CN113132395B - Remote equipment control method and system - Google Patents
Remote equipment control method and system Download PDFInfo
- Publication number
- CN113132395B CN113132395B CN202110437531.7A CN202110437531A CN113132395B CN 113132395 B CN113132395 B CN 113132395B CN 202110437531 A CN202110437531 A CN 202110437531A CN 113132395 B CN113132395 B CN 113132395B
- Authority
- CN
- China
- Prior art keywords
- data
- equipment
- random number
- target
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/0645—Rental transactions; Leasing transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Marketing (AREA)
- Economics (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Development Economics (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the specification discloses a remote equipment control method and a remote equipment control system. The method is applied to a server side and comprises the following steps: acquiring a control instruction corresponding to target equipment; generating a random number; based on the device public key of the target device, performing encryption operation on data to be encrypted by using a preset algorithm to obtain encrypted data; the data to be encrypted includes a random number; determining transmission data based on at least the encrypted data and the control instruction; transmitting the transmission data to a third party; the third party is used for sending the transmission data to the target equipment so that the target equipment can obtain the random number and the control instruction based on the transmission data; receiving a random number returned by target equipment; and obtaining the execution certification based on the result of comparing whether the generated random number and the random number returned by the target equipment are the same.
Description
Technical Field
The present disclosure relates to the field of information technologies, and in particular, to a method and a system for controlling a remote device.
Background
At present, in some scenarios, a user may control the device in a remote control manner, for example, a remote control system issues a control instruction to the device remotely by using a network channel, and the device executes the instruction after receiving the control instruction, so as to complete control of the device. However, when a control command for a device needs to be forwarded to the device by a third party, it is difficult to verify whether the control command is correctly forwarded to the device via the third party.
Therefore, it is necessary to provide a remote device control method to ensure the issuing and execution of the control command.
Disclosure of Invention
An aspect of embodiments of the present specification provides a remote device control method. The method is applied to a server side and comprises the following steps: acquiring a control instruction corresponding to target equipment; generating a random number; based on the device public key of the target device, performing encryption operation on data to be encrypted by using a preset algorithm to obtain encrypted data; the data to be encrypted comprises the random number; determining transmission data based on at least the encrypted data and the control instruction; transmitting the transmission data to a third party; the third party is used for sending the transmission data to the target equipment so that the target equipment can obtain the random number and the control instruction based on the transmission data; receiving a random number returned by the target equipment; and obtaining an execution certification based on a result of comparing whether the generated random number and the random number returned by the target device are the same.
Another aspect of embodiments of the present specification provides a remote device control system. The system is applied to a server side and comprises: the instruction acquisition module can be used for acquiring a control instruction corresponding to the target equipment; a random number generation module, operable to generate a random number; the encryption module can be used for carrying out encryption operation on data to be encrypted by using a preset algorithm based on the device public key of the target device to obtain encrypted data; the data to be encrypted comprises the random number; a transmission data determination module operable to determine transmission data based at least on the encrypted data and the control instruction; a sending module, configured to send the transmission data to a third party; the third party is used for sending the transmission data to the target equipment so that the target equipment can obtain the random number and the control instruction based on the transmission data; the first receiving module may be configured to receive a random number returned by the target device; and the certification obtaining module can be used for obtaining the execution certification based on the result of comparing whether the generated random number and the random number returned by the target device are the same.
Another aspect of embodiments of the present specification provides a remote device control method. The method is applied to a target device, and comprises the following steps: receiving transmission data; the transmission data is determined at least based on the encrypted data and the control instruction; based on the device private key of the target device, carrying out decryption operation on the encrypted data by using a preset algorithm to at least obtain plaintext data; wherein the plaintext data comprises a random number; and executing the control instruction and returning the random number.
Another aspect of embodiments of the present specification provides a remote device control system. The system is applied to a target device, and comprises: a second receiving module, configured to receive transmission data; the transmission data is determined at least based on the encrypted data and the control instruction; the decryption module can be used for performing decryption operation on the encrypted data by using a preset algorithm based on the device private key of the target device to at least obtain plaintext data; wherein the plaintext data comprises a random number; and the execution module can be used for executing the control instruction and returning the random number.
Another aspect of an embodiment of the present specification provides a remote device control apparatus comprising at least one storage medium and at least one processor, the at least one storage medium for storing computer instructions; the at least one processor is configured to execute the computer instructions to implement a remote device control method.
Another aspect of embodiments of the present specification provides a computer-readable storage medium storing computer instructions, which when read by a computer, cause the computer to perform a remote device control method.
Drawings
The present description will be further explained by way of exemplary embodiments, which will be described in detail by way of the accompanying drawings. These embodiments are not intended to be limiting, and in these embodiments like numerals refer to like structures, wherein:
FIG. 1 is a schematic diagram of an exemplary application scenario for remote device control, according to some embodiments of the present description;
FIG. 2 is an exemplary interaction flow diagram of a remote device control method, shown in accordance with some embodiments of the present description;
FIG. 3 is an exemplary interaction flow diagram of a remote device control method according to some embodiments of the present description;
FIG. 4 is an exemplary block diagram of a remote device control system shown in accordance with some embodiments of the present description;
FIG. 5 is an exemplary block diagram of a remote device control system shown in accordance with some embodiments of the present description.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only examples or embodiments of the present description, and that for a person skilled in the art, the present description can also be applied to other similar scenarios on the basis of these drawings without inventive effort. Unless otherwise apparent from the context, or otherwise indicated, like reference numbers in the figures refer to the same structure or operation.
It should be understood that "system", "device", "unit" and/or "module" as used herein is a method for distinguishing different components, elements, parts, portions or assemblies at different levels. However, other words may be substituted by other expressions if they accomplish the same purpose.
As used in this specification and the appended claims, the terms "a," "an," "the," and/or "the" are not intended to be inclusive in the singular, but rather are intended to be inclusive in the plural, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that steps and elements are included which are explicitly identified, that the steps and elements do not form an exclusive list, and that a method or apparatus may include other steps or elements.
Flowcharts are used in this specification to illustrate the operations performed by the system according to embodiments of the present specification. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, the steps may be processed in reverse order or simultaneously. Meanwhile, other operations may be added to the processes, or a certain step or several steps of operations may be removed from the processes.
In some scenarios, the device may be controlled in a remote control manner, for example, a remote control system (or a server) remotely issues a control instruction for the device by using a network channel, and the device executes the instruction after receiving the control instruction, so that the control for the device may be completed. However, in some application scenarios, the server cannot directly issue the control command to the device, but needs to forward the control command of the server to the corresponding device via a third party (e.g. a device or a unit having device control authority) for execution, and at this time, it is necessary to provide a control manner to prove whether the control command from the server is actually executed by the corresponding device. The application scenario includes, but is not limited to, a financing rental scenario, and for understanding, this description mainly uses this scenario as an example for description.
Financing lease (financial lease) is a non-bank financial form, which means that a financing party (a renter or a supplier, which may be an individual or an entity, such as a user, an enterprise, etc.) makes a supply contract with other parties (e.g., an equipment supplier, etc.) according to the request of the renter (the renter or a financing requester, which may be an individual or an entity, such as a user, an enterprise, etc.), and the financing party finances to purchase equipment selected by the renter from the supplier according to the contract. Meanwhile, the financing party and the lessee subscribe a lease contract, the equipment is leased to the lessee, and a certain rent is collected from the lessee.
In the financing lease scenario, the investor may issue some control instructions to the equipment of the investment lease according to the trusted credit performance of the renter (for example, the investor requests the remote control system or the server to issue control instructions to the equipment of the investment lease) to perform control operations on the equipment of the financing lease. For example, in a financing vehicle leasing scene, by remotely issuing a control instruction, a penalty effect can be played to a lessee when the lessee violates a contract (for example, a vehicle as leasing equipment is a management tool of the lessee, the vehicle can be decelerated by issuing the control instruction, and the vehicle cannot be normally managed due to the deceleration), so that the effects of active management, intelligent management and auditable and traceable of a sponsor (a lessor, a sponsor or a financing party) are achieved.
In some embodiments, the remote device control method disclosed herein may control a leased device based on whether a payoff fund flow of the leaser conforms to a pre-signed payoff contract. For example, for a vehicle rental, a slowdown instruction may be executed on the device when the lessee's repayment funds do not reach a predefined repayment amount. If the subsequent repayment funds of the lessee reach the preset amount, a deceleration recovery/cancellation instruction is executed on the equipment.
However, in the financing lease service, the control command from the remote control system or the service end may need to be forwarded by a third party (e.g., a device supplier or a device manufacturer or a device manager, etc.) to issue the control command to the leased devices. Therefore, a remote device control method is needed to ensure that a remote control command can be correctly issued to a target device when being forwarded by a third party, and to provide an execution proof that the target device has executed the control command.
It should be noted that the above examples are only for illustrative purposes, and are not intended to limit the application scenarios of the technical solutions disclosed in the embodiments of the present description. The technical solutions disclosed in the embodiments of the present specification are explained in detail below by the description of the drawings.
FIG. 1 is a schematic diagram of an exemplary application scenario for remote device control, according to some embodiments of the present description.
As shown in fig. 1, a server 110, a requestor 120, a target device 130, a third party 140, and a network 150 may be included in an application scenario 100.
In some embodiments, the requestor 120 may initiate a control request to the server 110 to control the target device 130. The server 110 may issue a device control instruction to the target device 130 according to the request, so as to control the target device 130.
For example, in a typical application scenario, the server 110 may obtain a control instruction corresponding to a target device; the server 110 may generate a random number; the server 110 may perform encryption operation on the data to be encrypted by using a preset algorithm based on the device public key of the target device to obtain encrypted data; the data to be encrypted comprises a random number; the server 110 may determine to transmit data based on at least the encrypted data and the control instruction; server 110 may send the transmission data to third party 140; the third party 140 may send the transmission data to the target device 130 so that the target device 130 obtains the random number and the control instruction based on the transmission data; the server 110 may receive the random number returned by the target device 130; the server 110 may obtain the proof of execution based on a result of comparing whether the generated random number is the same as the random number returned by the target device. If the comparison result is the same, the server 110 may generate an execution certification that the target device 130 executes the control instruction. In some embodiments, the server 110 may send the proof of execution to the requestor 120.
In some embodiments, the server 110 may be used to process data and/or information from at least one component of the scenario 100 or an external data source (e.g., a cloud data center). In some embodiments, the server 110 may be a single server or a group of servers. The set of servers may be centralized or distributed (e.g., the server 110 may be a distributed system). In some embodiments, the server 110 may be regional or remote. In some embodiments, the server 110 may be implemented on a cloud platform or provided in a virtual manner. By way of example only, the cloud platform may include a private cloud, a public cloud, a hybrid cloud, a community cloud, a distributed cloud, an internal cloud, a multi-tiered cloud, and the like, or any combination thereof. In some embodiments, the server 110 may include a processing device. In some embodiments, the server 110 may be replaced with a remote control system, an asset management platform, an IOT trusted platform, an IOT staging platform, or the like. In some embodiments, the server 110 may be a node of a blockchain network, and may store the registered new device information and the existing device information by sending a transaction request to the blockchain to upload the new device information and the existing device information to the blockchain. In some embodiments, the server 110 may write the execution certification into the blockchain to record the status of the corresponding device and the execution condition of the related control command through the blockchain. The requestor 120 may be the request originator controlling the target device 130. The requestor 120 may be a lender or a sponsor, and may be an individual or entity, such as a user, business, etc. The requestor 120 may initiate the control request through a terminal device or platform. Personal devices may include a cell phone 120-1, tablet 120-2, laptop 120-3, desktop 120-4, and the like. The platform may include a credit platform, a data service platform, and the like.
A loan platform may be used to provide financing rental services. The user can make a request for financing lease through a loan platform. The loan platform can find the lender matched with the financing lease service and recommend the lender to the user who makes a loan request to complete the financing lease service. The user and the resource can sign corresponding contracts in the individual credit platform. In some embodiments, the requester may request to issue a control command to the leased device according to the signed contract, so as to achieve the purpose of managing the leased device.
The target device 130 may be a rented device. The rented equipment may be life production equipment, for example, the equipment may be vehicles, garbage disposal equipment, road monitoring equipment, etc. The lessees can live and produce through the equipment so as to achieve the purpose of facilitating life or obtaining work profits. For example, a lessee may be a regular trip with a vehicle or a profit from using a vehicle as a net appointment vehicle. For example, production facilities such as cranes, bulldozers, garbage disposal vehicles, and the like can be used for daily production profit.
The network 150 may connect components in the scene 100 and/or connect components internal to the scene with external portions. The network 150 enables communication between the components of the scene and with external portions of the scene, facilitating the exchange of data and/or information. In some embodiments, the network 150 may be any one or more of a wired network or a wireless network. For example, network 150 may include a cable network, a fiber optic network, a telecommunications network, the internet, a Local Area Network (LAN), a Wide Area Network (WAN), a Wireless Local Area Network (WLAN), a Metropolitan Area Network (MAN), a Public Switched Telephone Network (PSTN), a bluetooth network, a ZigBee network (ZigBee), near Field Communication (NFC), an in-device bus, an in-device line, a cable connection, and the like, or any combination thereof. In some embodiments, the network connection between the parts in the scene may be in one of the manners described above, or may be in multiple manners. In some embodiments, network 150 may be a point-to-point, shared, centralized, etc. variety of topologies or a combination of topologies. In some embodiments, the network 150 may include one or more network access points. For example, the network 150 may include wired or wireless network access points, such as base stations and/or network switching points …, through which one or more components of the scenario 100 may connect to the network 150 to exchange data and/or information.
FIG. 2 is an exemplary interaction flow diagram of a remote device control method, shown in some embodiments herein. In some embodiments, the flow 200 may be performed by a processing device (e.g., the server 110). For example, the process 200 may be stored in a storage device (e.g., an onboard storage unit of a processing device or an external storage device) in the form of a program or instructions that, when executed, may implement the process 200. The flow 200 may include the following operations.
At step 202, a control instruction corresponding to a target device is obtained. In some embodiments, step 202 may be performed by instruction fetch module 410.
The target device may refer to a device that can be remotely controlled by a control instruction. The target device may be a rental device in a financing rental scenario, e.g., a financing rental vehicle, a garbage disposal device, a road monitoring device, etc.
A control instruction refers to a string of codes or commands that may be used to control a target device. In some embodiments, the control instructions may also be expressed in text form, such as "downshift", "downshift" or "un-restrict", etc. The control instruction corresponding to the target device is a control instruction for controlling the target device. In some embodiments, the control instructions may include an ID of the target device.
In some embodiments, the processing device may generate the control instructions according to control requirements for the target device.
In some embodiments, the processing device may generate the control instruction according to a request of a requestor (e.g., requestor 120).
In some embodiments, the processing device may receive the control instruction from a requestor.
Step 204, generating a random number. In some embodiments, step 204 may be performed by random number generation module 420.
In some embodiments, the processing device may generate the random number by using a random number generator, or may generate the random number by other manners, which is not limited in this embodiment.
And step 206, performing encryption operation on the data to be encrypted by using a preset algorithm based on the device public key of the target device to obtain encrypted data. In some embodiments, step 206 may be performed by encryption module 430.
The data to be encrypted refers to data that needs to be protected by encryption. The data to be encrypted includes the random number.
In some embodiments, the data to be encrypted may further include a hash value of the control instruction. The hash value may be obtained by performing a hash operation on the control instruction. By carrying out hash operation on the control instruction, when the target device receives the control instruction, the received control instruction can be ensured not to be tampered by verifying the hash value.
The preset algorithm refers to a predetermined algorithm for encrypting or decrypting data to be encrypted. In some embodiments, the preset algorithm may include a symmetric encryption algorithm, e.g., an AES algorithm, or the like.
In some embodiments, the data to be encrypted may also include a timestamp. The time stamp may be the current time, or may be the reception time, generation time, or the like of the control instruction.
In some embodiments, the processing device may encrypt the data to be encrypted by using a device public key of the target device to obtain the encrypted data. For example, the processing device may encrypt the data to be encrypted by using a preset algorithm with a device public key of the target device as a secret key. The processing device may obtain the device public key from the target device through the encryption channel in advance.
In some embodiments, the processing device may further calculate, based on the device public key and the first private key of the target device, a first key by using an Elliptic Curve Diffie-Hellman key exchange method (ECDH, eliptic currve Diffie-Hellman key exchange), and encrypt the data to be encrypted by using the first key to obtain the encrypted data.
The first private key may be from a first public-private key pair. The first public-private key pair may be computed by the processing device based on a key generation algorithm. In some embodiments, the public key in the first public-private key pair may serve as the first public key. The first private key may be used to compute a first key and the first public key may be used to compute a second key. In some embodiments, the first key may be the same as the second key, the first key may be used to encrypt data to be encrypted, and the second key may be used to decrypt encrypted data. For example, the processing device may send the first public key to the target device so that the target device may calculate a second key based on the first public key to decrypt the encrypted data using the second key.
By using the ECDH algorithm, the server and the target device can negotiate and calculate to obtain the secret key under the condition of not sharing the secret, and the secure transmission of data is realized.
In some embodiments, the processing device (server) may calculate the first key according to equation (1) based on the ECDH algorithm.
K=B^a mod p (1)
Wherein, K is a public key generated by calculation (a first key calculated by the server), B is an equipment public key of the target equipment, a is a first private key, and p is a first public parameter. Wherein, the device public key B and the device private key B satisfy formula (2).
B=g^b mod p (2)
In the formula, B is the device public key of the target device, B is the device private key of the target device, and g is the second public parameter.
The first and second common parameters may be known to both the server and the target device.
Correspondingly, at the target device, the target device may calculate the second key by equation (3).
K=A^b mod p (3)
Wherein, K is a public key generated by calculation (a second key calculated by the target device), a is a first public key, b is a device private key of the target device, and p is a first public parameter. The first public key a and the first private key a satisfy formula (4).
A=g^a mod p (4)
In the formula, A is a first public key, a is a first private key, and g is a second public parameter.
In the key exchange process, the server side sends the first public key A to the target device. And the target equipment sends the equipment public key B to the server. The first common parameter p and the second common parameter g may be defined in advance by both parties, and the first common parameter p and the second common parameter g may be acquired by one party and then transmitted to the other party. Then, the server may calculate a first key based on formula (1), and the target device may calculate a second key based on formula (3).
By substituting formula (4) into formula (3) and formula (2) into formula (1), the first key is the same as the second key. Therefore, the server side encrypts the data to be encrypted by using the first key, so that the target device can symmetrically decrypt the encrypted data by using the second key without sharing a secret, and the privacy and the safety of the data are ensured.
Step 208, determining transmission data based on at least the encrypted data and the control instruction. In some embodiments, step 208 may be performed by the transmission data determination module 440.
The transmission data refers to data to be sent from the server to the target device.
In some embodiments, the processing device may treat the encrypted data and the control instruction as transmission data.
In some embodiments, the processing device may further treat the first public key of the first public-private key pair, the encryption data, and the control instructions as transmission data.
And step 210, sending the transmission data to a third party. In some embodiments, step 210 may be performed by sending module 450.
In some embodiments, the processing device may send the transmission data to a third party over a network.
The third party may be configured to send the transmission data to the target device, so that the target device obtains the random number and the control instruction based on the transmission data. For example, the target device may obtain the encrypted data and the control instruction from reading of the transmission data, and decrypt the encrypted data by using a decryption algorithm corresponding to the encryption algorithm used when encrypting the data, that is, obtain the random number. In some embodiments, the target device may further decrypt the hash value of the control instruction from the encrypted data of the transmission data. In some embodiments, the target device may verify the digital signature of the encrypted data using the device private key to ensure that the received data has not been tampered with.
In some embodiments, the third party may analyze the transmission data to obtain the information such as the encrypted data and the control instruction, and encapsulate the information again according to a protocol known by the target device, and then send the encapsulated information to the target device. In some embodiments, the third party may also convert the control instructions in the transmitted data so that the target device can recognize and execute the control instructions. For example, when the control instruction from the server is expressed in text form, the third party may generate the control instruction in code form that can be recognized and executed by the target device based on the text.
Step 212, receiving the random number returned by the target device. In some embodiments, step 212 may be performed by the first receiving module 460.
In some embodiments, the processing device may receive the random number returned by the target device over the network.
In some embodiments, the random number may be returned by the target device to a third party, who in turn returns the random number to the processing device.
In some embodiments, the processing device may further receive a result of the execution of the control instruction returned by the target device.
And step 214, obtaining an execution certification based on the result of comparing whether the generated random number and the random number returned by the target device are the same. In some embodiments, step 214 may be performed by credential acquisition module 470.
In some embodiments, after comparison, if the generated random number is the same as the random number returned by the target device, the target device may be considered to have successfully received the transmission data, and the control instruction is executed, and then an execution certificate may be generated. The proof of execution may indicate that the control instruction has been executed by the target device. Otherwise, the control instruction is not received by the target device, and no execution certificate or an execution certificate indicating that the control instruction is not received by the target device is generated.
In some embodiments, the processing device may return the obtained proof of execution to the requestor to indicate to the requestor that the control instruction was successfully issued to and executed by the target device.
In some embodiments, the processing device may write an execution attestation to the blockchain. For example, the processing device may initiate a transaction request to the blockchain to store the execution certificate on the blockchain. After receiving the transaction request, the blockchain may call and execute a related intelligent contract, and write the execution certificate into the blockchain for storing the certificate. For example, a new block is generated that stores the proof of execution.
In the embodiment of the present specification, when the server sends the control instruction to the target device, in the case of forwarding through a third party, it can also be proved that the control instruction is indeed sent to the target device and executed by the target device. Meanwhile, the data transmission method also ensures that the data cannot be tampered even if being forwarded by a third party in the transmission process, and ensures the safety of the data.
FIG. 3 is an exemplary interaction flow diagram of a remote device control method, shown in some embodiments herein. In some embodiments, the flow 300 may be performed by a target device (e.g., the target device 130). For example, the process 300 may be stored in a storage device (e.g., an on-board storage unit of the target device or an external storage device) in the form of a program or instructions, which when executed, may implement the process 300. The flow 300 may include the following operations.
Step 302, receiving transmission data. In some embodiments, step 302 may be performed by the second receiving module 510.
The transmission data refers to data from a server, which is transmitted to a target device via a third party. The transmission data is determined based on at least the encrypted data and the control instruction. The encrypted data may include a random number.
In some embodiments, the transmission data may further include a first public key from a first public-private key pair.
In some embodiments, the encrypted data may also include hash values of the control instructions and other information such as timestamps.
For more description of the transmitted data, reference may be made to the related description of step 206, which is not described herein again.
And 304, based on the device private key of the target device, performing decryption operation on the encrypted data by using a preset algorithm to obtain plaintext data. In some embodiments, step 304 may be performed by decryption module 520.
The plaintext data may include information such as a random number, a hash value of the control instruction, and a time stamp, corresponding to the encrypted data described above.
The preset algorithm refers to a predetermined algorithm for encrypting or decrypting data to be encrypted. In some embodiments, the preset algorithm may include a symmetric encryption algorithm, e.g., an AES algorithm, or the like.
In some implementations, the target device may decrypt the encrypted data using a device private key of the target device to obtain the plaintext data. For example, the target device may decrypt the encrypted data according to a decryption algorithm corresponding to the encryption algorithm used by the server to encrypt the data by using the device private key to obtain plaintext data.
In some embodiments, the target device may calculate a second key by using an elliptic curve diffie-hellman key exchange method based on the device private key and the first public key; and decrypting the encrypted data by using the second key to obtain the plaintext data. For example, the target device may decrypt the encrypted data according to a decryption algorithm corresponding to an encryption algorithm used by the server to encrypt the data by using the second key to obtain plaintext data.
For the principle and process that the target device calculates the second key based on the device private key and the first public key, reference may be made to the related description of step 206, which is not described herein again.
Step 306, executing the control instruction and returning the random number. In some embodiments, step 306 may be performed by execution module 530.
In some embodiments, before executing the control instruction, the target device may also verify a hash value of the control instruction to determine whether to execute the control instruction. For example, the target device may perform a hash operation on the received control instruction, compare the hash value obtained by the operation with the hash value in the plaintext data, and if the comparison results are the same, may execute the control instruction; if the comparison results are different, the control instruction can be considered to be tampered, and the control instruction is not executed.
In some embodiments, the target device may digitally sign the random number using the device private key when returning the random number to prove that the control instruction was indeed executed by the target device, and return the random number and its digital signature. Specifically, the target device may calculate a hash value of the random number, and encrypt the hash value of the random number with a private key of the target device to obtain a digital signature of the random number. Accordingly, the processing device may verify the digital signature to determine that the random number indeed came from the target device. Specifically, the processing device may perform hash operation on the random number returned by the target device to obtain a hash value, and then decrypt the digital signature using the public key of the target device. The processing device compares the calculated hash value with the decrypted hash value, and if the calculated hash value is consistent with the decrypted hash value, the random number can be proved to come from the target device without being tampered, so that the reliability of the execution certification is further improved.
It should be noted that the above description of the respective flows is only for illustration and description, and does not limit the applicable scope of the present specification. Various modifications and alterations to the flow may occur to those skilled in the art, given the benefit of this description. However, such modifications and variations are still within the scope of the present specification. For example, the present specification may be directed to variations on the process steps, such as the addition of pre-processing steps and storage steps. For example, in the process 200, the data to be encrypted may further include a control instruction, and the transmission data may not include the plaintext of the control instruction. It will be apparent to those skilled in the art that such modifications will still achieve the goal of transmitting control commands to the target device and, therefore, remain within the scope of protection.
FIG. 4 is an exemplary block diagram of a remote device control system shown in accordance with some embodiments of the present description. As shown in fig. 4, the system 400 may include an instruction acquisition module 410, a random number generation module 420, an encryption module 430, a transmission data determination module 440, a transmission module 450, a first reception module 460, and a certification acquisition module 470.
The instruction fetch module 410 may be used to fetch control instructions corresponding to a target device.
In some embodiments, the instruction obtaining module 410 may generate the control instruction according to a control requirement of the target device. In some embodiments, the instruction fetch module 410 may generate the control instruction according to a request of a requestor (e.g., requestor 120). In some embodiments, the instruction fetch module 410 may receive the control instruction from the requestor.
The random number generation module 420 may be used to generate random numbers.
In some embodiments, the random number generator module 420 may generate the random number using a random number generator, or may generate the random number in other manners.
The encryption module 430 may be configured to perform an encryption operation on data to be encrypted by using a preset algorithm based on the device public key of the target device, so as to obtain encrypted data.
The data to be encrypted refers to data that needs to be protected by encryption. The data to be encrypted may include the random number. In some embodiments, the data to be encrypted may further include a hash value of the control instruction. The hash value may be obtained by performing a hash operation on the control instruction. In some embodiments, the data to be encrypted may also include a timestamp.
In some embodiments, the encryption module 430 may encrypt the data to be encrypted by using the device public key of the target device to obtain the encrypted data.
In some embodiments, the encryption module 430 may further calculate, based on the device public key and the first private key of the target device, a first key by using an Elliptic Curve Diffie-Hellman key Exchange method (ECDH), and encrypt the data to be encrypted by using the first key to obtain the encrypted data.
The transmission data determination module 440 may be configured to determine transmission data based at least on the encrypted data and the control instruction.
The transmission data refers to data to be sent from the server to the target device.
In some embodiments, the transmission data determination module 440 may treat the encrypted data and the control instruction as transmission data. In some embodiments, transmitted data determination module 440 may also treat the first public key of the first public-private key pair as transmitted data. For example, the transmission data may include encrypted data, control instructions, and a first public key.
The sending module 450 may be configured to send the transmission data to a third party.
In some embodiments, the sending module 450 may send the transmission data to a third party through a network.
The third party may be configured to send the transmission data to the target device, so that the target device obtains the random number and the control instruction based on the transmission data.
The first receiving module 460 may be configured to receive the random number returned by the target device.
In some embodiments, the first receiving module 460 may receive the random number returned by the target device through the network.
The proof obtaining module 470 may be configured to obtain an execution proof based on a result of comparing whether the generated random number and the random number returned by the target device are the same.
In some embodiments, after comparison, if the generated random number is the same as the random number returned by the target device, it may be indicated that the target device has successfully received the encrypted data and the control instruction, and executes the control instruction, the proof obtaining module 470 may generate the execution proof. The proof of execution may indicate that the control instruction has been executed by a target device.
FIG. 5 is an exemplary block diagram of a remote device control system shown in accordance with some embodiments of the present description. As shown in fig. 5, the system 500 may include a second receiving module 510, a decryption module 520, and an execution module 530.
The second receiving module 510 may be used to receive transmission data.
The transmission data refers to data sent by the server to the target device. The transmission data is determined based on at least the encrypted data and the control instruction. The encrypted data may include a random number.
In some embodiments, the second receiving module 510 may receive the transmission data through a network.
The decryption module 520 may be configured to perform a decryption operation on the encrypted data by using a preset algorithm based on a device private key of the target device, so as to at least obtain plaintext data.
The plaintext data includes at least a random number. In some embodiments, the plaintext data may also include a hash value of the control instruction. In some embodiments, the plaintext data may also include a timestamp.
In some implementations, the decryption module 520 may decrypt the encrypted data using a device private key of the decryption module 520 to obtain plaintext data. For example, the decryption module 520 may decrypt the encrypted data according to a decryption algorithm corresponding to an encryption algorithm used by the server to encrypt the data by using the device private key to obtain plaintext data.
In some embodiments, the decryption module 520 may calculate a second key by using an elliptic curve diffie-hellman key exchange method based on the device private key and the first public key; and decrypting the encrypted data by using the second key to obtain the plaintext data. For example, the decryption module 520 may decrypt the encrypted data according to a decryption algorithm corresponding to an encryption algorithm used by the server to encrypt the data by using the second key, so as to obtain plaintext data.
The execution module 530 may be configured to execute the control instruction and return the random number.
In some embodiments, the execution module 530 may also verify the hash value of the control instruction before executing the control instruction to determine whether to execute the control instruction. For example, the execution module 530 may perform a hash operation on the received control instruction, compare the hash value obtained by the operation with the hash value in the plaintext data, and if the comparison result is the same, execute the control instruction.
In some embodiments, the execution module 530 may also verify the control command and the digital signature of the random number before executing the control command, to ensure that the control command is actually sent to the target device, and determine whether to execute the control command according to the verification result. For example, if the verification is passed, the control instruction is executed.
For a detailed description of the modules of the remote device control system, reference may be made to the flow chart portion of this specification, e.g., the associated description of fig. 2 and 3.
It should be understood that the systems shown in fig. 4 and 5 and their modules may be implemented in a variety of ways. For example, in some embodiments, the system and its modules may be implemented in hardware, software, or a combination of software and hardware. Wherein the hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory for execution by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the methods and systems described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided, for example, on a carrier medium such as a diskette, CD-or DVD-ROM, a programmable memory such as read-only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The system and its modules in this specification may be implemented not only by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., but also by software executed by various types of processors, for example, or by a combination of the above hardware circuits and software (e.g., firmware).
It should be noted that the above description of the remote device control system and its modules is for convenience of description only and should not limit the present disclosure to the scope of the illustrated embodiments. It will be appreciated by those skilled in the art that, given the teachings of the present system, any combination of modules or sub-system configurations may be used to connect to other modules without departing from such teachings. For example, the instruction obtaining module 410, the random number generating module 420, the encrypting module 430, the transmission data determining module 440, the sending module 450, the first receiving module 460 and the certification obtaining module 470 may be different modules in a system, or may be a module that implements the functions of two or more modules. For example, the instruction obtaining module 410 and the transmission data determining module 440 may be two modules, or one module may have both obtaining and determining functions. For example, each module may share one memory module, and each module may have its own memory module. Such variations are within the scope of the present disclosure.
The beneficial effects that may be brought by the embodiments of the present description include, but are not limited to: (1) The method and the system ensure that the server can prove that the control instruction is really transmitted to the target equipment and executed by the target equipment under the condition of forwarding by a third party when the server transmits the control instruction to the target equipment. (2) The ECDH algorithm is used for encryption and decryption, so that the operation cost of the server and the target equipment is reduced, and the operation efficiency is improved. It is to be noted that different embodiments may produce different advantages, and in different embodiments, the advantages that may be produced may be any one or combination of the above, or any other advantages that may be obtained.
Having thus described the basic concept, it will be apparent to those skilled in the art that the foregoing detailed disclosure is to be regarded as illustrative only and not as limiting the present specification. Various modifications, improvements and adaptations to the present description may occur to those skilled in the art, although not explicitly described herein. Such alterations, modifications, and improvements are intended to be suggested in this specification, and are intended to be within the spirit and scope of the exemplary embodiments of this specification.
Also, the description uses specific words to describe embodiments of the description. Reference throughout this specification to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic described in connection with at least one embodiment of the specification is included. Therefore, it is emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, some features, structures, or characteristics of one or more embodiments of the specification may be combined as appropriate.
Moreover, those skilled in the art will appreciate that aspects of the present description may be illustrated and described in terms of several patentable species or situations, including any new and useful combination of processes, machines, manufacture, or materials, or any new and useful improvement thereof. Accordingly, aspects of this description may be performed entirely by hardware, entirely by software (including firmware, resident software, micro-code, etc.), or by a combination of hardware and software. The above hardware or software may be referred to as "data block," module, "" engine, "" unit, "" component, "or" system. Furthermore, aspects of the present description may be represented as a computer product, including computer readable program code, embodied in one or more computer readable media.
The computer storage medium may comprise a propagated data signal with the computer program code embodied therewith, for example, on baseband or as part of a carrier wave. The propagated signal may take any of a variety of forms, including electromagnetic, optical, etc., or any suitable combination. A computer storage medium may be any computer-readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer storage medium may be propagated over any suitable medium, including radio, cable, fiber optic cable, RF, or the like, or any combination of the preceding.
Computer program code required for the operation of various portions of this specification may be written in any one or more programming languages, including an object oriented programming language such as Java, scala, smalltalk, eiffel, JADE, emerald, C + +, C #, VB.NET, python, and the like, a conventional programming language such as C, visual Basic, fortran 2003, perl, COBOL 2002, PHP, ABAP, a dynamic programming language such as Python, ruby, and Groovy, or other programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any network format, such as a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet), or in a cloud computing environment, or as a service, such as a software as a service (SaaS).
Additionally, the order in which the elements and sequences of the process are recited in the specification, the use of alphanumeric characters, or other designations, is not intended to limit the order in which the processes and methods of the specification occur, unless otherwise specified in the claims. While various presently contemplated embodiments of the invention have been discussed in the foregoing disclosure by way of example, it is to be understood that such detail is solely for that purpose and that the appended claims are not limited to the disclosed embodiments, but, on the contrary, are intended to cover all modifications and equivalent arrangements that are within the spirit and scope of the embodiments herein. For example, although the system components described above may be implemented by hardware devices, they may also be implemented by software-only solutions, such as installing the described system on an existing server or mobile device.
