CN113727336A - IOT device and intelligent gateway operation method, terminal device and storage medium - Google Patents
IOT device and intelligent gateway operation method, terminal device and storage medium Download PDFInfo
- Publication number
- CN113727336A CN113727336A CN202111067835.5A CN202111067835A CN113727336A CN 113727336 A CN113727336 A CN 113727336A CN 202111067835 A CN202111067835 A CN 202111067835A CN 113727336 A CN113727336 A CN 113727336A
- Authority
- CN
- China
- Prior art keywords
- intelligent gateway
- iot
- equipment
- iot equipment
- iot device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 230000005540 biological transmission Effects 0.000 claims abstract description 21
- 238000004590 computer program Methods 0.000 claims description 17
- 238000005516 engineering process Methods 0.000 abstract description 6
- 238000004891 communication Methods 0.000 description 14
- 238000010586 diagram Methods 0.000 description 7
- 230000006872 improvement Effects 0.000 description 7
- 238000002955 isolation Methods 0.000 description 4
- 238000013500 data storage Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000006855 networking Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
- H04W8/245—Transfer of terminal data from a network towards a terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/06—Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an operation method of an IOT device and an intelligent gateway, a terminal device and a storage medium, wherein the method comprises the following steps: the IOT equipment and the intelligent gateway construct WPS handshake to carry out WPS connection, and the intelligent gateway generates a random key corresponding to the IOT equipment; the IOT equipment and the intelligent gateway construct TLS handshake to carry out TLS connection, and a pre-shared key is generated according to the random key so that the IOT equipment and the intelligent gateway can generate a main shared key; the shared key is used as an encryption key for data transmission between the IOT equipment and the intelligent gateway; after the IOT device and the intelligent gateway realize TLS handshake, the IOT device reports device information to the intelligent gateway, and the IOT device acquires and stores configuration information of a network access point. Based on the WPS multi-password technology, the intelligent gateway distributes an independent random key for each IOT device, so that the safety performance can be effectively improved; when the IOT equipment is in standby, the IOT equipment is quickly awakened and intelligently selects the intelligent gateway or the network access point of the route, so that the number of the intelligent gateways can be reduced, and the user cost is reduced.
Description
Technical Field
The invention relates to the technical field of Internet of things, in particular to an operation method of an IOT device and an intelligent gateway, a terminal device and a storage medium.
Background
The battery-powered IOT device is a popular smart home product at present, is networked by using WIFI and is powered by a battery, so that the WIFI network-powered IOT device does not need any wired connection, is very convenient to install and use, and has a large number of applications in the aspects of building smart homes, smart warehouses, mobile inspection robots and the like.
Due to cost and battery power limitations, a typical battery-powered IOT device is in a standby state most of the time. In order to ensure that the power consumption is kept low during standby, an intelligent gateway is generally matched to assist standby. The IOT device will first associate with the intelligent gateway and then during standby: the IOT equipment sends heartbeat to a router or an intelligent gateway, and the camera is awakened to continue working only after a specific event occurs.
Taking a battery camera as an example, the current scheme of a battery camera with an intelligent gateway in the market is mainly as follows: an intelligent gateway (HUB) is used as an intermediate forwarder, and all data is transmitted to the HUB and then forwarded to the network by the HUB. When the device is used for the first time, the WPS (Wi-Fi Protected Setup) is adopted to associate the camera with the HUB, and after the device is connected, the camera can transmit audio and video data to the HUB through the WIFI. And then, in standby, sending heartbeat messages and awakening instructions by using a wireless communication mode with lower power consumption than WIFI (wireless fidelity), such as Bluetooth, ZigBee, Sub-G and the like, and continuously using WIFI to receive and send data after awakening.
However, in the current Wi-Fi network, an AP (Access Point) can only set one Wi-Fi password, and all STAs (stations) use the same password to communicate with the AP. When the password of a certain STA device is cracked or leaked by an attacker, not only the communication data of the STA device is decrypted, but also the communication data of other STA devices in the same Wi-Fi network is intercepted and decrypted, which brings about a certain potential safety hazard. In addition, WIFI is generally used as a data transmission method during normal use, and SUB-G is used as a data transmission method for heartbeat and wake-up messages during standby. Because the operating frequency of WIFI is higher than that of SUB-G, and the data transmission rate is higher, so the energy consumption is also higher. Meanwhile, the transmission distance of WIFI is far shorter than that of SUB-G, so that in some large-scale villas or user scenes with complex geographic environments, due to the fact that the WIFI coverage of the HUB is limited and dead corners exist, a single HUB cannot meet the requirements. Therefore, at least one HUB needs to be provided for each floor or even each room to ensure that the camera works properly, which causes an additional overhead burden to the user and is not mobile enough.
Disclosure of Invention
The technical problem to be solved by the embodiments of the present invention is to provide an operation method of an IOT device and an intelligent gateway, a terminal device, and a storage medium, which can effectively improve security performance and reduce user implementation cost.
In order to achieve the above object, an embodiment of the present invention provides an operation method for an IOT device and an intelligent gateway, including:
the method comprises the steps that WPS handshake is established between IOT equipment and an intelligent gateway to carry out WPS connection, and the intelligent gateway generates a random key corresponding to the IOT equipment;
the IOT equipment and the intelligent gateway construct TLS handshake to carry out TLS connection, and a pre-shared key is generated according to the random key so that the IOT equipment and the intelligent gateway can generate a main shared key;
taking the main shared key as an encryption key for data transmission between the IOT equipment and the intelligent gateway;
after the IOT equipment is connected with the intelligent gateway in a TLS mode, the IOT equipment reports equipment information to the intelligent gateway, and the IOT equipment acquires and stores configuration information of a network access point through the intelligent gateway.
As an improvement of the above scheme, the IOT device and the intelligent gateway construct a WPS handshake to perform WPS connection, and the intelligent gateway generates a random key corresponding to the IOT device, specifically including:
the IOT device serves as an STA to trigger the WPS, the intelligent gateway serves as an AP to trigger the WPS, and therefore the WPS handshake is started between the IOT device and the intelligent gateway;
and the intelligent gateway generates a random key corresponding to the MAC address of the IOT equipment and stores the random key in a database.
As an improvement of the above scheme, the IOT device and the intelligent gateway construct a TLS handshake to perform TLS connection, which includes:
and the IOT equipment acquires the configuration information of the intelligent gateway and is connected with the network access point according to the configuration information of the intelligent gateway.
As an improvement of the above scheme, the generating a pre-shared key according to the random key specifically includes:
and the IOT equipment correspondingly generates a first pre-shared key according to the MAC address of the IOT equipment and the MD5 of the random key distributed to the IOT equipment.
And the intelligent gateway acquires the MAC address of the IOT equipment, and correspondingly generates a second pre-shared key according to the MAC address of the IOT equipment and the MD5 of the random key distributed to the IOT equipment.
As an improvement of the above scheme, the generating, by the IOT device and the intelligent gateway, a master shared key specifically includes:
the IOT equipment generates a first random number, and the intelligent gateway generates a second random number;
the IOT equipment generates a first shared key according to the first random number and the first pre-shared key, and the intelligent gateway generates a second shared key according to the second random number and the second pre-shared key;
the IOT device and the intelligent gateway generate a master shared key through a first shared key and a second shared key provided by each other.
As an improvement of the above scheme, the IOT device obtains and stores configuration information of a network access point through the intelligent gateway, and then further includes:
when the IOT equipment is in a standby state, periodically providing heartbeat information to the intelligent gateway;
when the IOT device is awakened, a channel is designated to quickly connect to the network access point through configuration information of the network access point.
As an improvement of the above scheme, the IOT device includes: one or more of image acquisition equipment, household equipment and wearable equipment.
As an improvement of the above scheme, when the IOT device is an image acquisition device, the audio/video data acquired by the image acquisition device is transmitted to the intelligent gateway by using an HTTPS protocol.
An embodiment of the present invention further provides a terminal device, which includes a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, where the processor implements the operation method of the IOT device and the intelligent gateway when executing the computer program.
The embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium includes a stored computer program, and when the computer program runs, the device where the computer-readable storage medium is located is controlled to execute any one of the operation methods of the IOT device and the intelligent gateway.
Compared with the prior art, the operation method of the IOT device and the intelligent gateway, the terminal device and the storage medium provided by the embodiment of the invention have the beneficial effects that: when the IOT equipment is associated with the intelligent gateway, the network is rapidly distributed through the WPS, the intelligent gateway distributes an independent random key for each IOT equipment, and the WPS-based multi-password technology improves the simplicity of Wi-Fi network configuration, ensures that the communication between each IOT equipment and the intelligent gateway is mutually isolated, and effectively improves the safety performance. When the IOT equipment is communicated with the intelligent gateway, the intelligent gateway generates the pre-shared key according to the random key, and each IOT equipment corresponds to an independent and unique pre-shared key, so that the isolation degree and the safety of each TLS connection are effectively improved. And generating a main shared key as an encryption key for data transmission between the IOT equipment and the intelligent gateway according to the pre-shared key, thereby improving the security of message data transmission and being difficult to crack. When the IOT equipment is in standby, the network access points are quickly awakened and intelligently select the intelligent gateway or the route to connect, so that the mobility and the communication quality of the IOT equipment are improved, the user experience is improved, the number of the intelligent gateways can be reduced, and the user cost is reduced.
Drawings
Fig. 1 is a schematic flowchart of an operation method of an IOT device and an intelligent gateway according to a preferred embodiment of the present invention;
FIG. 2 is a flow diagram of WPS connection in a preferred embodiment of a method for operating an IOT device and an intelligent gateway according to the present invention;
fig. 3 is a schematic flow diagram of TLS connection in a preferred embodiment of an operation method of an IOT device and an intelligent gateway provided in the present invention;
fig. 4 is a schematic flow chart of the idle wakeup of the IOT device in the preferred embodiment of the operation method of the IOT device and the intelligent gateway provided in the present invention;
fig. 5 is a schematic application scenario diagram of a preferred embodiment of an operation method of an IOT device and an intelligent gateway provided in the present invention;
fig. 6 is a schematic structural diagram of a preferred embodiment of a terminal device provided by the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a schematic flowchart of an operation method of an IOT device and an intelligent gateway according to a preferred embodiment of the present invention. The operation method of the IOT equipment and the intelligent gateway comprises the following steps:
s1, the IOT device and the intelligent gateway construct WPS handshake to perform WPS connection, and the intelligent gateway generates a random key corresponding to the IOT device;
s2, the IOT device and the intelligent gateway construct TLS handshake to carry out TLS connection, and generate a pre-shared key according to the random key so that the IOT device and the intelligent gateway can generate a main shared key;
s3, using the master shared key as an encryption key for data transmission between the IOT device and the intelligent gateway;
after the IOT equipment is connected with the intelligent gateway in a TLS mode, the IOT equipment reports equipment information to the intelligent gateway, and the IOT equipment acquires and stores configuration information of a network access point through the intelligent gateway.
It should be noted that WPS (Wi-Fi Protected Setup) WIFI protection setting is used to simplify configuration of the wireless network. Through WPS handshake, the IOT equipment can quickly, safely and conveniently acquire information such as SSID (service set identifier), password and the like of an access point of the intelligent gateway, so that physical layer connection is established. On the basis of the physical layer, the TCP layer connection can be constructed. And tls (transport Layer security) is a data secure transport protocol established over TCP/UDP connections. The transport of application layer data can be encrypted through the TLS connection constructed after the TLS handshake.
In another preferred embodiment, the IOT device and the intelligent gateway construct a WPS handshake to perform WPS connection, and the intelligent gateway generates a random key corresponding to the IOT device, which specifically includes:
the IOT device serves as an STA to trigger the WPS, the intelligent gateway serves as an AP to trigger the WPS, and therefore the WPS handshake is started between the IOT device and the intelligent gateway;
and the intelligent gateway generates a random key corresponding to the MAC address of the IOT equipment and stores the random key in a database.
Specifically, referring to fig. 2, fig. 2 is a schematic flowchart of a WPS connection in a preferred embodiment of an operation method of an IOT device and an intelligent gateway provided in the present invention. The method comprises the steps that the IOT device serves as an STA to trigger the WPS, the intelligent gateway serves as an AP to trigger the WPS, the IOT device and the intelligent gateway construct WPS handshake to conduct WPS connection, in the process that the IOT device is connected with the intelligent gateway, the intelligent gateway generates a random key corresponding to the MAC address of the IOT device, and stores the random key and the MAC address corresponding to the IOT device in a database. After receiving the connection request sent by the IOT equipment, the intelligent gateway queries the database, searches a random key corresponding to the MAC address of the IOT equipment and completes the verification and installation of the key by using the random key. By the MAC address-based query method, all random passwords in a database can be prevented from being traversed, and the time for key verification is reduced. After the IOT device and the intelligent gateway successfully complete WPS connection, the IOT device and the intelligent gateway construct TLS handshake for TLS connection, and generate a pre-shared key according to the random key, wherein the pre-shared key is used for the IOT device and the intelligent gateway to generate a main shared key. Because each IOT device corresponds to an independent and unique pre-shared key, the isolation degree and the security of each TLS connection can be effectively improved. After the IOT device and the intelligent gateway realize TLS connection, the IOT device reports the IOT device information to the intelligent gateway, and the IOT device acquires and stores the configuration information of the network access point through the intelligent gateway. If the intelligent gateway does not check the IOT equipment information, or a manager evaluates that some accessed IOT equipment has security threat, the random key of the IOT equipment stored in the database of the intelligent gateway can be deleted, and the WIFI network connected with the IOT equipment is removed. After the master shared key is generated, the master shared key is used as an encryption key for data transmission between the IOT equipment and the intelligent gateway, so that the safety of message data transmission is improved.
It should be noted that, when deleting the random key, the MAC address of the IOT device is also used as an index to query the database, find the random key corresponding to the MAC address of the IOT device, and delete the random key.
When the IOT equipment is associated with the intelligent gateway, the network is rapidly distributed through the WPS, the intelligent gateway distributes an independent random key for each IOT equipment, and the WPS-based multi-password technology improves the simplicity of Wi-Fi network configuration, ensures that the communication between each IOT equipment and the intelligent gateway is mutually isolated, and effectively improves the safety performance. The WPS multi-password technology is only modified at the intelligent gateway end, and each IOT device does not need to be modified, so that the compatibility of the original IOT device can be ensured. WPS multi-password management provides a method for eliminating illegal equipment, and flexibility of intelligent gateway end equipment management and legal safety of IOT equipment are improved. When the IOT equipment is communicated with the intelligent gateway, the intelligent gateway generates the pre-shared key according to the random key, and each IOT equipment corresponds to an independent and unique pre-shared key, so that the isolation degree and the safety of each TLS connection are effectively improved. And generating a main shared key as an encryption key for data transmission between the IOT equipment and the intelligent gateway according to the pre-shared key, thereby improving the security of message data transmission and being difficult to crack.
In another preferred embodiment, the IOT device and the intelligent gateway construct a TLS handshake to perform a TLS connection, which previously further includes:
and the IOT equipment acquires the configuration information of the intelligent gateway and is connected with the network access point according to the configuration information of the intelligent gateway.
Specifically, before the IOT device and the intelligent gateway construct a TLS handshake for TLS connection, that is, after the IOT device and the intelligent gateway have completed WPS connection, the IOT device obtains configuration information of the intelligent gateway, where the configuration information includes an SSID, an encryption scheme, a random key generated for the IOT device, and the like, and the IOT device connects to a network access point according to the configuration information of the intelligent gateway, so as to ensure that the random keys of each IOT device are independent and isolated from each other.
In another preferred embodiment, the generating a pre-shared key according to the random key specifically includes:
the IOT equipment correspondingly generates a first pre-shared key according to the MAC address of the IOT equipment and the MD5 of the random key distributed to the IOT equipment;
and the intelligent gateway acquires the MAC address of the IOT equipment, and correspondingly generates a second pre-shared key according to the MAC address of the IOT equipment and the MD5 of the random key distributed to the IOT equipment.
Specifically, the IOT device generates the first pre-shared key correspondingly according to the MAC address of the IOT device and the MD5 assigned to the random key of the IOT device. The intelligent gateway acquires the MAC address of the IOT equipment according to the socket connection, and correspondingly generates a second pre-shared key according to the MAC address of the IOT equipment and the MD5 of the random key distributed to the IOT equipment.
It should be noted that the socket refers to socket communication in linux network programming, and the MAC address of the opposite end can be found and obtained through socket connection established between the local and the opposite end.
In another preferred embodiment, the generating, by the IOT device and the smart gateway, a master shared key specifically includes:
the IOT equipment generates a first random number, and the intelligent gateway generates a second random number;
the IOT equipment generates a first shared key according to the first random number and the first pre-shared key, and the intelligent gateway generates a second shared key according to the second random number and the second pre-shared key;
the IOT device and the intelligent gateway generate a master shared key through a first shared key and a second shared key provided by each other.
Specifically, referring to fig. 3, fig. 3 is a schematic flowchart of TLS connection in a preferred embodiment of an operation method of an IOT device and an intelligent gateway provided in the present invention. When the IOT equipment and the intelligent gateway generate a main shared key, the IOT equipment generates a first random number Xb, and the intelligent gateway generates a second random number Xa; the IOT equipment generates a first shared key Pb (Xb, PSK) by using a conic section algorithm according to the first random number Xb and the first pre-shared key, and the intelligent gateway generates a second shared key Pa (Xa, PSK) by using a conic section algorithm according to the second random number Xa and the second pre-shared key; the IOT equipment calculates and generates a main shared key Sb (F, Pa) by the generated first shared key Pb and a second shared key Pa provided by the intelligent gateway; the smart gateway calculates and generates a master shared key Sa ═ F (Pa, Pb) using the generated second shared key Pa and the first shared key Pb supplied from the IOT device. And the IOT equipment establishes TLS connection with the intelligent gateway, transmits data based on the TLS connection and takes the main shared key as an AES encryption key of a subsequent message, thereby improving the security of message data transmission.
It should be noted that, the present embodiment relates to some algorithms for encrypting data in communication, which take conic section and AES as examples, but are not limited to conic section and AES algorithms.
In another preferred embodiment, the IOT device obtains and stores configuration information of the network access point through the intelligent gateway, and then further includes:
when the IOT equipment is in a standby state, periodically providing heartbeat information to the intelligent gateway;
when the IOT device is awakened, a channel is designated to quickly connect to the network access point through configuration information of the network access point.
Specifically, referring to fig. 4, fig. 4 is a schematic flow chart of the IOT device standby wakeup in a preferred embodiment of the operation method of the IOT device and the intelligent gateway provided in the present invention. The IOT equipment acquires and stores configuration information of the network access point through the intelligent gateway so as to select the network access point when the subsequent IOT equipment is awakened in a standby mode. The configuration information of the network access point includes SSID, password, encryption mode, channel, bandwidth information, etc. When the IOT equipment is in standby, most chips and sensors of the IOT equipment are in a power-off state, and only one ultra-low power consumption SUB-G communication chip and a few detection sensors are maintained to work. The SUB-G sends a heartbeat message to the intelligent gateway at a certain interval, where the heartbeat message contains specific information of the IOT device, for example: battery level, device number. When the fact that the IOT device needs to be awakened is detected, a main chip of the IOT device starts to be powered on, and a wakeup program is entered. The IOT equipment intelligently selects the network access point through the stored configuration information of the network access point, and appoints a channel to quickly scan the SSID so as to quickly connect the network access point. It should be noted that if multiple reconnects fail to connect to the network access point, the scan is restarted. And matching whether the stored SSID of the intelligent gateway or the route exists. If the two exist together and the RSSI is close, the intelligent gateway is preferentially connected. If the RSSI difference is larger, selecting the connection with better RSSI, otherwise, scanning again at regular time. Therefore, the intelligent selection network access point can use only one intelligent gateway to assist standby in the SUB-G coverage range, the implementation cost of a user is reduced, the data transmission efficiency of the IOT equipment can be effectively improved at any position in the mesh network coverage range, and the user experience is improved.
It should be noted that, in order to facilitate the user to check the state of the IOT device in real time, the intelligent gateway analyzes the packet and forwards the packet to the cloud server through the network, so as to maintain the connection state of the IOT device.
The low-power-consumption standby technology of the IOT equipment effectively improves the battery use efficiency of the equipment and increases user experience. When the IOT equipment is in standby, the network access points are quickly awakened and intelligently select the intelligent gateway or the route to connect, so that the mobility and the communication quality of the IOT equipment are improved, the user experience is improved, the number of the intelligent gateways can be reduced, and the user cost is reduced.
Preferably, the IOT device includes: one or more of image acquisition equipment, household equipment and wearable equipment.
Specifically, the IOT device uses WIFI networking and is powered by a battery, and the IOT device in this embodiment is not limited to the image capture device, the home device, and the wearable device.
As a preferred scheme, when the IOT device is an image acquisition device, the audio/video data acquired by the image acquisition device is transmitted to the intelligent gateway by using an HTTPS protocol.
Specifically, when the IOT device is an image acquisition device, the image acquisition device performs data transmission with the intelligent gateway after WPS connection and TLS connection, and transmits acquired audio and video data to the intelligent gateway by using an HTTPS protocol and using an encryption key.
Fig. 5 is a schematic application scenario diagram of an operation method of an IOT device and an intelligent gateway according to a preferred embodiment of the present invention. In the application scenario, 3 routes are respectively arranged in a 3-floor building in a mesh networking mode. When the intelligent gateway is used for the first time, the intelligent gateway is connected to the mesh network through wireless onbroadcasting and is connected with the routing AP2 through WIFI. cameras 1-4 (i.e., IOT devices) need to be associated with the intelligent gateway through WPS when used for the first time. Intelligent gateway generates 4 random keys for 4 cameras and stores them in the database. At the same time, the information of SSID, password, etc. of the route is sent to the camera end and stored
camera1 is located at floor 1, and since the SSID of the smart gateway cannot be found after startup, the SSID of the stored route is rescanned and matched, so as to connect to mesh routing AP 1. After the work is finished, the information of the currently connected AP1 is stored before standby. And after entering the standby state, sending heartbeat to the intelligent gateway by the SUB-G periodically. Upon receiving the wake-up command, camera1 quickly starts and scans the SSID of the connected AP1, thereby continuing normal data transmission. The same applies to camera 3.
The camera2 and the camera4 are placed on the 2 nd floor, and due to the fact that the cameras are close to the intelligent gateway, the SSID of the intelligent gateway can be directly searched after the intelligent gateway is started, and the intelligent gateway is directly connected and works normally. And after entering the standby state, sending heartbeat to the intelligent gateway by the SUB-G periodically. When receiving the wake-up command, the camera2 and the camera4 start up quickly and scan the SSID of the connected AP2, thereby continuing normal data transmission.
Referring to fig. 6, fig. 6 is a schematic structural diagram of a terminal device according to a preferred embodiment of the present invention. The terminal device includes a processor 601, a memory 602, and a computer program stored in the memory 602 and configured to be executed by the processor 601, where the processor 601 executes the computer program to implement the operation method of the IOT device and the intelligent gateway according to any embodiment described above.
Preferably, the computer program may be divided into one or more modules/units (e.g., computer program 1, computer program 2, … …) that are stored in the memory 602 and executed by the processor 601 to implement the invention. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used for describing the execution process of the computer program in the terminal device.
The Processor 601 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, a discrete hardware component, etc., the general purpose Processor may be a microprocessor, or the Processor 601 may be any conventional Processor, the Processor 601 is a control center of the terminal device, and various interfaces and lines are used to connect various parts of the terminal device.
The memory 602 mainly includes a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function, and the like, and the data storage area may store related data and the like. In addition, the memory 602 may be a high speed random access memory, a non-volatile memory such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card), and the like, or the memory 602 may be other volatile solid state memory devices.
It should be noted that the terminal device may include, but is not limited to, a processor and a memory, and those skilled in the art will understand that the structural diagram of fig. 6 is only an example of the terminal device and does not constitute a limitation of the terminal device, and may include more or less components than those shown, or combine some components, or different components.
The embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium includes a stored computer program, and when the computer program runs, the device where the computer-readable storage medium is located is controlled to execute the operation method of the IOT device and the intelligent gateway according to any embodiment described above.
The embodiment of the invention provides an operation method of IOT equipment and an intelligent gateway, terminal equipment and a storage medium, when the IOT equipment is associated with the intelligent gateway, the network is rapidly distributed through WPS, the intelligent gateway distributes an independent random key for each IOT equipment, and based on a multi-password technology of WPS, the simplicity of Wi-Fi network configuration is improved, the communication between each IOT equipment and the intelligent gateway is ensured to be isolated, and the safety performance is effectively improved. When the IOT equipment is communicated with the intelligent gateway, the intelligent gateway generates the pre-shared key according to the random key, and each IOT equipment corresponds to an independent and unique pre-shared key, so that the isolation degree and the safety of each TLS connection are effectively improved. And generating a main shared key as an encryption key for data transmission between the IOT equipment and the intelligent gateway according to the pre-shared key, thereby improving the security of message data transmission and being difficult to crack. When the IOT equipment is in standby, the network access points are quickly awakened and intelligently select the intelligent gateway or the route to connect, so that the mobility and the communication quality of the IOT equipment are improved, the user experience is improved, the number of the intelligent gateways can be reduced, and the user cost is reduced.
It should be noted that the above-described system embodiments are merely illustrative, where the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. In addition, in the drawings of the embodiment of the system provided by the present invention, the connection relationship between the modules indicates that there is a communication connection between them, and may be specifically implemented as one or more communication buses or signal lines. One of ordinary skill in the art can understand and implement it without inventive effort.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention.
Claims (10)
1. An operation method of an IOT device and an intelligent gateway is characterized by comprising the following steps:
the IOT equipment and the intelligent gateway construct WIFI protection and setup WPS handshake to carry out WPS connection, and the intelligent gateway generates a random secret key corresponding to the IOT equipment;
the IOT equipment and the intelligent gateway construct a security transport layer protocol (TLS) handshake to carry out TLS connection, and a pre-shared key is generated according to the random key so that the IOT equipment and the intelligent gateway can generate a main shared key;
taking the main shared key as an encryption key for data transmission between the IOT equipment and the intelligent gateway;
after the IOT equipment is connected with the intelligent gateway in a TLS mode, the IOT equipment reports equipment information to the intelligent gateway, and the IOT equipment acquires and stores configuration information of a network access point through the intelligent gateway.
2. The method for operating the IOT device and the intelligent gateway according to claim 1, wherein the IOT device and the intelligent gateway construct a WPS handshake to perform a WPS connection, and the intelligent gateway generates a random key corresponding to the IOT device, specifically comprising:
the IOT equipment serves as a station STA to trigger the WPS, the intelligent gateway serves as an access point AP to trigger the WPS, and therefore the WPS handshake is started between the IOT equipment and the intelligent gateway;
and the intelligent gateway generates a random key corresponding to the MAC address of the IOT equipment and stores the random key in a database.
3. The method of claim 1, wherein the IOT device and the intelligent gateway construct a TLS handshake with the intelligent gateway to perform a TLS connection, further comprising:
and the IOT equipment acquires the configuration information of the intelligent gateway and is connected with the network access point according to the configuration information of the intelligent gateway.
4. The method for operating an IOT device and an intelligent gateway of claim 1, wherein the generating a pre-shared key according to the random key comprises:
the IOT equipment correspondingly generates a first pre-shared key according to the MAC address of the IOT equipment and the MD5 of the random key distributed to the IOT equipment;
and the intelligent gateway acquires the MAC address of the IOT equipment, and correspondingly generates a second pre-shared key according to the MAC address of the IOT equipment and the MD5 of the random key distributed to the IOT equipment.
5. The method for operating the IOT device and the intelligent gateway of claim 4, wherein the IOT device and the intelligent gateway generate a master shared key, specifically comprising:
the IOT equipment generates a first random number, and the intelligent gateway generates a second random number;
the IOT equipment generates a first shared key according to the first random number and the first pre-shared key, and the intelligent gateway generates a second shared key according to the second random number and the second pre-shared key;
the IOT device and the intelligent gateway generate a master shared key through a first shared key and a second shared key provided by each other.
6. The method of claim 1, wherein the IOT device obtains and stores configuration information for a network access point via the intelligent gateway, and thereafter further comprising:
when the IOT equipment is in a standby state, periodically providing heartbeat information to the intelligent gateway;
when the IOT device is awakened, a channel is designated to quickly connect to the network access point through configuration information of the network access point.
7. The IOT device and intelligent gateway of claim 1, wherein the IOT device comprises: one or more of image acquisition equipment, household equipment and wearable equipment.
8. The operation method of the IOT device and the intelligent gateway according to claim 7, wherein when the IOT device is an image capture device, the audio/video data captured by the image capture device is transmitted to the intelligent gateway using an HTTPS protocol.
9. A terminal device comprising a processor, a memory, and a computer program stored in the memory and configured to be executed by the processor, wherein the processor, when executing the computer program, implements the operation method of the IOT device and the intelligent gateway according to any one of claims 1-8.
10. A computer-readable storage medium, comprising a stored computer program, wherein when the computer program runs, the computer-readable storage medium controls a device to execute the operation method of the IOT device and the intelligent gateway according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111067835.5A CN113727336B (en) | 2021-09-13 | 2021-09-13 | Operation method of IOT equipment and intelligent gateway, terminal equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111067835.5A CN113727336B (en) | 2021-09-13 | 2021-09-13 | Operation method of IOT equipment and intelligent gateway, terminal equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113727336A true CN113727336A (en) | 2021-11-30 |
| CN113727336B CN113727336B (en) | 2024-01-16 |
Family
ID=78683427
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111067835.5A Active CN113727336B (en) | 2021-09-13 | 2021-09-13 | Operation method of IOT equipment and intelligent gateway, terminal equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113727336B (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090274065A1 (en) * | 2008-05-01 | 2009-11-05 | Samsung Electronics Co., Ltd. | Method and apparatus for setting wireless local area network by using button |
| US20100166186A1 (en) * | 2008-12-26 | 2010-07-01 | Kabushiki Kaisha Toshiba | Wireless communication method using wps |
| CN102017514A (en) * | 2008-03-04 | 2011-04-13 | 三星电子株式会社 | Authentication information management method in home network and an apparatus therefor |
| US8572698B1 (en) * | 2010-05-20 | 2013-10-29 | Qualcomm Incorporated | Connecting a legacy wireless device to a WPS-enabled access point |
| CN104221349A (en) * | 2012-04-17 | 2014-12-17 | 高通股份有限公司 | Using a mobile device to enable another device to connect to a wireless network |
| US20160232523A1 (en) * | 2013-09-27 | 2016-08-11 | Gemalto Sa | Method for securing over-the-air communication between a mobile application and a gateway |
| CN107295504A (en) * | 2017-06-23 | 2017-10-24 | 青岛海信宽带多媒体技术有限公司 | The control method and gateway device of a kind of Wi Fi protection settings |
| CN107302785A (en) * | 2017-07-04 | 2017-10-27 | 中国联合网络通信集团有限公司 | A kind of cut-in method, smart machine, gateway and access system |
| CN107439052A (en) * | 2015-04-09 | 2017-12-05 | 佳能株式会社 | The control method and program of communicator, communicator |
| CN108023731A (en) * | 2016-11-04 | 2018-05-11 | 汤姆逊许可公司 | Apparatus and method for client device authentication |
| FR3086807A1 (en) * | 2018-10-01 | 2020-04-03 | Orange | IMPROVED PROCESSING OF A REQUEST FOR ACCESS TO A WIFI NETWORK ACCORDING TO THE WPS-PBC PROTOCLE |
-
2021
- 2021-09-13 CN CN202111067835.5A patent/CN113727336B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102017514A (en) * | 2008-03-04 | 2011-04-13 | 三星电子株式会社 | Authentication information management method in home network and an apparatus therefor |
| US20090274065A1 (en) * | 2008-05-01 | 2009-11-05 | Samsung Electronics Co., Ltd. | Method and apparatus for setting wireless local area network by using button |
| US20100166186A1 (en) * | 2008-12-26 | 2010-07-01 | Kabushiki Kaisha Toshiba | Wireless communication method using wps |
| US8572698B1 (en) * | 2010-05-20 | 2013-10-29 | Qualcomm Incorporated | Connecting a legacy wireless device to a WPS-enabled access point |
| CN104221349A (en) * | 2012-04-17 | 2014-12-17 | 高通股份有限公司 | Using a mobile device to enable another device to connect to a wireless network |
| US20160232523A1 (en) * | 2013-09-27 | 2016-08-11 | Gemalto Sa | Method for securing over-the-air communication between a mobile application and a gateway |
| CN107439052A (en) * | 2015-04-09 | 2017-12-05 | 佳能株式会社 | The control method and program of communicator, communicator |
| CN108023731A (en) * | 2016-11-04 | 2018-05-11 | 汤姆逊许可公司 | Apparatus and method for client device authentication |
| CN107295504A (en) * | 2017-06-23 | 2017-10-24 | 青岛海信宽带多媒体技术有限公司 | The control method and gateway device of a kind of Wi Fi protection settings |
| CN107302785A (en) * | 2017-07-04 | 2017-10-27 | 中国联合网络通信集团有限公司 | A kind of cut-in method, smart machine, gateway and access system |
| FR3086807A1 (en) * | 2018-10-01 | 2020-04-03 | Orange | IMPROVED PROCESSING OF A REQUEST FOR ACCESS TO A WIFI NETWORK ACCORDING TO THE WPS-PBC PROTOCLE |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113727336B (en) | 2024-01-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10129745B2 (en) | Authentication method and system for wireless mesh network | |
| CN110139271B (en) | Method, system and device for configuring intelligent household equipment to access network in batch | |
| WO2018090830A1 (en) | Method and apparatus allowing smart terminal device to access internet | |
| US8589687B2 (en) | Architecture for supporting secure communication network setup in a wireless local area network (WLAN) | |
| EP3764697B1 (en) | Method of batch automatic network configuration of wifi devices, terminal equipment and storage medium | |
| US20120076072A1 (en) | System and method for maintaining privacy in a wireless network | |
| EP3051885A1 (en) | Method, device, and system for waking up access point device | |
| WO2016173190A1 (en) | Information providing method and device | |
| US11082238B2 (en) | Secure network authentication at a gateway for non-internet protocol enabled devices | |
| CN112566113B (en) | Key generation and terminal network distribution method, device and equipment | |
| CN104009925A (en) | Method and device for establishing bridge connection with router and router | |
| CN110855677A (en) | Network distribution method and device, electronic equipment and storage medium | |
| CN105792334A (en) | Wireless local area network station, wireless local area network access point, and wireless local area network station access methods | |
| WO2023005410A1 (en) | Information synchronization method and system, storage medium, and electronic device | |
| CN113301563A (en) | Network configuration method, device, equipment and storage medium | |
| CN104066083A (en) | Method and device used for accessing wireless local area network | |
| CN110943835A (en) | Distribution network encryption method and system for sending wireless local area network information | |
| US20230185910A1 (en) | Communication method, apparatus, and system | |
| US20230155914A1 (en) | Network distribution method and system | |
| CN113727336B (en) | Operation method of IOT equipment and intelligent gateway, terminal equipment and storage medium | |
| JP6327021B2 (en) | Access point, information distribution method, and access point control program | |
| WO2022042170A1 (en) | Iot device and authorization method therefor | |
| CN103888947A (en) | Control method and system of network element wireless control | |
| CN114640691A (en) | Equipment connection method and system and corresponding Internet of things equipment | |
| WO2017169957A1 (en) | Communication unit, extension, and base unit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |