts a national standard protocol for communication. And the internet of things equipment is generally a direct connection background server.
1. As the background server is directly connected, the number of the devices is increased along with the expansion of the service, the pressure of the background server is increased, so that the stability of the server is reduced, the normal service processing is influenced, or all the connected equipment connected with the internet of things are broken down after the port of the host computer is in failure.
2. Because the public national standard protocol is used, the communication process has no information encryption and verification, which is equivalent to transparent transmission, so that the information data is easy to leak.
3. In the communication process, no equipment authentication exists, so that illegal equipment can be connected with a background server, or a computer is used for forging the equipment of the internet of things, and illegal attack is carried out after long connection is established.
Disclosure of Invention
Aiming at the conditions of the prior art, the invention overcomes the defects and provides an access method of an internet of things device for an urban fire-fighting remote monitoring system and an access system of the internet of things device for the urban fire-fighting remote monitoring system.
The invention discloses an access system and an access method of an internet of things device for an urban fire-fighting remote monitoring system, and mainly aims to provide an access system architecture model of the internet of things device for the urban fire-fighting remote monitoring system so as to improve the reliability and stability of the access system of the whole internet of things device.
The invention discloses an access system and an access method of an internet of things device for an urban fire-fighting remote monitoring system, and further aims to improve the safety of data transmission through measures such as data security encryption and secondary packaging protocol.
The invention discloses an access system and a method of an internet of things device for an urban fire-fighting remote monitoring system, and the other purpose is to improve the security of device access through measures such as authentication, verification and the like.
The invention adopts the following technical scheme that the access method of the Internet of things equipment for the urban fire-fighting remote monitoring system comprises a data uplink step and a data downlink step, wherein:
the data uplink step comprises the following steps:
step 1: a sentinel network element is additionally arranged and is responsible for the connection and management of the Internet of things equipment, the national standard protocol adopted by the Internet of things equipment is analyzed and a private protocol is secondarily encapsulated, and uplink data is encrypted and sent to a middle station network element;
step 2: the method comprises the steps that a middle station network element is additionally arranged and is responsible for connection and management of the sentinel network element, upstream data of the sentinel network element are decrypted, the source and the legality of the upstream data are verified, and the data are converted into a predefined uniform data exchange format and are sent to a data network element after being encrypted;
and step 3: the data network element is additionally arranged and is responsible for the connection and management of the middle station network element, the decryption and preprocessing processing is carried out on the uplink data sent by the middle station network element, and the processed data are transmitted to the server;
the data downlink step comprises the following steps:
and 4, step 4: data network element data are issued, and downlink data issued by an application server are processed, preprocessed and encrypted through a data network element and then sent to a middle station network element;
and 5: the middle station network element issues data, and the middle station network element decrypts, encapsulates and encrypts downlink data sent by the data network element and sends the downlink data to the sentinel network element;
step 6: and issuing the data of the sentinel network element, decrypting, unpacking and repackaging the downlink data sent by the central network element by the sentinel network element into a national standard protocol, and sending the data to corresponding front-end equipment.
According to the above technical solution, as a further preferable technical solution of the above technical solution, the step 1 is specifically implemented as the following steps:
1.1: 2 sentinel network elements are equipped to be connected with the same front-end internet of things device, a dual-computer hot standby method is adopted, data and connection of the internet of things device are monitored, a redundancy strategy is adopted for uplink data, and once one of the sentinel network elements goes down, data transmitted by the internet of things device is not affected;
1.2: the sentinel network element receives a national standard protocol data packet sent by the user information transmission device, carries out header, packet tail and CRC (cyclic redundancy check) on the data packet, discards the data packet if the data packet is an illegal packet, and enters the next step if the data packet is a legal packet;
1.3: the sentinel network element analyzes and unpacks to obtain the numerical values of a source address and a target address in a data packet, the value of the source address and the value of the port number of the current sentinel network element are subjected to exclusive OR calculation, the calculation result is compared with the value of the target address, the preliminary access authentication is completed if the two values are equal, the next step is carried out, if the two values are not equal, illegal data are recorded in a log and discarded, and meanwhile, a connecting channel is closed;
1.4: packing the legal data obtained by unpacking and the relevant information of the sentinel network element according to a proprietary protocol format standard;
1.5: carrying out AES symmetric algorithm encryption on the data packed in the step;