Similarly, it should be noted that in the preceding description of embodiments of the present specification, various features are sometimes grouped together in a single embodiment, figure, or description thereof for the purpose of streamlining the disclosure aiding in the understanding of one or more of the embodiments. This method of disclosure, however, is not intended to imply that more features are required than are expressly recited in the claims. Indeed, the embodiments may be characterized as having less than all of the features of a single embodiment disclosed above.
Numerals describing the number of components, attributes, etc. are used in some embodiments, it being understood that such numerals used in the description of the embodiments are modified in some instances by the use of the modifier "about", "approximately" or "substantially". Unless otherwise indicated, "about", "approximately" or "substantially" indicates that the number allows a variation of ± 20%. Accordingly, in some embodiments, the numerical parameters used in the specification and claims are approximations that may vary depending upon the desired properties of the individual embodiments. In some embodiments, the numerical parameter should take into account the specified significant digits and employ a general digit preserving approach. Notwithstanding that the numerical ranges and parameters setting forth the broad scope of the range are approximations, in the specific examples, such numerical values are set forth as precisely as possible within the scope of the application.
For each patent, patent application publication, and other material, such as articles, books, specifications, publications, documents, etc., cited in this specification, the entire contents of each are hereby incorporated by reference into this specification. Except where the application history document does not conform to or conflict with the contents of the present specification, it is to be understood that the application history document, as used herein in the present specification or appended claims, is intended to define the broadest scope of the present specification (whether presently or later in the specification) rather than the broadest scope of the present specification. It is to be understood that the descriptions, definitions and/or uses of terms in the accompanying materials of the present specification shall control if they are inconsistent or inconsistent with the statements and/or uses of the present specification.
Finally, it should be understood that the embodiments described herein are merely illustrative of the principles of the embodiments of the present disclosure. Other variations are also possible within the scope of the present description. Thus, by way of example, and not limitation, alternative configurations of the embodiments of the specification can be considered consistent with the teachings of the specification. Accordingly, the embodiments of the present description are not limited to only those explicitly described and depicted herein.
Claims (16)
1. A remote equipment control method under a financing lease scene is applied to a server side, and comprises the following steps:
obtaining a control instruction corresponding to the target rental equipment from the sponsor;
generating a random number;
based on the equipment public key of the target leasing equipment, carrying out encryption operation on data to be encrypted by using a preset algorithm to obtain encrypted data; the data to be encrypted comprises the random number;
determining transmission data based on at least the encrypted data and the control instruction;
transmitting the transmission data to a third party; the third party comprises an equipment supplier, an equipment manufacturer or an equipment manager and is used for sending the transmission data to the target rental equipment so that the target rental equipment can obtain the random number and the control instruction based on the transmission data;
receiving a random number and a digital signature returned by the target leasing equipment, and verifying the digital signature; the digital signature is obtained by the target leasing equipment by using an equipment private key to sign a random number;
and obtaining an execution certification of whether the control instruction is executed by the target rental equipment or not based on a result of comparing whether the generated random number and the random number returned by the target rental equipment are the same or not.
2. The method of claim 1, the data to be encrypted further comprising a hash value of the control instruction.
3. The method of claim 1, wherein the encrypting operation is performed on the data to be encrypted by using a preset algorithm based on the device public key of the target rental device to obtain encrypted data, and the method comprises the following steps:
and encrypting data to be encrypted by using the equipment public key of the target leasing equipment to obtain the encrypted data.
4. The method of claim 1, the transmission data further comprising a first public key, the first public key being from a first public-private key pair.
5. The method of claim 4, wherein the step of performing an encryption operation on the data to be encrypted by using a preset algorithm based on the device public key of the target rental device to obtain the encrypted data comprises the steps of:
based on the equipment public key and the first private key, a first secret key is obtained by calculation through an elliptic curve Diffie-Hellman secret key exchange method; the first private key is from the first public-private key pair;
and encrypting the data to be encrypted by using the first key to obtain the encrypted data.
6. The method of claim 1, further comprising:
returning the obtained execution certificate to the sponsor; wherein, when the generated random number is the same as the random number returned by the target rental device, the proof of execution indicates that the control instruction has been executed by the target rental device.
7. The method of claim 1, further comprising:
writing the execution certificate to a block chain.
8. A remote equipment control system under a financing lease scene, which is applied to a server side, and comprises:
the instruction acquisition module is used for acquiring a control instruction corresponding to the target rental equipment from the sponsor;
the random number generating module is used for generating random numbers;
the encryption module is used for carrying out encryption operation on data to be encrypted by using a preset algorithm based on the equipment public key of the target leasing equipment to obtain encrypted data; the data to be encrypted comprises the random number;
a transmission data determination module for determining transmission data based on at least the encrypted data and the control instruction;
the sending module is used for sending the transmission data to a third party; the third party comprises an equipment supplier, an equipment manufacturer or an equipment manager and is used for sending the transmission data to the target leasing equipment so that the target leasing equipment can obtain the random number and the control instruction based on the transmission data;
the first receiving module is used for receiving the random number and the digital signature returned by the target leasing equipment and verifying the digital signature; the digital signature is obtained by the target leasing equipment by using an equipment private key to sign a random number;
and the certification obtaining module is used for obtaining an execution certification whether the control instruction is executed by the target leasing equipment or not based on a result of comparing whether the generated random number is the same as the random number returned by the target leasing equipment or not.
9. A remote equipment control method in a financing lease scene is applied to target lease equipment and comprises the following steps:
receiving transmission data; the transmission data is determined at least based on the encrypted data and the control instruction;
based on the device private key of the target leasing device, carrying out decryption operation on the encrypted data by using a preset algorithm to obtain plaintext data; wherein the plaintext data comprises a random number;
executing the control instruction and returning the random number and the digital signature; the digital signature is obtained by signing the random number by the target leasing equipment by using the equipment private key of the target leasing equipment.
10. The method of claim 9, the plaintext data further comprising a hash value of a control instruction; the method further comprises, prior to executing the control instructions:
and verifying the hash value of the control instruction to judge whether to execute the control instruction.
11. The method of claim 9, wherein the decrypting the encrypted data using a preset algorithm based on a device private key of the target rental device to obtain plaintext data comprises:
and decrypting the encrypted data by using the device private key of the target rental device to obtain the plaintext data.
12. The method of claim 9, the transmission data further comprising a first public key, the first public key being from a first public-private key pair.
13. The method of claim 12, wherein the decrypting the encrypted data using a preset algorithm based on a device private key of the target rental device to obtain plaintext data comprises:
calculating by using an elliptic curve diffie-hellman key exchange method based on the equipment private key and the first public key to obtain a second secret key;
and decrypting the encrypted data by using the second key to obtain the plaintext data.
14. A remote equipment control system under a financing leasing scene, which is applied to target leasing equipment, and comprises:
the second receiving module is used for receiving the transmission data; the transmission data is determined at least based on the encrypted data and the control instruction;
the decryption module is used for carrying out decryption operation on the encrypted data by using a preset algorithm based on an equipment private key of the target leasing equipment to at least obtain plaintext data; wherein the plaintext data comprises a random number;
the execution module is used for executing the control instruction and returning the random number and the digital signature; the digital signature is obtained by signing the random number by the target leasing equipment by using the equipment private key of the target leasing equipment.
15. A remote device control apparatus comprising a processor and a storage device for storing instructions which, when executed by the processor, implement the method of any one of claims 1 to 7.
16. A remote device control apparatus comprising a processor and a storage device for storing instructions which, when executed by the processor, implement the method of any one of claims 9 to 13.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110437531.7A CN113132395B (en) | 2021-04-22 | 2021-04-22 | Remote equipment control method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110437531.7A CN113132395B (en) | 2021-04-22 | 2021-04-22 | Remote equipment control method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113132395A CN113132395A (en) | 2021-07-16 |
| CN113132395B true CN113132395B (en) | 2022-11-11 |
Family
ID=76779206
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110437531.7A Active CN113132395B (en) | 2021-04-22 | 2021-04-22 | Remote equipment control method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113132395B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115065460A (en) * | 2022-03-09 | 2022-09-16 | 深圳市世纪云芯科技有限公司 | Power supply control method and device, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8392709B1 (en) * | 2009-04-28 | 2013-03-05 | Adobe Systems Incorporated | System and method for a single request—single response protocol with mutual replay attack protection |
| CN105635147A (en) * | 2015-12-30 | 2016-06-01 | 深圳市图雅丽特种技术有限公司 | Vehicle-mounted-special-equipment-system-based secure data transmission method and system |
| CN112153038A (en) * | 2020-09-18 | 2020-12-29 | 山东英信计算机技术有限公司 | Method and device for secure login, authentication terminal and readable storage medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020178360A1 (en) * | 2001-02-25 | 2002-11-28 | Storymail, Inc. | System and method for communicating a secure unidirectional response message |
| US7480384B2 (en) * | 2003-02-10 | 2009-01-20 | International Business Machines Corporation | Method for distributing and authenticating public keys using random numbers and Diffie-Hellman public keys |
| JP4624732B2 (en) * | 2003-07-16 | 2011-02-02 | パナソニック株式会社 | how to access |
-
2021
- 2021-04-22 CN CN202110437531.7A patent/CN113132395B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8392709B1 (en) * | 2009-04-28 | 2013-03-05 | Adobe Systems Incorporated | System and method for a single request—single response protocol with mutual replay attack protection |
| CN105635147A (en) * | 2015-12-30 | 2016-06-01 | 深圳市图雅丽特种技术有限公司 | Vehicle-mounted-special-equipment-system-based secure data transmission method and system |
| CN112153038A (en) * | 2020-09-18 | 2020-12-29 | 山东英信计算机技术有限公司 | Method and device for secure login, authentication terminal and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113132395A (en) | 2021-07-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109635585B (en) | Method, proxy node and medium for querying transaction information in blockchain network | |
| CN109617698B (en) | Method for issuing digital certificate, digital certificate issuing center and medium | |
| CN110851496B (en) | Method, apparatus, accounting node and medium for querying transaction information in blockchain network | |
| CN111316278B (en) | Secure identity and profile management system | |
| US20220414809A1 (en) | Property Right Confirmation and Transfer Methods and Systems, Electronic Device, and Storage Medium | |
| CN110288480B (en) | Private transaction method and device for blockchain | |
| WO2019214311A1 (en) | Blockchain-based information supervision method and device | |
| CN113255005B (en) | Block chain-based data asset circulation method, device and equipment | |
| CN109754250B (en) | Data transaction method and system, platform and storage medium | |
| CN111914293B (en) | Data access right verification method and device, computer equipment and storage medium | |
| CN102577229A (en) | Key certification in one round trip | |
| CN111523110A (en) | Permission query configuration method and device based on chain codes | |
| EP3780484A1 (en) | Cryptographic operation and working key creation method and cryptographic service platform and device | |
| CN115114658B (en) | Verifiable data transaction method, device, equipment and medium based on blockchain | |
| CN112069528A (en) | Financing transaction processing method and system based on block chain | |
| US20230299971A1 (en) | Data protection apparatus, electronic apparatus, method, and storage medium | |
| CN113132395B (en) | Remote equipment control method and system | |
| CN113343309B (en) | Natural person database privacy security protection method and device and terminal equipment | |
| WO2021170049A1 (en) | Method and apparatus for recording access behavior | |
| US11513507B2 (en) | Systems and methods for distributed control of manufacturing processes | |
| TWI705688B (en) | Resource operation method and system in offline state | |
| CN111753018A (en) | Electronic letter method, system and computer equipment | |
| CN111861489B (en) | Block chain-based financial product transaction share determining method and device | |
| EP4154142A1 (en) | Systems and methods for whitebox device binding | |
| CN110969529A (en) | Communication method, device and system for digital asset transaction |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |