CN113038458A - Data transmission method and system - Google Patents
Data transmission method and system Download PDFInfo
- Publication number
- CN113038458A CN113038458A CN201911356578.XA CN201911356578A CN113038458A CN 113038458 A CN113038458 A CN 113038458A CN 201911356578 A CN201911356578 A CN 201911356578A CN 113038458 A CN113038458 A CN 113038458A
- Authority
- CN
- China
- Prior art keywords
- data
- ciphertext
- differential
- sends
- deflection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 79
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000012545 processing Methods 0.000 claims abstract description 42
- 238000012795 verification Methods 0.000 claims description 10
- 230000002159 abnormal effect Effects 0.000 description 12
- 238000004364 calculation method Methods 0.000 description 12
- 238000004891 communication Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 241000282414 Homo sapiens Species 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
Abstract
The embodiment of the invention provides a data transmission method and a data transmission system, wherein a reference station encrypts original data to obtain a first ciphertext, the reference station sends the first ciphertext to a cloud platform, the cloud platform decrypts the first ciphertext to obtain first decrypted data, the first decrypted data comprises the original data, the cloud platform deflects the original data to obtain first deflected data, the cloud platform performs differential processing on the first deflected data to obtain first differential data, the cloud platform encrypts the first differential data to obtain a second ciphertext, the second ciphertext comprises the encrypted first differential data, the cloud platform sends the second ciphertext to the reference station, the reference station decrypts the second ciphertext to obtain second decrypted data, the second decrypted data comprises the first differential data, and the data transmitted during data transmission between the reference station and the cloud platform are encrypted, so that the safety of data transmission is improved.
Description
[ technical field ] A method for producing a semiconductor device
The present invention relates to the field of communications technologies, and in particular, to a data transmission method and system.
[ background of the invention ]
The artificial satellite is an unmanned spacecraft which periodically runs in a closed orbit according to a preset track, and provides powerful data monitoring for scientific exploration, communication conversation, navigation positioning and weather forecast of human beings.
The method comprises the steps of obtaining position data of a place by receiving an artificial satellite signal, and transmitting the position data to a reference station through the Internet, wherein various safety problems exist in the data transmission process, such as denial of service of a pseudo base station and malicious stealing of accurate position information of the reference station by a hacker, so that the safety of data transmission is reduced.
[ summary of the invention ]
In view of this, embodiments of the present invention provide a data transmission method and system, so as to improve security of data transmission.
In one aspect, an embodiment of the present invention provides a data transmission method, including:
the method comprises the steps that a reference station encrypts original data to obtain a first ciphertext, wherein the first ciphertext comprises the encrypted original data;
the reference station sends the first ciphertext to a cloud platform;
the cloud platform decrypts the first ciphertext to obtain first decrypted data, wherein the first decrypted data comprises the original data;
the cloud platform deflects the original data to obtain first deflection data;
the cloud platform performs differential processing on the first deflection data to obtain first differential data;
the cloud platform encrypts the first differential data to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data;
the cloud platform sends the second ciphertext to the reference station;
and the reference station decrypts the second ciphertext to obtain second decrypted data, wherein the second decrypted data comprises first differential data.
Optionally, the reference station includes a resolving module, a security module and a transmission module;
the base station encrypts the original data to obtain a first ciphertext, and the first ciphertext comprises:
the resolving module sends a first encryption request to the security module, wherein the first encryption request comprises the original data;
the security module encrypts the original data to obtain a first ciphertext, wherein the first ciphertext comprises the encrypted original data and equipment address information;
the safety module sends the first ciphertext to the resolving module;
and the resolving module sends the first ciphertext to the transmission module.
Optionally, the first ciphertext further includes device address information, and the first decrypted data further includes device address information; the cloud platform comprises an equipment gateway, a key management service platform and an encryption machine;
the base station sending the first ciphertext to a cloud platform comprises:
the transmission module sends the first ciphertext to the device gateway;
the cloud platform decrypts the first ciphertext to obtain the first decrypted data, and the method includes:
the device gateway sends a first decryption request to the key management service platform, wherein the first decryption request comprises the first ciphertext;
the key management service platform sends the first decryption request to the encryptor;
the encryption machine decrypts the first ciphertext to obtain the original data and the equipment address information;
the cloud platform deflects the original data, and before obtaining first deflection data, the method further comprises:
the encryption machine sends the original data and the equipment address information to the key management service platform;
the key management service platform inquires serial number information corresponding to the equipment address information according to the equipment address information;
the key management service platform judges whether the inquired serial number information is the same as the serial number information in the original data;
if the key management service platform judges that the inquired serial number information is the same as the serial number information corresponding to the pre-stored equipment address information, the key management service platform sends the original data to the equipment gateway;
the cloud platform deflects the original data to obtain first deflection data, and the method comprises the following steps:
the device gateway sends a first deflection request to the key management service platform, wherein the first deflection request comprises original data;
the key management service platform sends the first deflection request to the encryptor;
the encryption machine deflects the original data to obtain first deflection data;
the encryption machine sends the first deflection data to the key management service platform;
the key management service platform sends the first deflection data to the device gateway.
Optionally, the cloud platform includes an equipment gateway, a key management service platform, an encryption machine, and a carrier phase differential platform;
the cloud platform performs differential processing on the first deflection data to obtain first differential data, and the differential processing comprises the following steps:
the equipment gateway sends first deflection data to the carrier phase differential platform;
the carrier phase differential platform performs differential processing on the first deflection data to obtain first differential data;
the cloud platform encrypts the first differential data to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data:
the carrier phase differential platform sends the first differential data to the key management service platform;
the key management service platform sends a second encryption request to the encryptor, wherein the second encryption request comprises the first differential data;
the encryption machine encrypts the first differential data to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data and equipment address information;
the reference station decrypts the second ciphertext to obtain second decrypted data, including:
the encryption machine sends the second ciphertext to the key management service platform;
the key management service platform sends the second ciphertext to the carrier phase differential platform;
the carrier phase differential platform sends the second ciphertext to the equipment gateway; the equipment gateway sends a second ciphertext to the transmission module;
the transmission module sends a first verification decryption request to the resolving module, wherein the first verification decryption request comprises a second ciphertext;
the resolving module sends a first verification decryption request to the security module;
the security module decrypts the second ciphertext to obtain second decrypted data, wherein the second decrypted data comprises first differential data and equipment address information;
the reference station decrypts the second ciphertext to obtain second decrypted data, and the method comprises the following steps:
the safety module inquires serial number information corresponding to the equipment address information according to the equipment address information;
the security module judges whether the inquired serial number information is the same as serial number information in the first differential data;
and if the safety module judges that the inquired serial number information is the same as the serial number information in the first differential data, the first differential data is sent to the resolving module.
In another aspect, an embodiment of the present invention provides a data transmission method, including:
the reference station deflects the original data to obtain second deflection data;
the reference station encrypts the second deflection data to obtain a third ciphertext, wherein the third ciphertext comprises the encrypted second deflection data;
the reference station sends a third ciphertext to the cloud platform, wherein the third ciphertext comprises encrypted second deflection data;
the cloud platform decrypts the third ciphertext to obtain third decrypted data, wherein the third decrypted data comprises the second deflection data;
the cloud platform performs differential processing on the second deflection data to obtain second differential data;
the cloud platform encrypts the second differential data to obtain a fourth ciphertext, wherein the fourth ciphertext comprises the encrypted second differential data;
the cloud platform sends the fourth ciphertext to the reference station;
and the reference station decrypts the fourth ciphertext to obtain fourth decrypted data, wherein the fourth decrypted data comprises the second differential data.
Optionally, the reference station includes a resolving module, a security module and a transmission module;
the reference station deflects the original data to obtain second deflection data; the reference station encrypts the second deflection data to obtain a third ciphertext, and the third ciphertext comprises:
the resolving module sends a third encryption request to a security module, wherein the third encryption request comprises the original data;
the safety module deflects the original data to obtain second deflection data;
and the safety module encrypts the second deflection data to obtain a third ciphertext, wherein the third ciphertext comprises the encrypted second deflection data and the equipment address information.
Optionally, the third ciphertext further includes device address information, and the third decrypted data further includes device address information; the cloud platform comprises an equipment gateway, a key management service platform and an encryption machine;
the sending, by the reference station, the third ciphertext to the cloud platform includes:
the safety module sends the third ciphertext to the resolving module;
the resolving module sends the third ciphertext to the transmission module;
the transmission module sends the third ciphertext to the device gateway;
the cloud platform decrypts the third ciphertext to obtain third decrypted data, including:
the device gateway sends a third decryption request to the key management service platform, wherein the third decryption request comprises the third ciphertext;
the key management service platform sends the third decryption request to the encryptor;
the encryption machine decrypts the third ciphertext to obtain second deflection data and the equipment address information;
the cloud platform performs differential processing on the second deflection data, and before obtaining second differential data, the method further includes:
the encryption machine sends the second deflection data and the equipment address information to the key management service platform;
the key management service platform inquires serial number information corresponding to the equipment address information according to the equipment address information;
the key management service platform judges whether the inquired serial number information is the same as the serial number information in the second deflection data;
and if the key management service platform judges that the inquired serial number information is the same as the serial number information in the second deflection data, the key management service platform sends the second deflection data to the equipment gateway.
Optionally, the cloud platform includes an equipment gateway, a key management service platform, an encryption machine, and a carrier phase differential platform, and the cloud platform encrypts the second differential data to obtain a fourth ciphertext, including:
the cloud platform performs differential processing on the second deflection data to obtain second differential data, and the differential processing includes:
the equipment gateway sends second deflection data to the carrier phase differential platform;
the carrier phase differential platform performs differential processing on the second deflection data to obtain second differential data;
the cloud platform encrypts the second differential data to obtain a fourth ciphertext, wherein the fourth ciphertext comprises the encrypted second differential data:
the carrier phase differential platform sends the second differential data to the key management service platform;
the key management service platform sends a fourth encryption request to the encryptor, wherein the fourth encryption request comprises the second differential data;
the encryption machine encrypts the second differential data to obtain a fourth ciphertext, wherein the fourth ciphertext comprises the encrypted second differential data and the equipment address information;
the reference station decrypts the fourth ciphertext to obtain fourth decrypted data, including:
the encryption machine sends the fourth ciphertext to the key management service platform;
the key management service platform sends the fourth ciphertext to the carrier phase difference platform;
the carrier phase differential platform sends the fourth ciphertext to the device gateway;
the equipment gateway sends a fourth ciphertext to the transmission module;
the transmission module sends a second check decryption request to the resolving module, wherein the second check decryption request comprises a fourth ciphertext;
the resolving module sends a second check decryption request to the security module;
the security module decrypts the fourth ciphertext to obtain fourth decrypted data, wherein the fourth decrypted data comprises second differential data and equipment address information;
the reference station decrypts the fourth ciphertext to obtain fourth decrypted data, and the method includes:
inquiring serial number information corresponding to the equipment address information according to the equipment address information;
the safety module judges whether the inquired serial number information is the same as serial number information in the second differential data;
and if the safety module judges that the inquired serial number information is the same as the serial number information in the second differential data, the second differential data is sent to the resolving module.
On the other hand, the embodiment of the invention provides a data transmission system, which comprises a reference station and a cloud platform;
the reference station is used for encrypting the original data to obtain a first ciphertext; the first ciphertext is sent to the cloud platform;
the cloud platform is used for decrypting the first ciphertext to obtain first decrypted data, and the first decrypted data comprises the original data; the system is also used for deflecting the original data to obtain first deflection data; the first deflection data are also used for carrying out differential processing on the first deflection data to obtain first differential data; the first differential data are further used for encrypting the first differential data to obtain a second ciphertext, and the second ciphertext comprises the encrypted first differential data; further configured to send the second ciphertext to the reference station;
the reference station is further configured to decrypt the second ciphertext to obtain second decrypted data, where the second decrypted data includes the first differential data.
On the other hand, the embodiment of the invention provides a data transmission system, which comprises a reference station and a cloud platform;
the reference station is used for deflecting the original data to obtain second deflection data; the second deflection data is further used for encrypting the second deflection data to obtain a third ciphertext; the cloud platform is also used for sending a third ciphertext to the cloud platform;
the cloud platform is used for decrypting the third ciphertext to obtain third decrypted data, and the third decrypted data comprises the original data; the data processing device is also used for carrying out differential processing on the original data to obtain second differential data; the second differential data are further used for encrypting the second differential data to obtain a fourth ciphertext; further configured to send the fourth ciphertext to the reference station;
the reference station is further configured to decrypt the fourth ciphertext to obtain fourth decrypted data, where the fourth decrypted data includes the second difference data.
In the technical scheme provided by the embodiment of the invention, the reference station encrypts original data to obtain a first ciphertext; the reference station sends a first ciphertext to the cloud platform; the cloud platform decrypts the first ciphertext to obtain first decrypted data, wherein the first decrypted data comprises original data; the cloud platform deflects the original data to obtain first deflection data; the cloud platform carries out differential processing on the first deflection data to obtain first differential data; the cloud platform encrypts the first differential data to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data; the cloud platform sends a second ciphertext to the reference station; the reference station decrypts the second ciphertext to obtain second decrypted data, and the second decrypted data comprise the first differential data.
[ description of the drawings ]
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 is a schematic structural diagram of a data transmission system according to an embodiment of the present invention;
fig. 2 is a flowchart of a data transmission method according to an embodiment of the present invention;
fig. 3 is a flowchart of another data transmission method according to an embodiment of the present invention;
fig. 4 is a flowchart of another data transmission method according to an embodiment of the present invention;
fig. 5 is a flowchart of another data transmission method according to an embodiment of the present invention.