1.6: and sending the encrypted data packet to a middle station network element.
According to the above technical solution, as a further preferable technical solution of the above technical solution, the step 2 is specifically implemented as the following steps:
2.1: more than 2 middle network elements are allocated, all the middle network elements are registered to the distributed service management server and are subjected to unified management, all the sentinel network elements can automatically select to access any one of the middle network elements according to address information issued by the distributed service, and after the sentinel network elements are disconnected from one of the middle network elements, other middle network elements can be switched, so that the whole system is not influenced;
2.2: the middle station network element decrypts the received data by using an AES symmetric algorithm; entering the next step after decryption is successful, logging in the case of decryption failure and discarding data;
2.3: unpacking the private protocol, checking the format of the private protocol, entering the next step if the checking is passed, logging in and discarding data if the checking is not passed;
2.4: acquiring the number of the sentinel network element in the private protocol and verifying the number against the white list data, if the verification is passed, entering the next step, if the verification is not passed, logging and discarding the data, and closing the connection channel;
2.5: converting the unpacked data into a uniform data exchange format according to a predefined format;
2.6: the middle station network element encrypts the converted data by using an AES symmetric algorithm and pushes the encrypted data to the data network element.
According to the above technical solution, as a further preferable technical solution of the above technical solution, the step 3 is specifically implemented as the following steps:
3.1: acquiring data provided by a middle station network element, decrypting and verifying, logging and discarding the data if the data do not pass the verification, and entering the next step if the data pass the verification;
3.2, judging whether the information is the keep-alive information of the Internet of things equipment, if so, replying confirmation data to the middle station network element, and performing a downlink step, otherwise, performing the next step;
3.3: judging whether the data information is feedback information of a downlink event or not according to the data, if so, storing a downlink event feedback log, and triggering a downlink event callback, otherwise, executing the next step;
3.4: judging whether the data information is uplink event information or not according to the data, if so, storing the data information into an uplink event log, and triggering an uplink event rule engine, otherwise, executing the next step;
3.5: and recording the information into other message logs, and finishing the uplink step.
According to the above technical solution, as a further preferable technical solution of the above technical solution, the step 4 is specifically implemented as the following steps:
4.1: the data network element receives downlink data issued by an application server or replies the keep-alive information of the Internet of things equipment, and firstly, the number of a middle station network element on a link where the Internet of things equipment is located is inquired in a data network element cache according to the number of the Internet of things equipment;
4.2: and the data network element packs the data into a data packet with a uniform data exchange format, encrypts the data packet by adopting an AES (advanced encryption standard) symmetric algorithm and pushes the data packet to a corresponding middle station network element.
According to the above technical solution, as a further preferable technical solution of the above technical solution, the step 5 is specifically implemented as the following steps:
5.1: the middle station network element receives the downlink data of the data network element, and after the downlink data is decrypted by an AES symmetric algorithm, the uniform data exchange format data is analyzed, and the number of the sentinel network element where the Internet of things equipment is located is obtained;
5.2: and the middle station network element packs the data into a private protocol, encrypts the data again by adopting an AES symmetric algorithm, and pushes the data packet to a corresponding sentinel network element according to the sentinel network element number information.
According to the above technical solution, as a further preferable technical solution of the above technical solution, the step 6 is specifically implemented as the following steps:
6.1: the sentinel network element receives the downlink data of the middle station network element, and after the downlink data is decrypted by an AES symmetric algorithm, the private protocol is analyzed, and the serial number of the Internet of things equipment is obtained;
6.2: and the sentinel network element packs the data into a national standard protocol and pushes the data packet to corresponding Internet of things equipment according to the serial number information of the Internet of things equipment.
The invention further discloses an access system of the Internet of things equipment for the urban fire-fighting remote monitoring system, which is used for implementing the steps of the access method of the Internet of things equipment for the urban fire-fighting remote monitoring system disclosed by any one of the technical schemes.
The invention further discloses an electronic device, which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein when the processor executes the program, the steps of the method for accessing the Internet of things device for the urban fire-fighting remote monitoring system disclosed by any one of the technical schemes are realized.
The invention further discloses a non-transitory computer readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the method for accessing the internet of things device for the urban fire-fighting remote monitoring system as disclosed in any one of the above technical solutions.
