CN113243097A

CN113243097A - Device binding method, cloud server and first device

Info

Publication number: CN113243097A
Application number: CN201980077534.5A
Authority: CN
Inventors: 张军
Original assignee: Guangdong Oppo Mobile Telecommunications Corp Ltd
Current assignee: Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date: 2019-06-28
Filing date: 2019-06-28
Publication date: 2021-08-10
Anticipated expiration: 2039-06-28
Also published as: CN113243097B; WO2020258322A1

Abstract

The invention discloses a device binding method, a cloud server, a first device, a chip, a computer readable storage medium, a computer program product and a computer program, wherein the method comprises the following steps: receiving a resource updating request sent by a configurator; wherein, the resource updating request comprises a user identifier; sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device; and receiving a registration success message fed back by the cloud server, and determining that the first device is a user binding device.

Description

Device binding method, cloud server and first device

Technical Field

The present invention relates to the field of information processing technologies, and in particular, to a device binding method, a cloud server, a first device, a chip, a computer-readable storage medium, a computer program product, and a computer program.

Background

In the prior art, during a processing process of an Open connection Foundation (OCF Open Connectivity Foundation) system, an OCF device needs to be bound with a cloud server, and the binding is currently completed through a configurator, for example, the configurator needs to obtain an access token registered by the device for the OCF device to be registered from an OCF cloud, and a subsequent communication process can be continued.

However, in the above processing method, the complexity of device binding is increased, and the reliability of device binding cannot be ensured.

Disclosure of Invention

To solve the foregoing technical problem, an embodiment of the present invention provides a device binding method, a cloud server, a first device, a chip, a computer-readable storage medium, a computer program product, and a computer program.

In a first aspect, a device binding method is provided, which is applied to a first device, and the method includes:

receiving a resource updating request sent by a configurator; wherein, the resource updating request comprises a user identifier;

sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device;

and receiving a registration success message fed back by the cloud server, and determining that the first device is a user binding device.

In a second aspect, a device binding method is provided, and is applied to a cloud server, where the method includes:

receiving a first updating request for account resources for registration sent by a first device; the first updating request comprises a fixed equipment identifier of the first equipment and the user identifier;

based on the first updating request, binding the fixed equipment identifier and the user identifier of the first equipment;

and feeding back a registration success message to the first device.

In a third aspect, a device binding method is provided, which is applied to a first device, and the method includes:

sending a second updating request to the account number resource of the cloud server for registration; wherein, the second update request contains the fixed equipment identification of the first equipment;

receiving a registration success message fed back by a cloud server, and determining that the first device is a user unbound device;

receiving a user identifier sent by a configurator, and sending the user identifier and a fixed equipment identifier of the first equipment to a cloud server;

receiving a response message fed back by the cloud server, and setting a first mark; the first mark is used for representing that the first device is a user binding device.

In a fourth aspect, a device binding method is provided, which is applied to a cloud server, and the method includes:

receiving a second updating request aiming at account resources sent by the first equipment for registration; wherein, the second update request contains the fixed equipment identification of the first equipment;

feeding back a registration success message to the first device;

receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment, and binding the first equipment and a user based on the user identifier and the fixed equipment identifier of the first equipment;

and feeding back a response message to the first equipment.

In a fifth aspect, there is provided a first device comprising:

the first communication unit receives a resource updating request sent by the configurator; wherein, the resource updating request comprises a user identifier; sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device; receiving a registration success message fed back by the cloud server;

the first processing unit is used for determining that the first equipment is the user binding equipment.

In a sixth aspect, a cloud server is provided, including:

the second communication unit is used for receiving a first updating request aiming at account resources and sent by the first equipment for registration; the first updating request comprises a fixed equipment identifier of the first equipment and the user identifier;

the second processing unit binds the fixed equipment identifier and the user identifier of the first equipment based on the first updating request;

and the second communication unit feeds back the registration success message to the first equipment.

In a seventh aspect, a first device is provided, including:

the third communication unit is used for sending a second updating request to the account number resource of the cloud server for registration; wherein, the second update request contains the fixed equipment identification of the first equipment; receiving a registration success message fed back by the cloud server;

the third processing unit is used for determining that the first equipment is the user unbound equipment;

the third communication unit receives a user identifier sent by a configurator and sends the user identifier and the fixed equipment identifier of the first equipment to a cloud server; receiving a response message fed back by the cloud server;

the third processing unit is used for setting a first mark; the first mark is used for representing that the first device is a user binding device.

In an eighth aspect, a cloud server is provided, including:

the fourth communication unit is used for receiving a second updating request aiming at the account resources and sent by the first equipment so as to register; wherein, the second update request contains the fixed equipment identification of the first equipment; feeding back a registration success message to the first device; receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment; feeding back a response message to the first device;

and the fourth processing unit is used for binding the first equipment and the user based on the user identification and the fixed equipment identification of the first equipment.

In a ninth aspect, there is provided a device binding system comprising:

a configurator establishing a connection with a first device; sending a resource update request to the first device; wherein, the resource updating request comprises a user identifier;

the first device receives a resource updating request sent by the configurator; sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device; receiving a registration success message fed back by a cloud server, and setting a first mark when the registration success message contains a binding result of the first device as a user binding device; wherein the first mark is used for representing that the first device is a user binding device;

the cloud server receives a first updating request aiming at account resources and sent by first equipment for registration; based on the first updating request, binding the fixed equipment identifier and the user identifier of the first equipment; and feeding back a registration success message to the first device.

In a tenth aspect, there is provided a device binding system comprising:

a configurator for sending a user identifier to a first device;

the first equipment sends a second updating request to account resources of the cloud server for registration; wherein, the second update request contains the fixed equipment identification of the first equipment; receiving a registration success message fed back by a cloud server, and setting a second mark based on an indication of a user unbound device contained in the registration success message; wherein the second mark is used for representing that the first device is a user unbound device; receiving a user identifier sent by a configurator, and sending the user identifier and a fixed equipment identifier of the first equipment to a cloud server; receiving a response message fed back by the cloud server; when the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device, setting a first mark; the first mark is used for representing that the first equipment is user binding equipment;

the cloud server receives a second updating request aiming at the account resource and sent by the first equipment so as to register; feeding back a registration success message to the first device; receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment, and binding the first equipment and a user based on the user identifier and the fixed equipment identifier of the first equipment; and feeding back a response message to the first equipment.

In an eleventh aspect, a first device is provided that includes a processor and a memory. The memory is used for storing a computer program, and the processor is used for calling and running the computer program stored in the memory, and executing the method in the first aspect or each implementation manner thereof.

In a twelfth aspect, a cloud server is provided that includes a processor and a memory. The memory is used for storing a computer program, and the processor is used for calling and running the computer program stored in the memory, and executing the method of the second aspect or each implementation mode thereof.

In a thirteenth aspect, a chip is provided for implementing the method in the foregoing implementation manners.

Specifically, the chip includes: a processor configured to call and run the computer program from the memory, so that the device on which the chip is installed performs the method in any one of the first aspect to the second aspect or the implementation manners thereof.

In a fourteenth aspect, a computer-readable storage medium is provided for storing a computer program, the computer program causing a computer to perform the method of any one of the first to second aspects or implementations thereof.

In a fifteenth aspect, a computer program product is provided, comprising computer program instructions to cause a computer to perform the method of any one of the first to second aspects or implementations thereof.

In a sixteenth aspect, there is provided a computer program which, when run on a computer, causes the computer to perform the method of any one of the first to second aspects or implementations thereof.

By adopting the scheme, the first device and the configurator can interact to obtain the user identifier or the user identifier and the fixed device identifier in the process of binding the user and the device between the first device and the cloud server, and then the first device binds the user identifier and the fixed device identifier to the cloud server. Therefore, interaction between the configurator and the cloud server is not needed, the reliability of equipment binding is improved, and in addition, the equipment binding uses a fixed equipment identifier, so that the cloud tracing equipment can be supported.