[ detailed description ] embodiments
For better understanding of the technical solutions of the present invention, the following detailed descriptions of the embodiments of the present invention are provided with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be understood that the term "and/or" as used herein is merely one type of associative relationship that describes an associated object, meaning that three types of relationships may exist, e.g., A and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Fig. 1 is a schematic structural diagram of a data transmission system according to an embodiment of the present invention, and as shown in fig. 1, the system includes a reference station 1 and a cloud platform 2, where the reference station 1 is connected to the cloud platform 2.
As an alternative, the reference station is configured to encrypt the original data to obtain a first ciphertext; the cloud platform is also used for sending a first ciphertext to the cloud platform; the cloud platform is used for decrypting the first ciphertext to obtain first decrypted data, and the first decrypted data comprises original data; the device is also used for deflecting the original data to obtain first deflection data; the first deflection data are also used for carrying out differential processing on the first deflection data to obtain first differential data; the first differential data are encrypted to obtain a second ciphertext, and the second ciphertext comprises the encrypted first differential data; and further for transmitting a second ciphertext to the reference station; the reference station is further configured to decrypt the second ciphertext to obtain second decrypted data, where the second decrypted data includes the first difference data.
As another alternative, the reference station is used for deflecting the original data to obtain second deflection data; the first deflection data is used for encrypting the first deflection data to obtain a first ciphertext; the cloud platform is also used for sending a third ciphertext to the cloud platform; the cloud platform is used for decrypting the third ciphertext to obtain third decrypted data, and the third decrypted data comprises original data; the data processing device is also used for carrying out differential processing on the original data to obtain second differential data; the second differential data are encrypted to obtain a fourth ciphertext; and further configured to send a fourth ciphertext to the reference station; the reference station is further configured to decrypt the fourth ciphertext to obtain fourth decrypted data, where the fourth decrypted data includes the second difference data.
The reference station 1 comprises a calculation module 11, a safety module 12 and a transmission module 13, wherein the calculation module 11 is connected with the safety module 12, and the calculation module 11 is connected with the transmission module 13.
The cloud platform 2 comprises an equipment gateway 21, a key management service platform 22, an encryption machine 23 and a carrier phase differential platform 24, wherein the equipment gateway 21 is connected with the key management service platform 22, the equipment gateway 21 is connected with the carrier phase differential platform 24, the key management service platform 22 is connected with the encryption machine 23, and the key management service platform 22 is connected with the carrier phase differential platform 24.
In the technical scheme provided by the embodiment of the invention, the reference station encrypts original data to obtain a first ciphertext, the reference station sends the first ciphertext to the cloud platform, the cloud platform decrypts the first ciphertext to obtain first decrypted data, the first decrypted data comprises the original data, the cloud platform deflects the original data to obtain first deflected data, the cloud platform performs differential processing on the first deflected data to obtain first differential data, the cloud platform encrypts the first differential data to obtain a second ciphertext, the second ciphertext comprises the encrypted first differential data, the cloud platform sends the second ciphertext to the reference station, the reference station decrypts the second ciphertext to obtain second decrypted data, the second decrypted data comprises the first differential data, and the data transmitted during data transmission between the reference station and the cloud platform are encrypted, so that the safety of data transmission is improved.
Fig. 2 is a flowchart of a data transmission method according to an embodiment of the present invention, and as shown in fig. 2, the method includes:
And 102, the reference station sends a first ciphertext to the cloud platform.
And 104, deflecting the original data by the cloud platform to obtain first deflection data.
And 105, the cloud platform performs differential processing on the first deflection data to obtain first differential data.
And 106, encrypting the first differential data by the cloud platform to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data.
And step 107, the cloud platform sends the second ciphertext to the reference station.
And 108, the reference station decrypts the second ciphertext to obtain second decrypted data, wherein the second decrypted data comprises the first differential data.
In the technical scheme provided by the embodiment of the invention, the reference station encrypts original data to obtain a first ciphertext, the reference station sends the first ciphertext to the cloud platform, the cloud platform decrypts the first ciphertext to obtain first decrypted data, the first decrypted data comprises the original data, the cloud platform deflects the original data to obtain first deflected data, the cloud platform performs differential processing on the first deflected data to obtain first differential data, the cloud platform encrypts the first differential data to obtain a second ciphertext, the second ciphertext comprises the encrypted first differential data, the cloud platform sends the second ciphertext to the reference station, the reference station decrypts the second ciphertext to obtain second decrypted data, the second decrypted data comprises the first differential data, and the data transmitted during data transmission between the reference station and the cloud platform are encrypted, so that the safety of data transmission is improved.
Fig. 3 is a flowchart of another data transmission method according to an embodiment of the present invention, and as shown in fig. 3, the method includes:
and 208, decrypting the fourth ciphertext by the reference station to obtain fourth decrypted data, wherein the fourth decrypted data comprises the second differential data.
In the technical scheme provided by the embodiment of the invention, the reference station deflects the original data to obtain second deflection data, the reference station encrypts the second deflection data to obtain a third ciphertext, the reference station sends the third ciphertext to the cloud platform, the cloud platform decrypts the third ciphertext to obtain third decrypted data, the third decrypted data comprises the original data, the cloud platform performs differential processing on the original data to obtain second differential data, the cloud platform encrypts the second differential data to obtain a fourth ciphertext, the cloud platform sends the fourth ciphertext to the reference station, the reference station decrypts the fourth ciphertext to obtain fourth decrypted data, the fourth decrypted data comprises the second differential data, and the transmitted data is encrypted when data is transmitted between the reference station and the cloud platform, so that the safety of data transmission is improved.
Fig. 4 is a flowchart of a data transmission method according to an embodiment of the present invention, and as shown in fig. 4, the method includes:
step 301, the calculation module sends a first encryption request to the security module, where the first encryption request includes original data.
The resolving module measures raw data in advance, and the raw data comprises position information and serial number information, such as: the location information may include satellite data including: latitude and longitude information of the landmarks, position information of the stars or motion trail information of the stars.
For example: the satellite data comprises that the central position of the Tianan door is positioned at 39 degrees, 54 minutes and 26 seconds in the north latitude, and 116 degrees, 23 minutes and 29 seconds in the east longitude.
Step 302, the security module encrypts the original data to obtain a first ciphertext, where the first ciphertext includes the encrypted original data and the device address information.
The method specifically comprises the following steps: the security module encrypts the original data by using the encryption key according to a national encryption algorithm to obtain a first ciphertext. Wherein the encryption KEY comprises KEY + SN + MAC. The KEY comprises a private KEY, the SN comprises a device serial number of the current reference station, and the MAC comprises a device address of the current reference station.
And step 303, the security module sends the first ciphertext to the resolving module.
And step 304, the resolving module sends the first ciphertext to the transmission module.
The resolving module sends the first ciphertext to the transmission module through the IP bearing network.
Step 305, the transmission module sends the first ciphertext to the device gateway.
And the transmission module sends the first ciphertext to the equipment gateway through the secure channel.
The IP bearing network is connected with a Customer Edge (CE), the CE is connected with a core network, the core network is connected with another CE, and the CE is connected with a reference station, so that the resolving module can send data to the transmission module through the IP bearing network, and the transmission module can send data to the equipment gateway through the safety channel.