The Internet of things equipment access system for the urban fire-fighting remote monitoring system and the method thereof have the advantages of expanding a network element system and improving the safety and stability of the network element.
Drawings
Fig. 1 is a schematic of the topology of the present invention.
Detailed Description
The invention discloses an access method of an internet of things device for an urban fire-fighting remote monitoring system and an access system of the internet of things device for the urban fire-fighting remote monitoring system.
It should be noted that the "sentinel network element" according to various embodiments of the present invention is defined as a network element that is composed of an electronic device with networking function and computer software running on the electronic device, is used for connecting an internet of things device for an urban fire-fighting remote system and other network devices, and has data processing capability.
It should be noted that the "middle station network element" according to various embodiments of the present invention is defined as a network element that is composed of an electronic device with networking function and computer software running on the device, is used for connecting a sentinel network element and a data network element, and has data processing capability.
It should be noted that the "data network element" according to various embodiments of the present invention is defined as a network element that is composed of an electronic device with networking function and computer software running on the electronic device, is used for connecting a middlebox element and an application server, and has data processing capability.
It is worth mentioning that various embodiments of the present invention relate to "keep-alive messages", which are defined as simple information that a device sends periodically to ensure the validity of a link.
Referring to fig. 1 of the drawings, in part or in whole, various embodiments of the invention, fig. 1 illustrates a topology.
Preferred embodiments.
Preferably, the access method of the internet of things equipment for the urban fire-fighting remote monitoring system comprises a data uplink step and a data downlink step, wherein:
the data uplink step comprises the following steps:
step 1: a sentinel network element is additionally arranged and is responsible for the connection and management of the Internet of things equipment, the national standard protocol adopted by the Internet of things equipment is analyzed and a private protocol is secondarily encapsulated, and uplink data is encrypted and sent to a middle station network element;
step 2: the method comprises the steps that a middle station network element is additionally arranged and is responsible for connection and management of the sentinel network element, upstream data of the sentinel network element are decrypted, the source and the legality of the upstream data are verified, and the data are converted into a predefined uniform data exchange format and are sent to a data network element after being encrypted;
and step 3: the data network element is additionally arranged and is responsible for the connection and management of the middle station network element, the decryption and preprocessing processing is carried out on the uplink data sent by the middle station network element, and the processed data are transmitted to the server;
the data downlink step comprises the following steps:
and 4, step 4: data network element data are issued, and downlink data issued by an application server are processed, preprocessed and encrypted through a data network element and then sent to a middle station network element;
and 5: the middle station network element issues data, and the middle station network element decrypts, encapsulates and encrypts downlink data sent by the data network element and sends the downlink data to the sentinel network element;
step 6: and issuing the data of the sentinel network element, decrypting, unpacking and repackaging the downlink data sent by the central network element by the sentinel network element into a national standard protocol, and sending the data to corresponding front-end equipment.
Further, step 1 (i.e. adding sentinel network elements) is implemented as the following steps:
1.1: 2 sentinel network elements are equipped to be connected with the same front-end internet of things device, a dual-computer hot standby method is adopted, data and connection of the internet of things device are monitored, a redundancy strategy is adopted for uplink data, and once one of the sentinel network elements goes down, data transmitted by the internet of things device is not affected;
1.2: the sentinel network element receives a national standard protocol data packet sent by the user information transmission device, carries out header, packet tail and CRC (cyclic redundancy check) on the data packet, discards the data packet if the data packet is an illegal packet, and enters the next step if the data packet is a legal packet;
1.3: the sentinel network element analyzes and unpacks to obtain the numerical values of a source address and a target address in a data packet, the value of the source address and the value of the port number of the current sentinel network element are subjected to exclusive OR calculation, the calculation result is compared with the value of the target address, the preliminary access authentication is completed if the two values are equal, the next step is carried out, if the two values are not equal, illegal data are recorded in a log and discarded, and meanwhile, a connecting channel is closed;
1.4: packing the legal data obtained by unpacking and the relevant information of the sentinel network element according to a proprietary protocol format standard;
1.5: carrying out AES symmetric algorithm encryption on the data packed in the step;
1.6: and sending the encrypted data packet to a middle station network element.
Further, step 2 (i.e. adding a middle station network element) is implemented as the following steps:
2.1: more than 2 middle network elements are allocated, all the middle network elements are registered to the distributed service management server and are subjected to unified management, all the sentinel network elements can automatically select to access any one of the middle network elements according to address information issued by the distributed service, and after the sentinel network elements are disconnected from one of the middle network elements, other middle network elements can be switched, so that the whole system is not influenced;
2.2: the middle station network element decrypts the received data by using an AES symmetric algorithm; entering the next step after decryption is successful, logging in the case of decryption failure and discarding data;
2.3: unpacking the private protocol, checking the format of the private protocol, entering the next step if the checking is passed, logging in and discarding data if the checking is not passed;
2.4: acquiring the number of the sentinel network element in the private protocol and verifying the number against the white list data, if the verification is passed, entering the next step, if the verification is not passed, logging and discarding the data, and closing the connection channel;
2.5: converting the unpacked data into a uniform data exchange format according to a predefined format;
2.6: the middle station network element encrypts the converted data by using an AES symmetric algorithm and pushes the encrypted data to the data network element.
Further, step 3 (i.e. adding a data network element) is implemented as the following steps:
3.1: acquiring data provided by a middle station network element, decrypting and verifying, logging and discarding the data if the data do not pass the verification, and entering the next step if the data pass the verification;
3.2, judging whether the information is the keep-alive information of the Internet of things equipment, if so, replying confirmation data to the middle station network element, and performing a downlink step, otherwise, performing the next step;
3.3: judging whether the data information is feedback information of a downlink event or not according to the data, if so, storing a downlink event feedback log, and triggering a downlink event callback, otherwise, executing the next step;
3.4: judging whether the data information is uplink event information or not according to the data, if so, storing the data information into an uplink event log, and triggering an uplink event rule engine, otherwise, executing the next step;
3.5: and recording the information into other message logs, and finishing the uplink step.
Further, step 4 (i.e. data network element data transmission) is implemented as the following steps:
4.1: the data network element receives downlink data issued by an application server or replies the keep-alive information of the Internet of things equipment, and firstly, the number of a middle station network element on a link where the Internet of things equipment is located is inquired in a data network element cache according to the number of the Internet of things equipment;
4.2: and the data network element packs the data into a data packet with a uniform data exchange format, encrypts the data packet by adopting an AES (advanced encryption standard) symmetric algorithm and pushes the data packet to a corresponding middle station network element.
Further, step 5 (i.e. the middle station network element data transmission) is implemented as the following steps:
5.1: the middle station network element receives the downlink data of the data network element, and after the downlink data is decrypted by an AES symmetric algorithm, the uniform data exchange format data is analyzed, and the number of the sentinel network element where the Internet of things equipment is located is obtained;
5.2: and the middle station network element packs the data into a private protocol, encrypts the data again by adopting an AES symmetric algorithm, and pushes the data packet to a corresponding sentinel network element according to the sentinel network element number information.
Further, step 6 (i.e. sentinel network element data transmission) is implemented as the following steps:
6.1: the sentinel network element receives the downlink data of the middle station network element, and after the downlink data is decrypted by an AES symmetric algorithm, the private protocol is analyzed, and the serial number of the Internet of things equipment is obtained;
6.2: and the sentinel network element packs the data into a national standard protocol and pushes the data packet to corresponding Internet of things equipment according to the serial number information of the Internet of things equipment.
It should be noted that this embodiment also discloses an electronic device, which includes a memory, a processor, and a computer program stored on the memory and capable of running on the processor, where the processor executes the program to implement the steps of the method for accessing the internet of things device for the urban fire-fighting remote monitoring system disclosed in any one of the above technical solutions of this embodiment.
It should be noted that the present embodiment also discloses a non-transitory computer readable storage medium, on which a computer program is stored, and the computer program, when being executed by a processor, implements the steps of the method for accessing an internet of things device for an urban fire protection remote monitoring system as disclosed in any of the above technical solutions of the present embodiment.
It should be noted that the general concept of the internet of things device access system for the urban fire-fighting remote monitoring system and the method thereof disclosed by the embodiments of the invention is not limited to the field and application of the urban fire-fighting remote monitoring system.
It should be noted that the technical features such as dual-computer hot standby and distributed service related to the present patent application should be regarded as the prior art, and the specific structure, the operating principle, the control mode and the spatial arrangement mode of the technical features may be conventional choices in the field, and should not be regarded as the invention point of the present patent, and the present patent is not further specifically described in detail.
It will be apparent to those skilled in the art that modifications and equivalents may be made in the embodiments and/or portions thereof without departing from the spirit and scope of the present invention.

Claims (10)

1. An access method of an Internet of things device for an urban fire-fighting remote monitoring system is characterized by comprising a data uplink step and a data downlink step, wherein:
the data uplink step comprises the following steps:
step 1: a sentinel network element is additionally arranged and is responsible for the connection and management of the Internet of things equipment, the national standard protocol adopted by the Internet of things equipment is analyzed and a private protocol is secondarily encapsulated, and uplink data is encrypted and sent to a middle station network element;
step 2: the method comprises the steps that a middle station network element is additionally arranged and is responsible for connection and management of the sentinel network element, upstream data of the sentinel network element are decrypted, the source and the legality of the upstream data are verified, and the data are converted into a predefined uniform data exchange format and are sent to a data network element after being encrypted;
and step 3: the data network element is additionally arranged and is responsible for the connection and management of the middle station network element, the decryption and preprocessing processing is carried out on the uplink data sent by the middle station network element, and the processed data are transmitted to the server;
the data downlink step comprises the following steps:
and 4, step 4: data network element data are issued, and downlink data issued by an application server are processed, preprocessed and encrypted through a data network element and then sent to a middle station network element;
and 5: the middle station network element issues data, and the middle station network element decrypts, encapsulates and encrypts downlink data sent by the data network element and sends the downlink data to the sentinel network element;
step 6: and issuing the data of the sentinel network element, decrypting, unpacking and repackaging the downlink data sent by the central network element by the sentinel network element into a national standard protocol, and sending the data to corresponding front-end equipment.
2. The access method of the internet of things equipment for the urban fire-fighting remote monitoring system according to claim 1, wherein the step 1 is implemented as the following steps:
1.1: 2 sentinel network elements are equipped to be connected with the same front-end internet of things device, a dual-computer hot standby method is adopted, data and connection of the internet of things device are monitored, a redundancy strategy is adopted for uplink data, and once one of the sentinel network elements goes down, data transmitted by the internet of things device is not affected;
1.2: the sentinel network element receives a national standard protocol data packet sent by the user information transmission device, carries out header, packet tail and CRC (cyclic redundancy check) on the data packet, discards the data packet if the data packet is an illegal packet, and enters the next step if the data packet is a legal packet;
1.3: the sentinel network element analyzes and unpacks to obtain the numerical values of a source address and a target address in a data packet, the value of the source address and the value of the port number of the current sentinel network element are subjected to exclusive OR calculation, the calculation result is compared with the value of the target address, the preliminary access authentication is completed if the two values are equal, the next step is carried out, if the two values are not equal, illegal data are recorded in a log and discarded, and meanwhile, a connecting channel is closed;
1.4: packing the legal data obtained by unpacking and the relevant information of the sentinel network element according to a proprietary protocol format standard;
1.5: carrying out AES symmetric algorithm encryption on the data packed in the step;
1.6: and sending the encrypted data packet to a middle station network element.
3. The access method of the internet of things equipment for the urban fire-fighting remote monitoring system according to claim 2, wherein the step 2 is implemented as the following steps:
2.1: more than 2 middle network elements are allocated, all the middle network elements are registered to the distributed service management server and are subjected to unified management, all the sentinel network elements can automatically select to access any one of the middle network elements according to address information issued by the distributed service, and after the sentinel network elements are disconnected from one of the middle network elements, other middle network elements can be switched, so that the whole system is not influenced;
2.2: the middle station network element decrypts the received data by using an AES symmetric algorithm; entering the next step after decryption is successful, logging in the case of decryption failure and discarding data;
2.3: unpacking the private protocol, checking the format of the private protocol, entering the next step if the checking is passed, logging in and discarding data if the checking is not passed;
2.4: acquiring the number of the sentinel network element in the private protocol and verifying the number against the white list data, if the verification is passed, entering the next step, if the verification is not passed, logging and discarding the data, and closing the connection channel;
2.5: converting the unpacked data into a uniform data exchange format according to a predefined format;
2.6: the middle station network element encrypts the converted data by using an AES symmetric algorithm and pushes the encrypted data to the data network element.
4. The access method of the internet of things equipment for the urban fire-fighting remote monitoring system according to claim 3, wherein the step 3 is implemented as the following steps:
3.1: acquiring data provided by a middle station network element, decrypting and verifying, logging and discarding the data if the data do not pass the verification, and entering the next step if the data pass the verification;
3.2, judging whether the information is the keep-alive information of the Internet of things equipment, if so, replying confirmation data to the middle station network element, and performing a downlink step, otherwise, performing the next step;
3.3: judging whether the data information is feedback information of a downlink event or not according to the data, if so, storing a downlink event feedback log, and triggering a downlink event callback, otherwise, executing the next step;
3.4: judging whether the data information is uplink event information or not according to the data, if so, storing the data information into an uplink event log, and triggering an uplink event rule engine, otherwise, executing the next step;
3.5: and recording the information into other message logs, and finishing the uplink step.
5. The access method of the internet of things equipment for the urban fire-fighting remote monitoring system according to claim 1, wherein the step 4 is implemented as the following steps:
4.1: the data network element receives downlink data issued by an application server or replies the keep-alive information of the Internet of things equipment, and firstly, the number of a middle station network element on a link where the Internet of things equipment is located is inquired in a data network element cache according to the number of the Internet of things equipment;
4.2: and the data network element packs the data into a data packet with a uniform data exchange format, encrypts the data packet by adopting an AES (advanced encryption standard) symmetric algorithm and pushes the data packet to a corresponding middle station network element.
6. The method for accessing the internet of things equipment for the urban fire-fighting remote monitoring system according to claim 5, wherein the step 5 is implemented as the following steps:
5.1: the middle station network element receives the downlink data of the data network element, and after the downlink data is decrypted by an AES symmetric algorithm, the uniform data exchange format data is analyzed, and the number of the sentinel network element where the Internet of things equipment is located is obtained;
5.2: and the middle station network element packs the data into a private protocol, encrypts the data again by adopting an AES symmetric algorithm, and pushes the data packet to a corresponding sentinel network element according to the sentinel network element number information.
7. The method for accessing the internet of things equipment for the urban fire-fighting remote monitoring system according to claim 6, wherein the step 6 is implemented as the following steps:
6.1: the sentinel network element receives the downlink data of the middle station network element, and after the downlink data is decrypted by an AES symmetric algorithm, the private protocol is analyzed, and the serial number of the Internet of things equipment is obtained;
6.2: and the sentinel network element packs the data into a national standard protocol and pushes the data packet to corresponding Internet of things equipment according to the serial number information of the Internet of things equipment.
8. An Internet of things equipment access system for an urban fire-fighting remote monitoring system, which is characterized by implementing the steps of the Internet of things equipment access method for the urban fire-fighting remote monitoring system according to any one of claims 1 to 7.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the steps of the method for accessing an internet of things device for a urban fire remote monitoring system according to any of claims 1 to 7.
10. A non-transitory computer readable storage medium, having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the steps of the method for accessing an internet of things device for a urban fire protection remote monitoring system according to any one of claims 1 to 7.
CN202010878651.6A 2020-08-27 2020-08-27 Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof Active CN112291296B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010878651.6A CN112291296B (en) 2020-08-27 2020-08-27 Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010878651.6A CN112291296B (en) 2020-08-27 2020-08-27 Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof

Publications (2)

Publication Number Publication Date
CN112291296A true CN112291296A (en) 2021-01-29
CN112291296B CN112291296B (en) 2022-08-19

Family

ID=74421107

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010878651.6A Active CN112291296B (en) 2020-08-27 2020-08-27 Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof

Country Status (1)

Country Link
CN (1) CN112291296B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114569926A (en) * 2022-02-28 2022-06-03 浙江八度科技有限公司 Pressure monitoring system for fire-fighting device and monitoring method thereof
CN115120921A (en) * 2022-08-30 2022-09-30 江苏海舟安防科技有限公司 Fire control monitored control system based on fire control gas cylinder

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102025577A (en) * 2011-01-06 2011-04-20 西安电子科技大学 Network system of Internet of things and data processing method thereof
CN103428627A (en) * 2012-05-22 2013-12-04 中国移动通信集团江苏有限公司 Method for transferring data in internet of things, internet of things system and corresponding device
CN104333546A (en) * 2014-10-24 2015-02-04 北京捷成世纪科技股份有限公司 Data transmission isolation method and data transmission isolation device based on SDI (serial digital interface) bus
EP2887587A1 (en) * 2013-12-20 2015-06-24 MediaTek Singapore Pte Ltd. Methods for transmitting and receiving information and associated internet of thing apparatus
CN108965033A (en) * 2018-08-24 2018-12-07 智慧盈通(北京)工业技术有限公司 A kind of Environment Monitoring System
CN108989455A (en) * 2018-08-13 2018-12-11 中国科学院声学研究所南海研究站 A kind of data based on LoRa Internet of Things report and instruct delivery method
CN109150703A (en) * 2018-08-23 2019-01-04 北方工业大学 Intelligent cloud gateway for industrial Internet of things and communication method thereof
CN109525566A (en) * 2018-11-01 2019-03-26 北京北信智云科技有限公司 A kind of LoRaWan method for interchanging data based on enhanced MQTT message mechanism
CN109895815A (en) * 2017-12-11 2019-06-18 比亚迪股份有限公司 The operation data acquisition method and system of train
CN110086876A (en) * 2019-04-30 2019-08-02 成都秦川物联网科技股份有限公司 The Internet of Things intelligence instrument of double gateways is communicated with NB
CN110417713A (en) * 2018-04-28 2019-11-05 广东亿迅科技有限公司 A kind of equipment data transmission method and device based on Internet of Things

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102025577A (en) * 2011-01-06 2011-04-20 西安电子科技大学 Network system of Internet of things and data processing method thereof
CN103428627A (en) * 2012-05-22 2013-12-04 中国移动通信集团江苏有限公司 Method for transferring data in internet of things, internet of things system and corresponding device
EP2887587A1 (en) * 2013-12-20 2015-06-24 MediaTek Singapore Pte Ltd. Methods for transmitting and receiving information and associated internet of thing apparatus
CN104333546A (en) * 2014-10-24 2015-02-04 北京捷成世纪科技股份有限公司 Data transmission isolation method and data transmission isolation device based on SDI (serial digital interface) bus
CN109895815A (en) * 2017-12-11 2019-06-18 比亚迪股份有限公司 The operation data acquisition method and system of train
CN110417713A (en) * 2018-04-28 2019-11-05 广东亿迅科技有限公司 A kind of equipment data transmission method and device based on Internet of Things
CN108989455A (en) * 2018-08-13 2018-12-11 中国科学院声学研究所南海研究站 A kind of data based on LoRa Internet of Things report and instruct delivery method
CN109150703A (en) * 2018-08-23 2019-01-04 北方工业大学 Intelligent cloud gateway for industrial Internet of things and communication method thereof
CN108965033A (en) * 2018-08-24 2018-12-07 智慧盈通(北京)工业技术有限公司 A kind of Environment Monitoring System
CN109525566A (en) * 2018-11-01 2019-03-26 北京北信智云科技有限公司 A kind of LoRaWan method for interchanging data based on enhanced MQTT message mechanism
CN110086876A (en) * 2019-04-30 2019-08-02 成都秦川物联网科技股份有限公司 The Internet of Things intelligence instrument of double gateways is communicated with NB

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114569926A (en) * 2022-02-28 2022-06-03 浙江八度科技有限公司 Pressure monitoring system for fire-fighting device and monitoring method thereof
CN115120921A (en) * 2022-08-30 2022-09-30 江苏海舟安防科技有限公司 Fire control monitored control system based on fire control gas cylinder

Also Published As

Publication number Publication date
CN112291296B (en) 2022-08-19

Similar Documents

Publication Publication Date Title
CN112291296B (en) Internet of things equipment access system for urban fire-fighting remote monitoring system and method thereof
CN106060003A (en) Network boundary unidirectional isolated transmission device
CN107682324A (en) Method for message transmission, system, storage medium and computer equipment
CN103441983A (en) Information protection method and device based on link layer discovery protocol
CN103428204A (en) Data security implementation method capable of resisting timing attacks and devices
CN111130750B (en) Vehicle CAN (controller area network) safety communication method and system
CN112688945A (en) Transmission method and transmission system for terminal data of Internet of things
US9578039B2 (en) OAM security authentication method and OAM transmitting/receiving devices
CN106850669B (en) Message security transmission method for Internet of things monitoring system
CN107294913A (en) Safety communicating method, service end and client based on HTTP
CN114157649A (en) Reliable data transmission method and device, computer equipment and storage medium
Daily et al. Securing CAN traffic on J1939 networks
US10348746B2 (en) Incident detection system including gateway device and server
CN109194643A (en) Data transmission, message parsing method, device and equipment
CN114465825B (en) Online monitoring system, method and device for power transmission line and master station
CN110830413B (en) Communication method, client, server, communication device and system
CN100596350C (en) Method for encrypting and decrypting industrial control data
CN109194490B (en) Power distribution network communication security authentication system and method
CN113794563B (en) Communication network security control method and system
CN107819597B (en) Network data transmission method and front-end processor
CN113347168B (en) Protection method and system based on zero trust model
CN110300105B (en) Remote key management method of network cipher machine
KR100913691B1 (en) Railway communication method in open transmission-based systems
CN110233735B (en) Comprehensive safety protection method and system for grid-connected power station industrial control system
CN115119203B (en) LoRa sub-equipment safety back connection method and communication system based on random key mechanism

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder

Address after: 314001 room 607, block a, smart building, building 19, No. 36, Changsheng South Road, Jiaxing Economic and Technological Development Zone, Zhejiang Province

Patentee after: Zhejiang Badu Technology Co.,Ltd.

Address before: Room 1-1209, environmental trade center, Nanhu District, Jiaxing City, Zhejiang Province, 314001

Patentee before: Zhejiang Badu Technology Co.,Ltd.

CP02 Change in the address of a patent holder