Drawings

FIG. 1 is a schematic diagram of a system architecture provided by an embodiment of the present application;

fig. 2 is a first flowchart of a device binding method according to an embodiment of the present invention;

fig. 3 is a schematic flowchart of a device binding method according to an embodiment of the present invention;

FIG. 4 is a schematic diagram illustrating the processing flow of the client and the server of the OCF;

fig. 5 is a schematic flowchart of a device binding method according to an embodiment of the present invention;

fig. 6 is a fourth schematic flowchart of a device binding method according to an embodiment of the present invention;

fig. 7 is a schematic flowchart of a device binding method according to an embodiment of the present invention;

fig. 8 is a sixth schematic flowchart of a device binding method according to an embodiment of the present invention;

fig. 9 is a first schematic structural diagram of a first apparatus according to an embodiment of the present invention;

fig. 10 is a first structural diagram of a cloud server according to an embodiment of the present invention;

fig. 11 is a schematic diagram of a first apparatus component structure according to an embodiment of the present invention;

fig. 12 is a schematic view of a cloud server composition structure according to an embodiment of the present invention;

fig. 13 is a first schematic structural diagram of a device binding system according to an embodiment of the present invention;

fig. 14 is a schematic diagram illustrating a component structure of an apparatus binding system according to an embodiment of the present invention;

fig. 15 is a schematic structural diagram of a communication device according to an embodiment of the present invention;

FIG. 16 is a schematic block diagram of a chip provided by an embodiment of the present application;

fig. 17 is a schematic diagram of a communication system architecture provided in an embodiment of the present application.

Detailed Description

So that the manner in which the features and aspects of the embodiments of the present invention can be understood in detail, a more particular description of the embodiments of the invention, briefly summarized above, may be had by reference to the embodiments, some of which are illustrated in the appended drawings.

Technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

The technical scheme of the embodiment of the application can be applied to various communication systems, for example: a Global System for Mobile communications (GSM) System, a Code Division Multiple Access (CDMA) System, a Wideband Code Division Multiple Access (WCDMA) System, a General Packet Radio Service (GPRS), a Long Term Evolution (Long Term Evolution, LTE) System, an LTE Frequency Division Duplex (FDD) System, an LTE Time Division Duplex (TDD), a Universal Mobile Telecommunications System (UMTS), a Worldwide Interoperability for Microwave Access (WiMAX) communication System, or a 5G System.

An Open Connectivity Foundation (OCF) is a new technical standard organization of an application layer of the internet of things, the OCF establishes a Restful service framework for interconnection and intercommunication among internet of things devices, in the OCF Restful service framework, information such as the internet of things devices, functional services of the devices, states of the devices and the like is expressed through resources, an entity providing the resources is an OCF service end (hereinafter referred to as a service end), generally an OCF device providing the functional services, and an entity accessing the resources is an OCF client (hereinafter referred to as a client).

The OCF client and the OCF equipment are in remote communication through the OCF cloud, and in order to achieve remote communication, the OCF equipment needs to be bound with a specific user.

The OCF device binding process is shown in the figure 1, the OCF device is firstly configured by a configurator which provides an OCF cloud access configuration function, the configurator provides OCF cloud access information for the OCF device, and the OCF device is registered to an OCF cloud according to the cloud access information and is bound with an OCF user.

The specific process is as follows:

the preconditions are as follows: the user performs cloud registration through the configurator (for example, the user registers a user name and a password to the OCF cloud through the configurator), the OCF cloud accepts the user registration, allocates a user identifier, and sends the user identifier to the configurator.

1: the configurator discovers and connects OCF devices;

2: the configurator requests an Access Token (Access Token) of the equipment for the OCF equipment from the OCF cloud;

3: the OCF cloud distributes an access token for the OCF equipment, and the access token is used for verifying the equipment by the OCF cloud when the equipment is registered;

4: the OCF cloud returns an access token of the equipment, and in addition, the OCF cloud can also return an authorization provider name associated with the access token of the equipment;

5: the configurator configures information connected with the OCF cloud for the device by updating (UPDATE operation) cloud configuration resource' oic.r. The update request of the "oic.r.coapcloudconf" resource includes the following attributes and values (expressed in the way of attribute name: attribute value, the same applies below):

OCF device registers access token in OCF cloud

OCF cloud Access URI (cloud Access URI can be pre-stored in the configurator or manually entered by the user)

And sid, identification of the OCF cloud.

6: and the OCF equipment and the OCF cloud end establish the TLS session.

7: after establishing the TLS session, the OCF device performs device registration by sending an UPDATE (UPDATE operation) request to the account resource "/oic/sec/account", where the UPDATE request of the "/oic/sec/account" resource includes the following attributes and values:

di: OCF equipment identification

OCF equipment registers access token in OCF cloud

authprovider: authorizing provision of the name;

wherein di is an OCF device identifier, which is a non-fixed device identifier, and the OCF device identifier changes after each reactivation of the OCF device.

The OCF cloud receives the registration request of the OCF equipment, associates the current TLS session with the OCF equipment identifier, and returns the following attributes and values to the OCF equipment:

OCF equipment logs in access token of OCF cloud

user identification of uid OCF user

refresh token of OCF device (access token for updating OCF device)

expiration of an OCF device access token

And after the equipment is successfully registered, acquiring the user identifier of the OCF user, and finishing the binding of the user and the equipment.

8: the OCF device performs device login by sending an UPDATE (UPDATE operation) request to the session resource "/oic/sec/session" resource, which includes the following attributes and values:

di: OCF equipment identification

user identification of uid OCF user

OCF equipment logs in access token of OCF cloud

True (value of login request attribute true, representing OCF device request login to OCF cloud)

The OCF cloud receives the login request of the OCF equipment, and performs equipment login response, and returns the following attributes and values to the OCF equipment:

remaining expiration time of expiresin-OCF device access token

9: when or before the Access Token expires, the OCF device sends an UPDATE (UPDATE operation) request to the Token UPDATE resource "/oic/sec/Token refresh" to refresh its Access Token. The update request for the "/oic/sec/token refresh" resource includes the following attributes and values:

di: OCF equipment identification

user identification of uid OCF user

Update token for OCF device

After the access token is updated successfully, the OCF cloud returns the following attributes and values:

OCF device new access token

Update token for OCF device

expiresin the expiration time of the OCF device access token.

It should be understood that the terms "system" and "network" are often used interchangeably herein. The term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.

An embodiment of the present invention provides an apparatus binding method, which is applied to a first apparatus, and as shown in fig. 2, the method includes:

step 21: receiving a resource updating request sent by a configurator; wherein, the resource updating request comprises a user identifier;

step 22: sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device;

step 23: and receiving a registration success message fed back by the cloud server, and determining that the first device is a user binding device.

Wherein the determining that the first device is a user bound device comprises:

when the registration success message contains a binding result that the first device is a user binding device, determining that the first device is the user binding device, and setting a first mark; wherein the first mark is used for representing that the first device is a user binding device.

Alternatively, it may be: and receiving a registration success message fed back by the cloud server, determining that the first equipment is user binding equipment, and setting a first mark.

The device binding method provided in this embodiment is applied to a cloud server, and as shown in fig. 3, the method includes:

step 31: receiving a first updating request for account resources for registration sent by a first device; the first updating request comprises a fixed equipment identifier of the first equipment and the user identifier;

step 32: based on the registration request, binding a fixed equipment identifier and a user identifier of the first equipment;

step 33: and feeding back a registration success message to the first device.

Wherein the registration success message may include at least a binding result of the first device and the user.

In this embodiment, the first device is an OCF device, and the cloud server may be an OCF cloud server; the configuration device may be a configurator.

The interaction between the client and the server is shown in fig. 4.

The client sends a request to the server, operates the resources on the server, the server executes the resource operation and returns a response to the client, and the response carries the expression of the resources.

The client sends a request to the server to operate the resource on the server, where the object of the request operation is a resource URI (for example, there is an ambient temperature resource on the server, and the resource URI is "/environmental temperature"), and the request indicates a resource operation request (for example, the resource operation request requested by the client to the server is an UPDATE operation — UPDATE). The request and response between the OCF client and the server carry the expression of the resource, and the expression of the OCF resource comprises various attribute information of the resource.

Resource attribute: attribute information of a resource is described in an OCF resource expression, "targetTemperature" represents a target temperature attribute of a temperature resource, "currentTemperature" represents a current temperature attribute of the temperature resource, and "temperamerange" represents a temperature range attribute of the temperature resource.

For example, the control terminal for acquiring the indoor environment state data is a client, the sensor device for monitoring the indoor environment state data is a server, and the service interaction between the client and the server is realized by creating, reading, updating, deleting or notifying the resource operation methods.

In the solution provided in this embodiment, it is described with reference to fig. 5 that the cloud connection credential and the fixed device identifier of the first device need to be preconfigured in the first device. The configurator requests to update cloud configuration resources of the first device, provides a user identifier in the request, the first device requests the cloud server to perform device registration, provides the user identifier and a preset fixed device identifier in the request, and the cloud server binds the user identifier and the fixed device identifier to achieve binding of the user and the first device.

Specifically, as shown in fig. 5, the first device presets a cloud connection certificate and a fixed device identifier. For example, the first device presets a shared key as a cloud connection credential, and the fixed device identifier adopts a unique and unchangeable identifier such as a device MAC address and a serial number, or generates the fixed device identifier after the device MAC address and the serial number are converted. The fixed device identifier is generated after the conversion, and may be generated for a sequence based on the MAC address of the device and the specified type, or may be generated based on the serial number of the device and the sequence of the specified type. The sequence of the specified type can be set according to actual conditions, for example, a clock sequence and the like can be set.

The user triggers cloud registration through the configurator (for example, the user registers a user name and a password to the cloud server through the configurator), the cloud server receives the user registration, and the user identification is distributed and sent to the configurator.

Step 1: the configurator discovers and connects the first device;

step 2: the configurator configures information connected with the cloud server for the equipment by updating a cloud configuration resource' oic.r.

An example of an update request message for an "oic.r.coapcloudconf" resource sent by a configurator to a first device:

“UPDATE/example/coapcloudconf

{

"cis":"coaps+tcp://apidev.oppo-dbg.net:8443",

"sid":"1111",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48"

}”

the following attributes are included in the above message example:

cis cloud Server Access URI (cloud Access URI can be pre-stored in the configurator or manually entered by the user)

Id identification of cloud server

user identification of uid OCF user

Then, the first device sends request information for establishing a first session to a cloud server based on a cloud connection certificate; and after the first session is established, sending a registration request to the cloud server. Correspondingly, the cloud server receives request information for establishing the first session, which is sent by the first device based on the cloud connection certificate; verifying the first device based on the cloud connection certificate; when the first device is authenticated, a first session is established with the first device.

Wherein the first session may be a TLS session. In addition, the registration request may be to send an update request to the account resource "/oic/sec/account" to perform device registration, that is, the registration request may be an update request for the account resource, and only functions as a device registration, which may be understood as a type of registration request.

See in particular the following steps 3, 4:

and step 3: the first device requests the cloud server to establish the TLS session by using the cloud connection certificate, the cloud server verifies the device identity through the cloud connection certificate, and the TLS session is established after the verification is passed.

And 4, step 4: after the TLS session is established, the first device performs device registration by sending an update request to an account resource "/oic/sec/account", where the request message includes a user identifier and a fixed device identifier.

Example of an update request message of an "/oic/sec/account" resource sent by a first device to a cloud server:

“UPDATE/oic/sec/account

{

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f"

}”

the following attributes are included in the above message example:

user identification of uid OCF user

pdi fixed device identification of first device

Where pdi is the fixed device identity of the first device, which does not change every time the first device is reactivated.

Another possible way is: in the device registration request, the non-fixed device identifier of the first device is reserved, and the fixed device identifier is added, as follows:

“UPDATE/oic/sec/account

{

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"di":"8c08fc42-f0af-48d0-a554-0b6b7bc391e8"

}”

the following attributes are included in the above message example:

user identification of uid OCF user

pdi fixed device identification of first device

di non-fixed device identification of first device

And 5: the cloud server distributes an access token for the first device, and the access token is used for verifying the device by the cloud server when the device logs in. And the cloud server binds the user identifier and the fixed equipment identifier and binds the user and the equipment.

Optionally, the cloud server associates the first session with a fixed device identifier of the first device. In particular, the TLS session is associated to a fixed device identity.

Step 6: after the device registration is successful, the cloud server returns a device registration success message, wherein the registration success message at least comprises a binding result of the first device and the user.

Specifically, the binding result may be indicated by an indication bit therein, for example, when the first device is successfully bound with the user, the indication bit may be set to "true", otherwise, the indication bit is set to "false". For example, 1 may represent true, and 0 may represent false, or vice versa, and this embodiment is not limited in this embodiment.

An example of a returned registration success message is as follows:

“{

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"refreshtoken":"Aliz3DUe4vuNAlSblExfbGxmp",

"expiresin":62208000,

"bind":true

}”

the following attributes are included in the above message example:

accesstocken: the first equipment logs in an access token of a cloud server;

refreshthoven: an update token of the first device (an access token for updating the first device);

expiresin the expiration time of the first device access token;

bind: and the value of true of the binding result of the user and the first device indicates that the user binds the device.

And 7: and after receiving the successful message of the equipment registration, finishing the binding of the user and the equipment.

That is to say, the first device receives a registration success message fed back by the cloud server, and sets a first flag when the registration success message contains a binding result that the first device is a user binding device; wherein the first mark is used for characterizing that the first device is a binding device.

Or, the first device receives the registration success message fed back by the cloud server, that is, the first device can determine that the first device is the user binding device, and at this time, the first mark can be directly set; wherein the first mark is used for characterizing that the first device is a binding device.

Optionally, the first device marks itself as a user-bound device.

The first device is marked as a user-bound device in the expression of the cloud configuration resource. For example, the first flag may be "1".

Examples are as follows:

“{

"cis":"coaps+tcp://apidev.oppo-dbg.net:8443",

"sid":"1111",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"bind":true

}”

the above examples include the following attributes:

cis, the cloud server accesses the URI;

sid, identification of the cloud server;

uid is the user identification of the OCF user;

bind is the binding result of the user and the first device.

And 8: the method comprises the steps that a first device sends an updating request to session resources of a cloud server; the update request is used for requesting equipment login, and the update request includes a fixed equipment identifier of the first equipment.

Specifically, the device login may be performed by sending an update request to a session resource "/oic/sec/session" resource, where the request message includes a fixed device identifier.

An example of an update request message of an "/oic/sec/session" resource sent by a first device to a cloud server:

“UPDATE/oic/sec/session

{

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"login":true

}”

the following attributes are included in the above message example:

user identification of uid OCF user

pdi fixed device identification of first device

accesstocken, namely access token of first equipment logging in cloud server

True (the value of the login request attribute, true, indicates that the first device requests to log in to the cloud server).

Another possible way is: the non-fixed device identifier of the first device is reserved in the device login request, and the fixed device identifier is added, as follows:

“UPDATE/oic/sec/session

{

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"di":"8c08fc42-f0af-48d0-a554-0b6b7bc391e8",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"login":true

}”

the following attributes are included in the above message example:

user identification of uid OCF user

pdi fixed device identification of first device

di non-fixed device identification of first device

accesstocken, namely access token of first equipment logging in cloud server

And step 9: and the cloud server receives the login request of the first equipment and responds to equipment login.

An embodiment of the present invention provides an apparatus binding method, which is applied to a first apparatus, and as shown in fig. 6, the method includes:

step 41: sending a second updating request to the account number resource of the cloud server for registration; wherein, the second update request contains the fixed equipment identification of the first equipment;

step 42: receiving a registration success message fed back by a cloud server, and determining that the first device is a user unbound device;

step 43: receiving a user identifier sent by a configurator, and sending the user identifier and a fixed equipment identifier of the first equipment to a cloud server;

step 44: receiving a response message fed back by the cloud server, and setting a first mark; the first mark is used for representing that the first device is a user binding device.

Wherein it is determined that the first device is a user-unbound device, the method further comprising:

determining that the first device is a user unbound device based on the indication of the user unbound device contained in the registration success message, and setting a second mark; wherein the second mark is used for representing that the first device is a user unbound device.

It should be further noted that, at this time, the second flag may be directly set after receiving the registration success message fed back by the cloud server and determining that the first device is the user unbound device.

The device binding method provided in this embodiment is applied to a cloud server, and as shown in fig. 7, the method includes:

step 51: receiving a second updating request aiming at account resources sent by the first equipment for registration; wherein, the second update request contains the fixed equipment identification of the first equipment;

step 52: feeding back a registration success message to the first device;

step 53: receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment, and binding the first equipment and a user based on the user identifier and the fixed equipment identifier of the first equipment;

step 54: and feeding back a response message to the first equipment.

Wherein, the registration success message can carry the indication that the user does not bind the device;

the response message may indicate that the user identifier is successfully bound with the fixed device identifier of the first device.

Similarly, the first device is an OCF device, and the cloud server is an OCF cloud.

The basic scheme of the embodiment is as follows: the first device presets a cloud connection certificate and a fixed device identifier. The first device is automatically registered to a cloud server after being connected with a network, a fixed device identifier is provided in a device registration request, and the first device is marked as a user unbound device after being successfully registered. The configurator finds first equipment which is not bound by a user, configures a user identifier for the first equipment, after the first equipment obtains the user identifier, the user identifier is provided for the cloud server, and the cloud server binds the user identifier and the fixed equipment identifier to realize the binding of the user and the equipment.

It should be noted here that the configurator finds that the user is not bound to the first device, and specifically may be: the configurator queries in a polling mode; for example, polling is performed at a certain period to inquire whether the first device is currently the user's label for binding the device, and then a result is obtained; the mark can be the first mark or the second mark;

alternatively, it may be: the first device carries out multicast announcement or broadcast announcement on the device which is not bound by the user, and the configurator discovers whether the first device is a user bound device or not according to the information of the multicast announcement or the broadcast announcement.

In addition, the first device is a user-bound or user-unbound device, and may be determined based on the aforementioned first flag and the second flag. Specifically, the scheme provided in this embodiment is described with reference to fig. 8:

the preconditions are as follows: the first device pre-configures a cloud connection certificate and a fixed device identifier of the first device. For example, the first device presets a shared key as a cloud connection credential, and the fixed device identifier adopts a unique and unchangeable identifier such as a device MAC address and a serial number, or generates the fixed device identifier after the device MAC address and the serial number are converted.

The user performs cloud registration through the configurator (for example, the user registers a user name and a password with the cloud server through the configurator), the cloud server receives the user registration, and the user identification is distributed and sent to the configurator.

Step 1: the first device requests the cloud server to establish a first session based on the connection certificate. Specifically, the first device requests the cloud server to establish the TLS session by using the cloud connection credential, and the cloud server verifies the device identity through the cloud connection credential and establishes the TLS session after the verification is passed.

Step 2: after establishing the first session, the first device sends a second updating request to account resources of the cloud server to register; specifically, after the TLS session is established, the first device performs device registration by sending an update request to an account resource "/oic/sec/account", where the request message includes a fixed device identifier.

“UPDATE/oic/sec/account

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f"

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

“UPDATE/oic/sec/account

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"di":"8c08fc42-f0af-48d0-a554-0b6b7bc391e8"

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

di-the non-fixed device identity of the first device.

And step 3: the cloud server distributes an access token for the first device, and the access token is used for verifying the device by the cloud server when the device logs in.

Optionally, the cloud server associates the TLS session to the fixed device identification.

And 4, step 4: after the device registration is successful, the cloud server returns a device registration success message, and optionally, the message indicates that the user is not bound to the device.

An example of a returned response message is as follows:

“{

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"refreshtoken":"Aliz3DUe4vuNAlSblExfbGxmp",

"expiresin":62208000,

"bind":false

}”

the following attributes are included in the above message example:

accesstocken, namely access token of first equipment logging in cloud server

refreshhooken the update token for a first device (access token for updating the first device)

expiresin expiration time of first device access token

bind, binding result of user and first device, and false value represents that user does not bind device.

And 5: after receiving the device registration success message, the first device marks itself as a user unbound device. Specifically, a second flag may be set for the first device; wherein the second mark is used for representing that the first device is a user unbound device.

An example of the first device being marked as a user unbound device in the representation of the cloud configured resource is as follows:

“{

"cis":"coaps+tcp://apidev.oppo-dbg.net:8443",

"sid":"1111",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"bind":false

}”

the above examples include the following attributes:

cis cloud Server Access URI

Id identification of cloud server

user identification of uid OCF user

bind is the binding result of the user and the first device.

Step 6: the first equipment sends a third updating request to the session resource of the cloud server; the third update request carries the fixed device identifier.

Specifically, as shown in the figure, the first device performs device login by sending an update request to the session resource "/oic/sec/session" resource, where the request message includes the fixed device identifier.

“UPDATE/oic/sec/session

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"login":true

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

accesstocken, namely access token of first equipment logging in cloud server

True (value of login request attribute true, indicating that the first device requests to log in to the cloud server)

“UPDATE

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"di":"8c08fc42-f0af-48d0-a554-0b6b7bc391e8",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"login":true

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

di non-fixed device identification of first device

accesstocken, namely access token of first equipment logging in cloud server

And 7: and the cloud server receives the login request of the first equipment and responds to equipment login. That is to say, the cloud server receives a third update request for session resources sent by the first device to perform device login; wherein, the third update request includes the fixed device identifier of the first device.

And 8: the configurator discovers the user unbound devices and configures a user identification for the first device. Here, the configurator may be determined according to a binding result property "bind" of the user and the device in the expression of the cloud configuration resource of the first device, and when the value is false, the first device may be determined as a device to which the user is not bound, and when the value is true, the first device may be determined as a device to which the user is bound.

And step 9: and after the first device obtains the user identification, the first device provides the fixed device identification and the user identification for the cloud server.

There are 3 ways to provide fixed device identification and user identification, which are:

adding a user identifier and a fixed equipment identifier of first equipment into an update token resource request, and sending the update token resource request to the cloud server;

adding a user identifier and a fixed equipment identifier of first equipment into an account resource updating request, and sending the account resource updating request to the cloud server;

adding a user identifier and a fixed equipment identifier of first equipment into an update session resource request, and sending the update session resource request to the cloud server

Specifically, the method 1: the first device provides the fixed device identification and the user identification in an update token resource "/oic/sec/token refresh" request.

Example of an update request message of an "/oic/sec/token refresh" resource sent by a first device to a cloud server:

“UPDATE/oic/sec/tokenrefresh

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio"

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

user identification of uid OCF user

accesstocken: access token for a first device

Another possible way is: the non-fixed device identifier of the first device is reserved in the token resource updating request, and the fixed device identifier is added, as follows:

“UPDATE/oic/sec/tokenrefresh

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"di":"8c08fc42-f0af-48d0-a554-0b6b7bc391e8",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio"

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

di non-fixed device identification of first device

user identification of uid OCF user

accesstocken: the access token of the first device.

Since the validity period of the device access token may be relatively long, in order to bind the device in time, the first device may send an update token request to the cloud server immediately after obtaining the user identifier, so as to provide the fixed device identifier and the user identifier. The fixed device identification and the user identification may also be provided in the next normal update token request by the device.

Mode 2: the first device provides the fixed device identification and the user identification in an update account resource "/oic/sec/account" request.

“UPDATE/oic/sec/account

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48"

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

And uid is the user identification of the OCF user.

Another possible way is: in the request for updating the account resource, the identifier of the non-fixed device of the first device is reserved, and the identifier of the fixed device is added, as follows:

"UPDATE/oic/sec/account// UPDATE operation, the resource URI of the operation is/oic/sec/account

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"di":"8c08fc42-f0af-48d0-a554-0b6b7bc391e8",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48"

}”

The following attributes are included in the above message example:

pdi fixed device identification of first device

di: non-fixed device identification of first device

And uid is the user identification of the OCF user.

Mode 3: the first device provides the fixed device identification and the user identification in an update session resource "/oic/sec/session" request.

“UPDATE/oic/sec/session

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"login":true,

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48"

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

accesstocken, namely access token of first equipment logging in cloud server

login:true

And uid is the user identification of the OCF user.

“UPDATE/oic/sec/session

{

"pdi":"43643ed0-4956-4b2f-4ae5-768419fc7d7f",

"di":"8c08fc42-f0af-48d0-a554-0b6b7bc391e8",

"accesstoken":"ux933nT5Z3iK7TGRh9C4KaCkahidZTio",

"login":true,

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48"

}”

the following attributes are included in the above message example:

pdi fixed device identification of first device

di non-fixed device identification of first device

accesstocken, namely access token of first equipment logging in cloud server

login:true

And uid is the user identification of the OCF user.

Step 10: and the cloud server binds the user identifier and the fixed equipment identifier and binds the user and the equipment.

Step 11: and the cloud server sends a response message to the first equipment.

It is noted that the response message may also indicate that the user identity is successfully bound to the fixed device identity of the first device. Of course, the indication of binding success may not be made in the response message.

In this step, the response message of the cloud server corresponds to 3 different modes in step 9:

mode 1: the response message sent by the cloud server is an update token response message.

Mode 2: and the response message sent by the cloud server is an account resource updating response message.

Mode 3: the response message sent by the cloud server is a session resource updating response message.

Step 12: the first device marks itself as a user-bound device.

Specifically, the following may be mentioned: when the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device, setting a first mark; the first mark is used for representing that the first device is a user binding device.

Or, when the response message does not include an indication that the binding or the unbinding is successful, the first device may be determined as the user-bound device according to the response message indicating that the received information is successful, and the first flag may be directly set at this time; otherwise, if the response information fails to indicate the received information, the first device may consider that the network side is not bound, and then determine that the first device is a user unbound device.

An example of the first device marking as a user bound device in the representation of the cloud configuration resource is as follows:

“{

"cis":"coaps+tcp://apidev.oppo-dbg.net:8443",

"sid":"1111",

"uid":"336917bc-24d4-4f05-8e7f-e27ccb4adb48",

"bind":true

}”

the above examples include the following attributes:

cis cloud Server Access URI

Id identification of cloud server

user identification of uid OCF user

bind is the binding result of the user and the first device.

Therefore, by adopting the scheme, the first device and the configurator can interact to obtain the user identifier or the user identifier and the fixed device identifier in the process of binding the user and the device between the first device and the cloud server, and then the first device binds the user identifier and the fixed device identifier to the cloud server. Therefore, interaction between the configurator and the cloud server is not needed, the reliability of equipment binding is improved, and in addition, the equipment binding uses a fixed equipment identifier, so that the cloud tracing equipment can be supported.

An embodiment of the present invention provides a first device, as shown in fig. 9, including:

a first communication unit 61 for receiving the resource update request from the configurator; wherein, the resource updating request comprises a user identifier; sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device; receiving a registration success message fed back by the cloud server;

the first processing unit 62 determines that the first device is a user bound device.

Specifically, when the registration success message includes a binding result that the first device is a user binding device, the first processing unit 62 determines that the first device is a user binding device, and sets a first flag; wherein the first mark is used for representing that the first device is a user binding device.

Alternatively, it may be: and receiving a registration success message fed back by the cloud server, the first processing unit 62 determines that the first device is a user binding device, and sets a first flag.

As shown in fig. 10, the cloud server provided in this embodiment includes:

a second communication unit 71, configured to receive a first update request for account resources for registration sent by a first device; the first updating request comprises a fixed equipment identifier of the first equipment and the user identifier;

the second processing unit 72 binds the fixed device identifier and the user identifier of the first device based on the registration request;

the second communication unit 71 feeds back the registration success message to the first device.

In the solution provided in this embodiment, the first processing unit 62 of the first device presets the cloud connection certificate and the fixed device identifier. For example, the first device presets a shared key as a cloud connection credential, and the fixed device identifier adopts a unique and unchangeable identifier such as a device MAC address and a serial number, or generates the fixed device identifier after the device MAC address and the serial number are converted.

The first processing unit 62 receives information that the configurator configures the connection cloud server for the device by updating the cloud configuration resource "oic.r.

Then, the first processing unit 62 of the first device sends request information for establishing a first session to the cloud server based on the cloud connection credential; and after the first session is established, sending a registration request to the cloud server. Correspondingly, the cloud server receives request information for establishing the first session, which is sent by the first device based on the cloud connection certificate; verifying the first device based on the cloud connection certificate; when the first device is authenticated, a first session is established with the first device.

Wherein the first session may be a TLS session.

Another possible way is: in the device registration request, the non-fixed device identifier of the first device is reserved, and the fixed device identifier is added.

The second communication unit 71 of the cloud server allocates an access token to the first device, where the access token is used for the cloud server to authenticate the device when the device logs in. The second processing unit 72 of the cloud server binds the user identifier and the fixed device identifier, and binds the user and the device.

Optionally, the second processing unit 72 of the cloud server associates the first session with the fixed device identifier of the first device. In particular, the TLS session is associated to a fixed device identity.

After the device registration is successful, the second communication unit 71 of the cloud server returns a device registration success message, where the registration success message may at least include a binding result of the first device and the user.

The first communication unit 61 of the first device completes the binding between the user and the device after receiving the device registration success message.

That is to say, the first device receives a registration success message fed back by the cloud server, and sets a first flag when the registration success message contains a binding result that the first device is a user binding device; the first mark is used for representing that the first device is a bound device, optionally, the first device marks the first device as a user bound device.

A first communication unit 61 of the first device sends an update request to a session resource of the cloud server; the update request is used for requesting equipment login, and the update request includes a fixed equipment identifier of the first equipment.

Another possible way is: and reserving the non-fixed equipment identifier of the first equipment in the equipment login request, and adding the fixed equipment identifier.

The second communication unit 71 of the cloud server receives the login request of the first device, and responds to the device login.

An embodiment of the present invention provides a first device, as shown in fig. 11, including:

the third communication unit 81 sends a second update request to the cloud server account resource to perform registration; wherein, the second update request contains the fixed equipment identification of the first equipment; receiving a registration success message fed back by the cloud server;

a third processing unit 82, configured to determine that the first device is a user-unbound device;

the third communication unit 81 receives the user identifier sent by the configurator, and sends the user identifier and the fixed device identifier of the first device to the cloud server; receiving a response message fed back by the cloud server;

the third processing unit 82, set the first flag; the first mark is used for representing that the first device is a user binding device.

The third processing unit determines that the first device is a user unbound device based on an indication of the user unbound device that may be included in the registration success message, and sets a second flag; wherein the second mark is used for representing that the first device is a user unbound device.

It should be further noted that, at this time, after the third processing unit 82 determines that the first device is a user unbound device after receiving the registration success message fed back by the cloud server, the second flag may be directly set.

As shown in fig. 12, the cloud server provided in this embodiment includes:

a fourth communication unit 91, configured to receive a second update request for the account resource sent by the first device to register; wherein, the second update request contains the fixed equipment identification of the first equipment; feeding back a registration success message to the first device; receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment; feeding back a response message to the first device;

the fourth processing unit 92, binding the first device and the user based on the user identifier and the fixed device identifier of the first device.

Wherein, the registration success message carries an indication that the user is not bound with the device;

and the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device.

The basic scheme of the embodiment is as follows: the third processing unit 82 of the first device presets the cloud connection certificate and the fixed device identifier. For example, the first device presets a shared key as a cloud connection credential, and the fixed device identifier adopts a unique and unchangeable identifier such as a device MAC address and a serial number, or generates the fixed device identifier after the device MAC address and the serial number are converted.

The third processing unit 82 of the first device requests the cloud server to establish the first session based on the connection credential. Specifically, the first device requests the cloud server to establish the TLS session by using the cloud connection credential, and the cloud server verifies the device identity through the cloud connection credential and establishes the TLS session after the verification is passed.

After the first device establishes the first session, the third processing unit 82 sends a second update request to the cloud server account resource to perform registration; specifically, after the TLS session is established, the first device performs device registration by sending an update request to an account resource "/oic/sec/account", where the request message includes a fixed device identifier.

The fourth communication unit 91 of the cloud server allocates an access token to the first device, where the access token is used for verifying the device by the cloud server when the device logs in.

After the device registration is successful, the fourth communication unit 91 of the cloud server returns a device registration success message, and optionally, the message indicates that the user is not bound to the device.

After the third communication unit 81 of the first device receives the device registration success message, the third processing unit 82 of the first device marks itself as a user unbound device. Specifically, a second flag may be set for the first device; wherein the second mark is used for representing that the first device is a user unbound device.

The third communication unit 81 of the first device sends a third update request to the cloud server session resource; the third update request carries the fixed device identifier.

The fourth communication unit 91 of the cloud server receives the login request of the first device, and performs a response of device login. That is to say, the cloud server receives a third update request for session resources sent by the first device to perform device login; wherein, the third update request includes the fixed device identifier of the first device.

The configurator discovers the user unbound devices and configures a user identification for the first device.

After obtaining the user identifier, the third communication unit 81 of the first device provides the fixed device identifier and the user identifier to the cloud server.

The fourth processing unit 92 of the cloud server binds the user identifier and the fixed device identifier, and binds the user and the device.

The fourth communication unit 91 of the cloud server sends a response message to the first device, where the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device.

The third processing element 82 of the first device marks itself as a user-bound device. Can be as follows: when the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device, setting a first mark; the first mark is used for representing that the first device is a user binding device.

The present embodiment further provides an apparatus binding system, as shown in fig. 13, including:

a configurator 1001 establishing a connection with a first device; sending a resource update request to the first device; wherein, the resource updating request comprises a user identifier;

a first device 1002, receiving a resource update request sent by a configurator; sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device; receiving a registration success message fed back by a cloud server, and setting a first mark when the registration success message contains a binding result of the first device as a user binding device; wherein the first mark is used for representing that the first device is a user binding device;

the cloud server 1003 receives a first update request for account resources, sent by a first device, for registration; based on the first updating request, binding the fixed equipment identifier and the user identifier of the first equipment; and feeding back a registration success message to the first device.

In this embodiment, the functions of the configurator, the first device, and the cloud server are the same as those in the foregoing method flow, and are not described here again.

The present embodiment further provides a device binding system, as shown in fig. 14, including:

a configurator 1101 that sends a user identification to the first device;

the first device 1102 is used for sending a second updating request to the cloud server account resource for registration; wherein, the second update request contains the fixed equipment identification of the first equipment; receiving a registration success message fed back by a cloud server, and setting a second mark based on an indication of a user unbound device contained in the registration success message; wherein the second mark is used for representing that the first device is a user unbound device; receiving a user identifier sent by a configurator, and sending the user identifier and a fixed equipment identifier of the first equipment to a cloud server; receiving a response message fed back by the cloud server; when the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device, setting a first mark; the first mark is used for representing that the first equipment is user binding equipment;

the cloud server 1103 receives a second update request for the account resource sent by the first device to register; feeding back a registration success message to the first device; receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment, and binding the first equipment and a user based on the user identifier and the fixed equipment identifier of the first equipment; and feeding back a response message to the first equipment.

The configurator 1101, when finding that the first device is a user unbound device, configures a user identifier for the first device.

Specifically, the configurator 1101 performs query in a polling manner; for example, polling is performed at a certain period to inquire whether the first device is currently the user's label for binding the device, and then a result is obtained; the mark can be the first mark or the second mark;

alternatively, it may be: the first device 1102 performs multicast announcement or broadcast announcement on itself as a device that the user is not bound to, and the configurator 1101 discovers whether the first device is a user bound device according to the information of the multicast announcement or the broadcast announcement. The first device is a user bound or user unbound device and may be determined based on the aforementioned first indicia and second indicia.

Fig. 15 is a schematic structural diagram of a communication device 1900 according to an embodiment of the present invention, where the communication device in this embodiment may be embodied as a terminal device or a network device in the foregoing embodiments. The communications device 1900 shown in fig. 19 includes a processor 1910, and the processor 1910 can call and run a computer program from a memory to implement the method in the embodiments of the present invention.

Optionally, as shown in fig. 15, the communication device 1900 may also include a memory 1920. From memory 1920, processor 1910 may invoke and execute a computer program, among other things, to implement methods in embodiments of the present invention.

The memory 1920 may be a separate device from the processor 1910 or may be integrated into the processor 1910.

Optionally, as shown in fig. 15, the communication device 1900 may further include a transceiver 1930, and the processor 1910 may control the transceiver 1930 to communicate with other devices, and specifically, may transmit information or data to the other devices or receive information or data transmitted by the other devices.

The transceiver 1930 may include a transmitter and a receiver, among other things. The transceiver 1930 may further include one or more antennas.

Optionally, the communication device 1900 may specifically be a network device according to the embodiment of the present invention, and the communication device 1900 may implement a corresponding process implemented by the network device in each method according to the embodiment of the present invention, which is not described herein again for brevity.

Optionally, the communication device 1900 may specifically be the first device or the cloud server in the embodiment of the present invention, and the communication device 1900 may implement the corresponding process implemented by the mobile terminal/terminal device in each method in the embodiment of the present invention, and for brevity, details are not described here again.

Fig. 16 is a schematic structural diagram of a chip of an embodiment of the present invention. The chip 2000 shown in fig. 16 includes a processor 2010, and the processor 2010 may call and execute a computer program from a memory to implement the method in the embodiment of the present invention.

Optionally, as shown in fig. 16, the chip 2000 may further include a memory 2020. From the memory 2020, the processor 2010 may call and execute a computer program to implement the method in the embodiment of the present invention.

The memory 2020 may be a separate device from the processor 2010 or may be integrated into the processor 2010.

Optionally, the chip 2000 may further comprise an input interface 2030. The processor 2010 may control the input interface 2030 to communicate with other devices or chips, and specifically, may obtain information or data sent by the other devices or chips.

Optionally, the chip 2000 may further include an output interface 2040. The processor 2010 may control the output interface 2040 to communicate with other devices or chips, and in particular, may output information or data to the other devices or chips.

Optionally, the chip may be applied to the first device or the cloud server in the embodiment of the present invention, and the chip may implement a corresponding process implemented by the first device or the cloud server in each method in the embodiment of the present invention, and for brevity, no further description is given here.

It should be understood that the chips mentioned in the embodiments of the present invention may also be referred to as a system-on-chip, a system-on-chip or a system-on-chip.

It should be understood that the processor of embodiments of the present invention may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method embodiments may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, or discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.

It will be appreciated that the memory in embodiments of the invention may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The non-volatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable PROM (EEPROM), or a flash Memory. Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory. By way of example, but not limitation, many forms of RAM are available, such as Static random access memory (Static RAM, SRAM), Dynamic Random Access Memory (DRAM), Synchronous Dynamic random access memory (Synchronous DRAM, SDRAM), Double Data Rate Synchronous Dynamic random access memory (DDR SDRAM), Enhanced Synchronous SDRAM (ESDRAM), Synchronous link SDRAM (SLDRAM), and Direct Rambus RAM (DR RAM). It should be noted that the memory of the systems and methods described herein is intended to comprise, without being limited to, these and any other suitable types of memory.

It should be understood that the above memories are exemplary but not limiting illustrations, for example, the memories in the embodiments of the present invention may also be Static Random Access Memory (SRAM), dynamic random access memory (dynamic RAM, DRAM), Synchronous Dynamic Random Access Memory (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (enhanced SDRAM, ESDRAM), Synchronous Link DRAM (SLDRAM), Direct Rambus RAM (DR RAM), and the like. That is, the memory in the embodiments of the present invention is intended to comprise, without being limited to, these and any other suitable types of memory.

Fig. 17 is a schematic block diagram of a communication system 2100 provided in an embodiment of the present application. As shown in fig. 17, the communication system 2100 includes a UE2110 and a network device 2120.

The UE2110 may be configured to implement corresponding functions implemented by the first device in the foregoing method, and the network device 2120 may be configured to implement corresponding functions implemented by the cloud server in the foregoing method for brevity, which is not described herein again.

The embodiment of the invention also provides a computer readable storage medium for storing the computer program.

Optionally, the computer-readable storage medium may be applied to the first device or the cloud server in the embodiment of the present invention, and the computer program enables the computer to execute corresponding processes implemented by the network device in the methods in the embodiments of the present invention, which is not described herein again for brevity.

Embodiments of the present invention also provide a computer program product, which includes computer program instructions.

Optionally, the computer program product may be applied to the first device or the cloud server in the embodiment of the present invention, and the computer program instruction enables the computer to execute the corresponding process implemented by the network device in each method in the embodiment of the present invention, which is not described herein again for brevity.

The embodiment of the invention also provides a computer program.

Optionally, the computer program may be applied to the first device or the cloud server in the embodiment of the present invention, and when the computer program runs on a computer, the computer is enabled to execute corresponding processes implemented by the network device in each method in the embodiment of the present invention, which is not described herein again for brevity.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.

The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims

A device binding method applied to a first device comprises the following steps:

receiving a resource updating request sent by a configurator; wherein, the resource updating request comprises a user identifier;

sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device;

and receiving a registration success message fed back by the cloud server, and determining that the first device is a user binding device.
The method of claim 1, wherein the determining that the first device is a user bound device comprises:

when the registration success message contains a binding result that the first device is a user binding device, determining that the first device is the user binding device, and setting a first mark; wherein the first mark is used for representing that the first device is a user binding device.
The method of claim 1, wherein the receiving a registration success message fed back by a cloud server, and when determining that the first device is a user bound device, the method further comprises:

setting a first mark; wherein the first mark is used for representing that the first device is a user binding device.
The method of claim 1, wherein the method further comprises:

and pre-configuring the cloud connection certificate and the fixed equipment identifier of the first equipment.
The method of claim 4, wherein the sending a first update request to a cloud server account resource for registration comprises:

sending request information for establishing a first session to the cloud server based on a cloud connection certificate;

after the first session is established, a first updating request is sent to the account resources of the cloud server to register.
The method of claim 1, wherein the method further comprises:

sending an updating request to session resources of a cloud server; the update request is used for requesting equipment login, and the update request includes a fixed equipment identifier of the first equipment.
A device binding method is applied to a cloud server, and comprises the following steps:

receiving a first updating request for account resources for registration sent by a first device; the first updating request comprises a fixed equipment identifier of the first equipment and the user identifier;

based on the first updating request, binding the fixed equipment identifier and the user identifier of the first equipment;

and feeding back a registration success message to the first equipment.
The method of claim 7, wherein,

the registration success message at least comprises a binding result of the first equipment and the user.
The method of claim 7, wherein prior to receiving the first update request for account resources for registration from the first device, the method further comprises:

receiving request information for establishing a first session sent by first equipment based on a cloud connection certificate;

verifying the first device based on the cloud connection certificate;

when the first device is authenticated, a first session is established with the first device.
The method of claim 9, wherein the method further comprises:

and associating the first session with the fixed equipment identification of the first equipment.
A device binding method applied to a first device comprises the following steps:

sending a second updating request to the account number resource of the cloud server for registration; wherein, the second update request contains the fixed equipment identification of the first equipment;

receiving a registration success message fed back by a cloud server, and determining that the first device is a user unbound device;

receiving a user identifier sent by a configurator, and sending the user identifier and a fixed equipment identifier of the first equipment to a cloud server;

receiving a response message fed back by the cloud server, and setting a first mark; the first mark is used for representing that the first device is a user binding device.
The method of claim 11, wherein determining that the first device is a user-unbound device further comprises:

determining that the first device is a user unbound device based on the indication of the user unbound device contained in the registration success message, and setting a second mark; wherein the second mark is used for representing that the first device is a user unbound device.
The method of claim 11, wherein the method further comprises:

and pre-configuring the cloud connection certificate and the fixed equipment identifier of the first equipment.
The method of claim 11, wherein the sending a second update request to a cloud server account resource for registration comprises:

requesting a cloud server to establish a first session based on the connection certificate;

and after the first session is established, sending a second updating request to the account resources of the cloud server for registration.
The method of claim 11, wherein sending the user identification and the fixed device identification of the first device to a cloud server comprises one of:

adding a user identifier and a fixed equipment identifier of first equipment into an update token resource request, and sending the update token resource request to the cloud server;

adding a user identifier and a fixed equipment identifier of first equipment into an account resource updating request, and sending the account resource updating request to the cloud server;

and adding the user identifier and the fixed equipment identifier of the first equipment into an update session resource request, and sending the update session resource request to the cloud server.
A device binding method is applied to a cloud server, and comprises the following steps:

receiving a second updating request aiming at account resources sent by the first equipment for registration; wherein, the second update request contains the fixed equipment identification of the first equipment;

feeding back a registration success message to the first device;

receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment, and binding the first equipment and a user based on the user identifier and the fixed equipment identifier of the first equipment;

and feeding back a response message to the first equipment.
The method of claim 16, wherein the registration success message carries an indication that the user is not bound to the device;

and the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device.
The method of claim 16, wherein before receiving a second update request for account resources sent by a first device to register, the method further comprises:

receiving a request sent by a first device to establish a first session based on connection credentials; a first session is established with a first device based on the request to establish the first session.
The method of claim 16, wherein after the feeding back a registration success message to the first device, the method further comprises:

receiving a third updating request aiming at session resources and sent by the first equipment to carry out equipment login; wherein, the third update request includes the fixed device identifier of the first device.
The method of claim 16, wherein receiving the user identifier sent by the first device and the fixed device identifier of the first device comprises one of:

receiving a user identifier and a fixed device identifier of first equipment from the first equipment through an update token resource request sent by the first equipment;

receiving a user identifier and a fixed device identifier of first equipment from the first equipment through an account resource updating request sent by the first equipment;

and receiving the user identification and the fixed equipment identification of the first equipment from the first equipment through the session resource updating request sent by the first equipment.
A first device, comprising:

the first communication unit receives a resource updating request sent by the configurator; wherein, the resource updating request comprises a user identifier; sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device; receiving a registration success message fed back by the cloud server;

the first processing unit is used for determining that the first equipment is the user binding equipment.
The first device according to claim 21, wherein the first processing unit determines that the first device is a user bound device and sets a first flag when the registration success message includes a binding result that the first device is a user bound device; wherein the first mark is used for representing that the first device is a user binding device.
The first device according to claim 21, wherein the first processing unit sets a first flag when receiving a registration success message fed back by a cloud server through the first communication unit and determining that the first device is a user bound device; wherein the first mark is used for representing that the first device is a user binding device.
The first device of claim 21, wherein the first processing unit is to provision cloud connection credentials and a fixed device identification of the first device.
The first device of claim 24, wherein the first communication unit is configured to send, to the cloud server, request information for establishing a first session based on a cloud connection credential;

after the first session is established, a first updating request is sent to the account resources of the cloud server to register.
The first device of claim 21, wherein the first communication unit is configured to send an update request to a session resource of a cloud server; the update request is used for requesting equipment login, and the update request includes a fixed equipment identifier of the first equipment.
A cloud server, comprising:

the second communication unit is used for receiving a first updating request aiming at account resources and sent by the first equipment for registration; the first updating request comprises a fixed equipment identifier of the first equipment and the user identifier;

the second processing unit binds the fixed equipment identifier and the user identifier of the first equipment based on the first updating request;

and the second communication unit feeds back the registration success message to the first equipment.
The cloud server of claim 27, wherein the registration success message includes at least a binding result of the first device to a user.
A cloud server according to claim 27, wherein the second communication unit receives request information for establishing the first session from the first device based on the cloud connection credential;

the second processing unit is used for verifying the first equipment based on the cloud connection certificate;

and the second communication unit establishes a first session with the first equipment when the first equipment passes the verification.
A cloud server as claimed in claim 29, wherein said second processing unit associates said first session with a fixed device identity of the first device.
A first device, comprising:

the third communication unit is used for sending a second updating request to the account number resource of the cloud server for registration; wherein, the second update request contains the fixed equipment identification of the first equipment; receiving a registration success message fed back by the cloud server;

the third processing unit is used for determining that the first equipment is the user unbound equipment;

the third communication unit receives a user identifier sent by a configurator and sends the user identifier and the fixed equipment identifier of the first equipment to a cloud server; receiving a response message fed back by the cloud server;

the third processing unit is used for setting a first mark; the first mark is used for representing that the first device is a user binding device.
The first device according to claim 31, wherein the third processing unit determines that the first device is a user-unbound device based on the indication of the user-unbound device contained in the registration success message, and sets a second flag; wherein the second mark is used for representing that the first device is a user unbound device.
The first device of claim 31, wherein the third processing unit,

and pre-configuring the cloud connection certificate and the fixed equipment identifier of the first equipment.
The first device of claim 31, wherein the third communication unit, based on the connection credential, requests establishment of a first session from a cloud server;

and after the first session is established, sending a second updating request to the account resources of the cloud server for registration.
The first device of claim 31, wherein the third processing unit performs one of:

adding a user identifier and a fixed equipment identifier of first equipment into an update token resource request, and sending the update token resource request to the cloud server;

adding a user identifier and a fixed equipment identifier of first equipment into an account resource updating request, and sending the account resource updating request to the cloud server;

and adding the user identifier and the fixed equipment identifier of the first equipment into an update session resource request, and sending the update session resource request to the cloud server.
A cloud server, comprising:

the fourth communication unit is used for receiving a second updating request aiming at the account resources and sent by the first equipment so as to register; wherein, the second update request contains the fixed equipment identification of the first equipment; feeding back a registration success message to the first device; receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment; feeding back a response message to the first device;

and the fourth processing unit is used for binding the first equipment and the user based on the user identification and the fixed equipment identification of the first equipment.
A cloud server as claimed in claim 36, wherein the registration success message carries an indication that the user is not bound to a device;

and the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device.
A cloud server as in claim 36, wherein said fourth communication unit,

receiving a request sent by a first device to establish a first session based on connection credentials; a first session is established with a first device based on the request to establish the first session.
A cloud server as in claim 36, wherein said fourth communication unit,

receiving a third updating request aiming at session resources and sent by the first equipment to carry out equipment login; wherein, the third update request includes the fixed device identifier of the first device.
A cloud server as claimed in claim 36, wherein said fourth communication unit performs one of:

receiving a user identifier and a fixed device identifier of first equipment from the first equipment through an update token resource request sent by the first equipment;

receiving a user identifier and a fixed device identifier of first equipment from the first equipment through an account resource updating request sent by the first equipment;

and receiving the user identification and the fixed equipment identification of the first equipment from the first equipment through the session resource updating request sent by the first equipment.
A device binding system comprising:

a configurator establishing a connection with a first device; sending a resource update request to the first device; wherein, the resource updating request comprises a user identifier;

the first device receives a resource updating request sent by the configurator; sending a first updating request to account resources of a cloud server to register; wherein, the first update request includes a fixed device identifier and a user identifier of the first device; receiving a registration success message fed back by a cloud server, and setting a first mark when the registration success message contains a binding result of the first device as a user binding device; wherein the first mark is used for representing that the first device is a user binding device;

the cloud server receives a first updating request aiming at account resources and sent by first equipment for registration; based on the first updating request, binding the fixed equipment identifier and the user identifier of the first equipment; and feeding back a registration success message to the first device.
A device binding system comprising:

a configurator for sending a user identifier to a first device;

the first equipment sends a second updating request to account resources of the cloud server for registration; wherein, the second update request contains the fixed equipment identification of the first equipment; receiving a registration success message fed back by a cloud server, and setting a second mark based on an indication of a user unbound device contained in the registration success message; wherein the second mark is used for representing that the first device is a user unbound device; receiving a user identifier sent by a configurator, and sending the user identifier and a fixed equipment identifier of the first equipment to a cloud server; receiving a response message fed back by the cloud server; when the response message indicates that the user identifier is successfully bound with the fixed device identifier of the first device, setting a first mark; the first mark is used for representing that the first equipment is user binding equipment;

the cloud server receives a second updating request aiming at the account resource and sent by the first equipment so as to register; feeding back a registration success message to the first device; receiving a user identifier sent by first equipment and a fixed equipment identifier of the first equipment, and binding the first equipment and a user based on the user identifier and the fixed equipment identifier of the first equipment; and feeding back a response message to the first equipment.
The system of claim 42, wherein the configurator configures a user identification for the first device when the first device is found to be a user unbound device.
A first device, comprising: a processor and a memory for storing a computer program capable of running on the processor,

wherein the memory is used for storing a computer program, and the processor is used for calling and running the computer program stored in the memory to execute the steps of the method according to any one of claims 1-6 and 11-15.
A cloud server, comprising: a processor and a memory for storing a computer program capable of running on the processor,

wherein the memory is used for storing a computer program, and the processor is used for calling and running the computer program stored in the memory to execute the steps of the method according to any one of claims 7-10 and 16-20.
A chip, comprising: a processor for calling and running a computer program from a memory so that a device on which the chip is installed performs the method of any one of claims 1-6, 11-15.
A chip, comprising: a processor for calling and running a computer program from a memory so that a device on which the chip is installed performs the method of any of claims 7-10, 16-20.
A computer readable storage medium for storing a computer program for causing a computer to perform the steps of the method according to any one of claims 1 to 20.
A computer program product comprising computer program instructions to cause a computer to perform the method of any one of claims 1 to 20.
A computer program for causing a computer to perform the method of any one of claims 1-20.