Step 306, the device gateway sends a first decryption request to the key management service platform, where the first decryption request includes a first ciphertext.
Step 307, the key management service platform sends a first decryption request to the encryptor, where the first decryption request includes a first ciphertext.
And 308, decrypting the first ciphertext by the encryption machine to obtain original data and equipment address information.
And the encryption machine decrypts the first ciphertext according to the national encryption algorithm to obtain the original data and the equipment address information.
Step 309, the encryption engine sends the original data and the device address information to the key management service platform.
And step 310, the key management service platform queries serial number information corresponding to the device address information according to the device address information.
The key management service platform pre-stores the corresponding relation between the equipment address information and the serial number information of each reference station, the equipment address information and the serial number information are in one-to-one correspondence, and the key management service platform inquires the serial number information corresponding to the equipment address information from the corresponding relation between the equipment address information and the serial number information.
Step 311, the key management service platform determines whether the queried serial number information is the same as the serial number information in the original data.
And if the key management service platform judges that the inquired serial number information is the same as the serial number information in the original data, the reference station is a normal reference station.
And if the key management service platform judges that the inquired serial number information is not the same as the serial number information in the original data, the reference station is an abnormal reference station.
As an alternative, the abnormal reference station includes a pseudo base station or a bad base station.
And step 312, if the key management service platform judges that the inquired serial number information is the same as the serial number information in the original data, sending the original data to the equipment gateway.
In the embodiment of the invention, if the key management service platform judges that the inquired serial number information is different from the serial number information in the original data, a first alarm instruction is sent to the management terminal so that the management terminal can alarm according to the first alarm instruction.
For example: and the manager checks the abnormal reference station on the site of the reference station according to the first alarm instruction of the management terminal.
Step 313, the device gateway sends a first deflection request to the key management service platform, where the first deflection request includes the original data.
Step 314, the key management service platform sends a first deflection request to the encryptor, the first deflection request including the original data.
And 315, deflecting the original data by the encryption machine to obtain first deflection data.
In this step, the first deflection data includes sequence number information.
The method specifically comprises the following steps: the position information in the original data is deflected, a position corresponding to the position information in the original data is used as a center, a set distance is used as a radius, and an area is formed, and the original data can be deflected arbitrarily in the area.
As an alternative, the set distance comprises 100 meters.
For example: the original central position of the Tianan door is positioned at 39 degrees, 54 minutes and 26 seconds of north latitude, 116 degrees, 23 minutes and 29 seconds of east longitude, and the central position of the Tianan door after deflection is positioned at 39 degrees, 54 minutes and 25 seconds of north latitude and 116 degrees, 23 minutes and 30 seconds of east longitude.
Step 316, the encryptor sends the first deflection data to the key management service platform.
Step 317, the key management service platform sends the first deflection data to the device gateway.
Step 318, the device gateway sends the first deflection data to the carrier phase differential platform.
Step 319, the carrier phase differential platform performs differential processing on the first deflection data to obtain first differential data.
In this step, the first differential data includes serial number information.
In this step, the carrier phase differential platform performs differential processing on the first deflection data by using a carrier-time kinematic (RTK) technique to obtain first differential data.
For example: the central position of the deflected Tianan door is positioned at 39 degrees, 54 minutes and 25 seconds of north latitude, 116 degrees, 23 minutes and 30 seconds of east longitude, and the central position of the Tianan door after differential processing is positioned at 39 degrees, 54 minutes and 26.37 seconds of north latitude and 116 degrees, 23 minutes and 29.22 seconds of east longitude.
In the embodiment of the invention, the accuracy of the first differential data can reach a centimeter level.
And step 320, the carrier phase differential platform sends the first differential data to the key management service platform.
Step 321, the key management service platform sends a second encryption request to the encryptor, where the second encryption request includes the first differential data.
And 322, encrypting the first differential data by the encryption machine to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data and the device address information.
In this step, the encryption machine encrypts the first differential data according to a national cryptographic algorithm, and encrypts the first differential data through KEY + SN + MAC, where KEY is private KEY encryption, SN is an equipment serial number corresponding to the reference station, and MAC is an equipment address corresponding to the reference station.
The second ciphertext comprises the first differential data and the device address information.
And step 323, the encryptor sends a second ciphertext to the key management service platform.
Step 324, the key management service platform sends the second ciphertext to the carrier phase differencing platform.
Step 325, the carrier phase differential platform sends the second ciphertext to the device gateway.
Step 326, the device gateway sends the second ciphertext to the transmission module via the secure channel.
Step 327, the transmission module sends a first verification decryption request to the solution module, where the first verification decryption request includes a second ciphertext.
Step 328, the calculation module sends a first verification decryption request to the security module, where the first verification decryption request includes the second ciphertext.
Step 329, the security module decrypts the second ciphertext to obtain second decrypted data, where the second decrypted data includes the first difference data and the device address information.
The security module decrypts the second encrypted data according to the national cryptographic algorithm.
And step 330, the security module queries serial number information corresponding to the device address information according to the device address information.
The safety module is stored with the corresponding relation between the equipment address information and the serial number information of each reference station in advance, the equipment address information corresponds to the serial number information one by one, and the safety module inquires the serial number information corresponding to the equipment address information from the corresponding relation between the equipment address information and the serial number information.
Step 331, the security module determines whether the queried serial number information is the same as the serial number information in the first differential data.
And if the safety module judges that the inquired serial number information is the same as the serial number information in the first differential data, the reference station is a normal reference station.
And if the safety module judges that the inquired serial number information is not the same as the serial number information in the first differential data, the reference station is an abnormal reference station.
As an alternative, the abnormal reference station includes a pseudo base station or a bad base station.
And step 332, if the safety module judges that the inquired serial number information is the same as the serial number information in the first differential data, the safety module sends the first differential data to the resolving module.
The security module decrypts the second encrypted data according to the national cryptographic algorithm.
In the embodiment of the invention, if the safety module judges that the inquired serial number information is different from the serial number information in the first differential data, a second alarm instruction is sent to the management terminal so that the management terminal can alarm according to the second alarm instruction.
For example: and the manager checks the abnormal reference station on the site of the reference station according to the second alarm instruction of the management terminal.
And 333, calibrating the original data by the resolving module according to the received first differential data.
For example: the central position of the Tianan door in the first differential data is located at 39 degrees to 54 minutes 26.37 seconds in north latitude and at 116 degrees to 23 minutes to 29.22 seconds in east longitude.
The central position of the Tianan door in the original data is positioned at 39 degrees, 54 minutes and 26 seconds in the north latitude and at 116 degrees, 23 minutes and 29 seconds in the east longitude.
In this step, the calculation module calibrates the original data according to the first differential data, and calibrates the original data into the first differential data. At this time, after calibration, the central position of the Tianan door in the raw data is located at 39 degrees, 54 minutes and 26.37 seconds in the north latitude and at 116 degrees, 23 minutes and 29.22 seconds in the east longitude.
As an alternative, the calculation module sends the first differential data to the user terminal, so that the user can use the position information of the first differential data through the user terminal.
In the technical scheme provided by the embodiment of the invention, the reference station encrypts original data to obtain a first ciphertext, the reference station sends the first ciphertext to the cloud platform, the cloud platform decrypts the first ciphertext to obtain first decrypted data, the first decrypted data comprises the original data, the cloud platform deflects the original data to obtain first deflected data, the cloud platform performs differential processing on the first deflected data to obtain first differential data, the cloud platform encrypts the first differential data to obtain a second ciphertext, the second ciphertext comprises the encrypted first differential data, the cloud platform sends the second ciphertext to the reference station, the reference station decrypts the second ciphertext to obtain second decrypted data, the second decrypted data comprises the first differential data, and the data transmitted during data transmission between the reference station and the cloud platform are encrypted, so that the safety of data transmission is improved.
According to the technical scheme provided by the embodiment of the invention, the data are deflected on the cloud platform, and the deflection factor is stored in the encryption machine, so that the encryption machine cannot be broken through a network, the safety of data transmission is ensured, no extra cost is input into the reference station, and the construction cost of the reference station is reduced. In the technical scheme provided by the embodiment of the invention, sensitive data is encrypted and stored, original data is not stored in a database, the original data is transmitted to a key management service platform, the key management service platform sends the original data to an encryptor, and the encryptor encrypts an original message and stores the encrypted message to a database system. In the technical scheme provided by the embodiment of the invention, a mode of combining software and hardware is adopted to carry out encryption protection on data transmission of the high-precision positioning reference station, so that the requirement of the state on the confidentiality grade of observation data is met.
Fig. 5 is a flowchart of a data transmission method according to an embodiment of the present invention, and as shown in fig. 5, the method includes:
step 401, the calculation module sends a third encryption request to the security module, where the third encryption request includes the original data.
The resolving module measures raw data in advance, and the raw data comprises position information and serial number information, such as: the location information may include satellite data including: latitude and longitude information of the landmarks, position information of the stars or motion trail information of the stars.
For example: the satellite data of the original data comprises that the central position of the Tianan door is positioned at 39 degrees, 54 minutes and 26 seconds in the north latitude, and 116 degrees, 23 minutes and 29 seconds in the east longitude.
Step 402, the security module deflects the original data to obtain second deflection data.
The method specifically comprises the following steps: the position information in the original data is deflected, a position corresponding to the position information in the original data is used as a center, a set distance is used as a radius, and an area is formed, and the original data can be deflected arbitrarily in the area.
As an alternative, the set distance comprises 100 meters.
For example: the original central position of the Tianan door is positioned at 39 degrees, 54 minutes and 26 seconds of north latitude, 116 degrees, 23 minutes and 29 seconds of east longitude, and the central position of the Tianan door after deflection is positioned at 39 degrees, 54 minutes and 25 seconds of north latitude and 116 degrees, 23 minutes and 30 seconds of east longitude.
And step 403, the security module encrypts the second deflection data to obtain a third ciphertext, where the third ciphertext includes the encrypted second deflection data and the device address information. The method comprises the following steps that the security module encrypts original data by adopting an encryption key according to a national cryptographic algorithm to obtain a first ciphertext. Wherein the encryption KEY comprises KEY + SN + MAC. The KEY comprises a private KEY, the SN comprises a device serial number of the current reference station, and the MAC comprises a device address of the current reference station.
And step 404, the security module sends a third ciphertext to the resolving module.
And step 405, the resolving module sends a third ciphertext to the transmission module.
And the resolving module sends a third ciphertext to the transmission module through the IP bearing network.
And step 406, the transmission module sends the third ciphertext to the device gateway.
The transmission module sends a third ciphertext to the device gateway through the secure channel
The IP bearing network is connected with a Customer Edge (CE), the CE is connected with a core network, the core network is connected with another CE, and the CE is connected with a reference station, so that the resolving module can send data to the transmission module through the IP bearing network, and the transmission module can send data to the equipment gateway through the safety channel.
Step 407, the device gateway sends a third decryption request to the key management service platform, where the third decryption request includes a third ciphertext.
Step 408, the key management service platform sends a third decryption request to the encryptor.
And step 409, the encryption machine decrypts the third ciphertext to obtain second deflection data and equipment address information.
In this step, the second deflection data includes sequence number information.
And the encryption machine decrypts the third ciphertext according to the national encryption algorithm to obtain second deflection data and equipment address information.
Step 410, the encryptor sends the second deflection data and the device address information to the key management service platform.
Step 411, the key management service platform queries the serial number information corresponding to the device address information according to the device address information.
The key management service platform pre-stores the corresponding relation between the equipment address information and the serial number information of each reference station, the equipment address information and the serial number information are in one-to-one correspondence, and the key management service platform inquires the serial number information corresponding to the equipment address information from the corresponding relation between the equipment address information and the serial number information.
In step 412, the key management service platform determines whether the queried sequence number information is the same as the sequence number information in the second deflection data.
And if the key management service platform judges that the inquired serial number information is the same as the serial number information in the second deflection data, the reference station is a normal reference station.
And if the key management service platform judges that the inquired serial number information is not the same as the serial number information in the second deflection data, the reference station is an abnormal reference station.
As an alternative, the abnormal reference station includes a pseudo base station or a bad base station.
Step 413, if the key management service platform determines that the queried sequence number information is the same as the sequence number information in the second deflection data, the key management service platform sends the second deflection data to the device gateway.
In the embodiment of the invention, if the key management service platform judges that the inquired serial number information is different from the serial number information in the second deflection data, a third alarm instruction is sent to the management terminal so that the management terminal can alarm according to the third alarm instruction.
For example: and the manager checks the abnormal reference station on the site of the reference station according to the third alarm instruction of the management terminal.
And step 414, the device gateway sends the second deflection data to the carrier phase differential platform.
Step 415, the carrier phase differential platform performs differential processing on the second deflection data to obtain second differential data.
In this step, the second differential data includes serial number information.
In this step, the carrier phase differential platform performs differential processing on the second deflection data by using an RTK technique to obtain second differential data.
For example: the central position of the deflected Tianan door is positioned at 39 degrees, 54 minutes and 25 seconds of north latitude, 116 degrees, 23 minutes and 30 seconds of east longitude, and the central position of the Tianan door after differential processing is positioned at 39 degrees, 54 minutes and 26.37 seconds of north latitude and 116 degrees, 23 minutes and 29.22 seconds of east longitude.
In the embodiment of the invention, the accuracy of the second differential data can reach a centimeter level.
And step 416, the carrier phase differential platform sends the second differential data to the key management service platform.
Step 417, the key management service platform sends a fourth encryption request to the encryptor, where the fourth encryption request includes the second differential data.
And 418, encrypting the second differential data by the encryption machine to obtain a fourth ciphertext of the data, wherein the fourth ciphertext comprises the encrypted second differential data and the device address information.
In this step, the encryption machine encrypts the second differential data according to a national cryptographic algorithm, and encrypts the second differential data through KEY + SN + MAC, where KEY is private KEY encryption, SN is an equipment serial number corresponding to the current reference station, and MAC is an equipment address corresponding to the current reference station.
And the fourth ciphertext comprises the second differential data and the device address information.
And step 419, the encryptor sends a fourth ciphertext to the key management service platform.
And step 420, the key management service platform sends a fourth ciphertext to the carrier phase difference platform.
And step 421, the carrier phase differential platform sends a fourth ciphertext to the device gateway.
Step 422, the device gateway sends the fourth ciphertext to the transmission module.
Step 423, the transmission module sends a second check-up decryption request to the solution module, where the second check-up decryption request includes a fourth ciphertext.
Step 424, the calculation module sends a second check decryption request to the security module, where the second check decryption request includes a fourth ciphertext.
And 425, the security module decrypts the fourth ciphertext to obtain fourth decrypted data, wherein the fourth decrypted data comprises second differential data and device address information.
And the security module decrypts the fourth ciphertext according to the national encryption algorithm.
And 426, the security module queries serial number information corresponding to the device address information according to the device address information.
The safety module is stored with the corresponding relation between the equipment address information and the serial number information of each reference station in advance, the equipment address information corresponds to the serial number information one by one, and the safety module inquires the serial number information corresponding to the equipment address information from the corresponding relation between the equipment address information and the serial number information.
Step 427, the security module determines whether the queried serial number information is the same as the serial number information in the second differential data.
And if the key management service platform judges that the inquired serial number information is the same as the serial number information in the second differential data, the reference station is a normal reference station.
And if the key management service platform judges that the inquired serial number information is not the same as the serial number information in the second differential data, the reference station is an abnormal reference station.
As an alternative, the abnormal reference station includes a pseudo base station or a bad base station.
Step 428, if the security module determines that the queried serial number information is the same as the serial number information in the second differential data, the security module sends the second differential data to the resolving module.
In the embodiment of the invention, if the safety module judges that the inquired serial number information is different from the serial number information in the second differential data, a fourth alarm instruction is sent to the management terminal, so that the management terminal can alarm according to the fourth alarm instruction.
For example: and the manager checks the abnormal reference station on the site of the reference station according to the fourth alarm instruction of the management terminal.
Step 429, the calculation module calibrates the original data according to the received second differential data.
For example: the central position of the Tianan door in the first differential data is located at 39 degrees to 54 minutes 26.37 seconds in north latitude and at 116 degrees to 23 minutes to 29.22 seconds in east longitude.
The central position of the Tianan door in the original data is positioned at 39 degrees, 54 minutes and 26 seconds in the north latitude and at 116 degrees, 23 minutes and 29 seconds in the east longitude.
In this step, the calculation module calibrates the original data according to the first differential data, and calibrates the original data into the first differential data. At this time, after calibration, the central position of the Tianan door in the raw data is located at 39 degrees, 54 minutes and 26.37 seconds in the north latitude and at 116 degrees, 23 minutes and 29.22 seconds in the east longitude.
As an alternative, the calculation module sends the first differential data to the user terminal, so that the user can use the position information of the first differential data through the user terminal.
In the technical scheme provided by the embodiment of the invention, the reference station encrypts original data to obtain a first ciphertext, the reference station sends the first ciphertext to the cloud platform, the cloud platform decrypts the first ciphertext to obtain first decrypted data, the first decrypted data comprises the original data, the cloud platform deflects the original data to obtain first deflected data, the cloud platform performs differential processing on the first deflected data to obtain first differential data, the cloud platform encrypts the first differential data to obtain a second ciphertext, the second ciphertext comprises the encrypted first differential data, the cloud platform sends the second ciphertext to the reference station, the reference station decrypts the second ciphertext to obtain second decrypted data, the second decrypted data comprises the first differential data, and the data transmitted during data transmission between the reference station and the cloud platform are encrypted, so that the safety of data transmission is improved.
In the technical scheme provided by the embodiment of the invention, the data are deflected at the reference station, so that the data received by the cloud platform can meet the secret level requirement of the national security administration. In the technical scheme provided by the embodiment of the invention, sensitive data is encrypted and stored, original data is not stored in a database, the original data is transmitted to a key management service platform, the key management service platform sends the original data to an encryptor, and the encryptor encrypts an original message and stores the encrypted message to a database system. In the technical scheme provided by the embodiment of the invention, a mode of combining software and hardware is adopted to carry out encryption protection on data transmission of the high-precision positioning reference station, so that the requirement of the state on the confidentiality grade of observation data is met.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (10)
1. A method of data transmission, comprising:
the method comprises the steps that a reference station encrypts original data to obtain a first ciphertext, wherein the first ciphertext comprises the encrypted original data;
the reference station sends the first ciphertext to a cloud platform;
the cloud platform decrypts the first ciphertext to obtain first decrypted data, wherein the first decrypted data comprises the original data;
the cloud platform deflects the original data to obtain first deflection data;
the cloud platform performs differential processing on the first deflection data to obtain first differential data;
the cloud platform encrypts the first differential data to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data;
the cloud platform sends the second ciphertext to the reference station;
and the reference station decrypts the second ciphertext to obtain second decrypted data, wherein the second decrypted data comprises first differential data.
2. The method of claim 1, wherein the reference station comprises a solution module, a security module, and a transmission module;
the base station encrypts the original data to obtain a first ciphertext, and the first ciphertext comprises:
the resolving module sends a first encryption request to the security module, wherein the first encryption request comprises the original data;
the security module encrypts the original data to obtain a first ciphertext, wherein the first ciphertext comprises the encrypted original data and equipment address information;
the safety module sends the first ciphertext to the resolving module;
and the resolving module sends the first ciphertext to the transmission module.
3. The method of claim 1, wherein the first ciphertext further comprises device address information, wherein the first decrypted data further comprises device address information; the cloud platform comprises an equipment gateway, a key management service platform and an encryption machine;
the base station sending the first ciphertext to a cloud platform comprises:
the transmission module sends the first ciphertext to the device gateway;
the cloud platform decrypts the first ciphertext to obtain the first decrypted data, and the method includes:
the device gateway sends a first decryption request to the key management service platform, wherein the first decryption request comprises the first ciphertext;
the key management service platform sends the first decryption request to the encryptor;
the encryption machine decrypts the first ciphertext to obtain the original data and the equipment address information;
the cloud platform deflects the original data, and before obtaining first deflection data, the method further comprises:
the encryption machine sends the original data and the equipment address information to the key management service platform;
the key management service platform inquires serial number information corresponding to the equipment address information according to the equipment address information;
the key management service platform judges whether the inquired serial number information is the same as the serial number information in the original data;
if the key management service platform judges that the inquired serial number information is the same as the serial number information corresponding to the pre-stored equipment address information, the key management service platform sends the original data to the equipment gateway;
the cloud platform deflects the original data to obtain first deflection data, and the method comprises the following steps:
the device gateway sends a first deflection request to the key management service platform, wherein the first deflection request comprises original data;
the key management service platform sends the first deflection request to the encryptor;
the encryption machine deflects the original data to obtain first deflection data;
the encryption machine sends the first deflection data to the key management service platform;
the key management service platform sends the first deflection data to the device gateway.
4. The method of claim 1, wherein the cloud platform comprises a device gateway, a key management service platform, an encryptor, and a carrier phase differencing platform;
the cloud platform performs differential processing on the first deflection data to obtain first differential data, and the differential processing comprises the following steps:
the equipment gateway sends first deflection data to the carrier phase differential platform;
the carrier phase differential platform performs differential processing on the first deflection data to obtain first differential data;
the cloud platform encrypts the first differential data to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data:
the carrier phase differential platform sends the first differential data to the key management service platform;
the key management service platform sends a second encryption request to the encryptor, wherein the second encryption request comprises the first differential data;
the encryption machine encrypts the first differential data to obtain a second ciphertext, wherein the second ciphertext comprises the encrypted first differential data and equipment address information;
the reference station decrypts the second ciphertext to obtain second decrypted data, including:
the encryption machine sends the second ciphertext to the key management service platform;
the key management service platform sends the second ciphertext to the carrier phase differential platform;
the carrier phase differential platform sends the second ciphertext to the equipment gateway; the equipment gateway sends a second ciphertext to the transmission module;
the transmission module sends a first verification decryption request to the resolving module, wherein the first verification decryption request comprises a second ciphertext;
the resolving module sends a first verification decryption request to the security module;
the security module decrypts the second ciphertext to obtain second decrypted data, wherein the second decrypted data comprises first differential data and equipment address information;
the reference station decrypts the second ciphertext to obtain second decrypted data, and the method comprises the following steps:
the safety module inquires serial number information corresponding to the equipment address information according to the equipment address information;
the security module judges whether the inquired serial number information is the same as serial number information in the first differential data;
and if the safety module judges that the inquired serial number information is the same as the serial number information in the first differential data, the first differential data is sent to the resolving module.
5. A method of data transmission, comprising:
the reference station deflects the original data to obtain second deflection data;
the reference station encrypts the second deflection data to obtain a third ciphertext, wherein the third ciphertext comprises the encrypted second deflection data;
the reference station sends a third ciphertext to the cloud platform, wherein the third ciphertext comprises encrypted second deflection data;
the cloud platform decrypts the third ciphertext to obtain third decrypted data, wherein the third decrypted data comprises the second deflection data;
the cloud platform performs differential processing on the second deflection data to obtain second differential data;
the cloud platform encrypts the second differential data to obtain a fourth ciphertext, wherein the fourth ciphertext comprises the encrypted second differential data;
the cloud platform sends the fourth ciphertext to the reference station;
and the reference station decrypts the fourth ciphertext to obtain fourth decrypted data, wherein the fourth decrypted data comprises the second differential data.
6. The method of claim 5, wherein the reference station comprises a solution module, a security module, and a transmission module;
the reference station deflects the original data to obtain second deflection data; the reference station encrypts the second deflection data to obtain a third ciphertext, and the third ciphertext comprises:
the resolving module sends a third encryption request to a security module, wherein the third encryption request comprises the original data;
the safety module deflects the original data to obtain second deflection data;
and the safety module encrypts the second deflection data to obtain a third ciphertext, wherein the third ciphertext comprises the encrypted second deflection data and the equipment address information.
7. The method of claim 5, wherein the third ciphertext further comprises device address information, wherein the third decrypted data further comprises device address information; the cloud platform comprises an equipment gateway, a key management service platform and an encryption machine;
the sending, by the reference station, the third ciphertext to the cloud platform includes:
the safety module sends the third ciphertext to the resolving module;
the resolving module sends the third ciphertext to the transmission module;
the transmission module sends the third ciphertext to the device gateway;
the cloud platform decrypts the third ciphertext to obtain third decrypted data, including:
the device gateway sends a third decryption request to the key management service platform, wherein the third decryption request comprises the third ciphertext;
the key management service platform sends the third decryption request to the encryptor;
the encryption machine decrypts the third ciphertext to obtain second deflection data and the equipment address information;
the cloud platform performs differential processing on the second deflection data, and before obtaining second differential data, the method further includes:
the encryption machine sends the second deflection data and the equipment address information to the key management service platform;
the key management service platform inquires serial number information corresponding to the equipment address information according to the equipment address information;
the key management service platform judges whether the inquired serial number information is the same as the serial number information in the second deflection data;
and if the key management service platform judges that the inquired serial number information is the same as the serial number information in the second deflection data, the key management service platform sends the second deflection data to the equipment gateway.
8. The method according to claim 5, wherein the cloud platform includes a device gateway, a key management service platform, an encryption engine, and a carrier phase differential platform, and the cloud platform encrypts the second differential data to obtain a fourth ciphertext, including:
the cloud platform performs differential processing on the second deflection data to obtain second differential data, and the differential processing includes:
the equipment gateway sends second deflection data to the carrier phase differential platform;
the carrier phase differential platform performs differential processing on the second deflection data to obtain second differential data;
the cloud platform encrypts the second differential data to obtain a fourth ciphertext, wherein the fourth ciphertext comprises the encrypted second differential data:
the carrier phase differential platform sends the second differential data to the key management service platform;
the key management service platform sends a fourth encryption request to the encryptor, wherein the fourth encryption request comprises the second differential data;
the encryption machine encrypts the second differential data to obtain a fourth ciphertext, wherein the fourth ciphertext comprises the encrypted second differential data and the equipment address information;
the reference station decrypts the fourth ciphertext to obtain fourth decrypted data, including:
the encryption machine sends the fourth ciphertext to the key management service platform;
the key management service platform sends the fourth ciphertext to the carrier phase difference platform;
the carrier phase differential platform sends the fourth ciphertext to the device gateway;
the equipment gateway sends a fourth ciphertext to the transmission module;
the transmission module sends a second check decryption request to the resolving module, wherein the second check decryption request comprises a fourth ciphertext;
the resolving module sends a second check decryption request to the security module;
the security module decrypts the fourth ciphertext to obtain fourth decrypted data, wherein the fourth decrypted data comprises second differential data and equipment address information;
the reference station decrypts the fourth ciphertext to obtain fourth decrypted data, and the method includes:
inquiring serial number information corresponding to the equipment address information according to the equipment address information;
the safety module judges whether the inquired serial number information is the same as serial number information in the second differential data;
and if the safety module judges that the inquired serial number information is the same as the serial number information in the second differential data, the second differential data is sent to the resolving module.
9. A data transmission system is characterized by comprising a reference station and a cloud platform;
the reference station is used for encrypting the original data to obtain a first ciphertext; the first ciphertext is sent to the cloud platform;
the cloud platform is used for decrypting the first ciphertext to obtain first decrypted data, and the first decrypted data comprises the original data; the system is also used for deflecting the original data to obtain first deflection data; the first deflection data are also used for carrying out differential processing on the first deflection data to obtain first differential data; the first differential data are further used for encrypting the first differential data to obtain a second ciphertext, and the second ciphertext comprises the encrypted first differential data; further configured to send the second ciphertext to the reference station;
the reference station is further configured to decrypt the second ciphertext to obtain second decrypted data, where the second decrypted data includes the first differential data.
10. A data transmission system is characterized by comprising a reference station and a cloud platform;
the reference station is used for deflecting the original data to obtain second deflection data; the second deflection data is further used for encrypting the second deflection data to obtain a third ciphertext; the cloud platform is also used for sending a third ciphertext to the cloud platform;
the cloud platform is used for decrypting the third ciphertext to obtain third decrypted data, and the third decrypted data comprises the original data; the data processing device is also used for carrying out differential processing on the original data to obtain second differential data; the second differential data are further used for encrypting the second differential data to obtain a fourth ciphertext; further configured to send the fourth ciphertext to the reference station;
the reference station is further configured to decrypt the fourth ciphertext to obtain fourth decrypted data, where the fourth decrypted data includes the second difference data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911356578.XA CN113038458A (en) | 2019-12-25 | 2019-12-25 | Data transmission method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911356578.XA CN113038458A (en) | 2019-12-25 | 2019-12-25 | Data transmission method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113038458A true CN113038458A (en) | 2021-06-25 |
Family
ID=76458171
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911356578.XA Pending CN113038458A (en) | 2019-12-25 | 2019-12-25 | Data transmission method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113038458A (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1726670A (en) * | 2002-05-10 | 2006-01-25 | 哈里公司 | Secure wireless local or metropolitan area network and related methods |
| JP2006266876A (en) * | 2005-03-24 | 2006-10-05 | Mitsubishi Electric Corp | Positioning system, positioning method, mobile terminal and map server device |
| CN101511084A (en) * | 2008-02-15 | 2009-08-19 | 中国移动通信集团公司 | Authentication and cipher key negotiation method of mobile communication system |
| CN101583154A (en) * | 2009-07-07 | 2009-11-18 | 杭州华三通信技术有限公司 | Communication method and device in wireless local area network |
| CN102073827A (en) * | 2010-10-15 | 2011-05-25 | 福建新大陆通信科技股份有限公司 | Method for ensuring security of set-top box application program |
| CN103823228A (en) * | 2014-01-29 | 2014-05-28 | 北京红旗胜利科技发展有限责任公司 | Positioning system, terminal, and positioning method |
| CN104540237A (en) * | 2014-11-28 | 2015-04-22 | 普联技术有限公司 | Method and system for connecting intelligent device to network |
| CN106713298A (en) * | 2016-12-16 | 2017-05-24 | 迈普通信技术股份有限公司 | Communication method and device |
| CN107864006A (en) * | 2017-11-01 | 2018-03-30 | 千寻位置网络有限公司 | Broadcast differential data authentication and the system and method for encryption |
| CN108226956A (en) * | 2016-12-22 | 2018-06-29 | 千寻位置网络有限公司 | A kind of differential data protection processing method and its system |
| KR20190106303A (en) * | 2018-03-08 | 2019-09-18 | 이에스산전주식회사 | Security method for bluetooth low energy communication |
-
2019
- 2019-12-25 CN CN201911356578.XA patent/CN113038458A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1726670A (en) * | 2002-05-10 | 2006-01-25 | 哈里公司 | Secure wireless local or metropolitan area network and related methods |
| JP2006266876A (en) * | 2005-03-24 | 2006-10-05 | Mitsubishi Electric Corp | Positioning system, positioning method, mobile terminal and map server device |
| CN101511084A (en) * | 2008-02-15 | 2009-08-19 | 中国移动通信集团公司 | Authentication and cipher key negotiation method of mobile communication system |
| CN101583154A (en) * | 2009-07-07 | 2009-11-18 | 杭州华三通信技术有限公司 | Communication method and device in wireless local area network |
| CN102073827A (en) * | 2010-10-15 | 2011-05-25 | 福建新大陆通信科技股份有限公司 | Method for ensuring security of set-top box application program |
| CN103823228A (en) * | 2014-01-29 | 2014-05-28 | 北京红旗胜利科技发展有限责任公司 | Positioning system, terminal, and positioning method |
| CN104540237A (en) * | 2014-11-28 | 2015-04-22 | 普联技术有限公司 | Method and system for connecting intelligent device to network |
| CN106713298A (en) * | 2016-12-16 | 2017-05-24 | 迈普通信技术股份有限公司 | Communication method and device |
| CN108226956A (en) * | 2016-12-22 | 2018-06-29 | 千寻位置网络有限公司 | A kind of differential data protection processing method and its system |
| CN107864006A (en) * | 2017-11-01 | 2018-03-30 | 千寻位置网络有限公司 | Broadcast differential data authentication and the system and method for encryption |
| KR20190106303A (en) * | 2018-03-08 | 2019-09-18 | 이에스산전주식회사 | Security method for bluetooth low energy communication |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110971415B (en) | Space-ground integrated space information network anonymous access authentication method and system | |
| US11277747B2 (en) | Base station location authentication | |
| CN111386674B (en) | Terminal identity protection method in communication system | |
| US8582775B2 (en) | Method of securing and authenticating data using micro-certificates | |
| JP3816337B2 (en) | Security methods for transmission in telecommunications networks | |
| US7885599B2 (en) | System, method and computer program product for receiving data from a satellite radio network | |
| EP1340350B1 (en) | Secure location-based services system and method | |
| EP1908202B1 (en) | Systems, method, integrated circuit chip and computer program product for ambiguity envelope encryption | |
| JP6452205B2 (en) | Key distribution in satellite systems | |
| EP0658021A1 (en) | A method and system for key distribution and authentication in a data communication network | |
| Yaacoub et al. | Secure transmission of IoT mHealth patient monitoring data from remote areas using DTN | |
| JPH1056449A (en) | Security strengthening system | |
| EP2856789B1 (en) | Method for tracking a mobile device onto a remote displaying unit via a mobile switching center and a head-end | |
| US9465582B1 (en) | Significant random number generator | |
| JP2021507578A (en) | Telemetry tracking and command link quantum protection | |
| CN107040511A (en) | Location-based trust computing node in cloud computing architecture | |
| CN107950001B (en) | Server and method for sending geographic encryption message | |
| MX2008015298A (en) | Method and apparatus for encrypted communications using ipsec keys. | |
| Kuseler et al. | Using geographical location as an authentication factor to enhance mCommerce applications on smartphones | |
| CN113038458A (en) | Data transmission method and system | |
| US20220191691A1 (en) | System and method of protecting transmitted data in the nmea protocols in vehicle control systems | |
| US20050075144A1 (en) | Information service system for vehicle | |
| Kamboj et al. | Secure and authenticated vehicle navigation system | |
| JP6797604B2 (en) | Service delivery system and method | |
| CN111698263A (en) | Beidou satellite navigation data transmission method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |