CN113746633A - Internet of things equipment binding method, device and system, cloud server and storage medium - Google Patents

Internet of things equipment binding method, device and system, cloud server and storage medium Download PDF

Info

Publication number
CN113746633A
CN113746633A CN202110898234.2A CN202110898234A CN113746633A CN 113746633 A CN113746633 A CN 113746633A CN 202110898234 A CN202110898234 A CN 202110898234A CN 113746633 A CN113746633 A CN 113746633A
Authority
CN
China
Prior art keywords
cloud server
internet
client
information
binding
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110898234.2A
Other languages
Chinese (zh)
Other versions
CN113746633B (en
Inventor
李辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen TCL New Technology Co Ltd
Original Assignee
Shenzhen TCL New Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen TCL New Technology Co Ltd filed Critical Shenzhen TCL New Technology Co Ltd
Priority to CN202110898234.2A priority Critical patent/CN113746633B/en
Publication of CN113746633A publication Critical patent/CN113746633A/en
Priority to PCT/CN2022/099279 priority patent/WO2023011016A1/en
Application granted granted Critical
Publication of CN113746633B publication Critical patent/CN113746633B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • G16Y30/10Security thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/084Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/48Security arrangements using identity modules using secure binding, e.g. securely binding identity modules to devices, services or applications

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the application discloses a method, a device, a system, a cloud server and a storage medium for binding equipment of the Internet of things, which can receive a first binding request aiming at the equipment of the Internet of things initiated by a client, wherein the client logs in a user account; responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and performing identity verification on a first cloud server matched with the client; receiving first authorization and authentication information returned by the second cloud server, wherein the first authorization and authentication information is sent by the second cloud server after the second cloud server passes the identity verification of the first cloud server; and sending second authorization authentication information to the client according to the first authorization authentication information so that the client sends a second binding request to the second cloud server based on the second authorization authentication information to indicate the second cloud server to generate token information for the user account, and binding the Internet of things equipment based on the token information, thereby improving the binding efficiency of the Internet of things equipment.

Description

Internet of things equipment binding method, device and system, cloud server and storage medium
Technical Field
The application relates to the technical field of communication, in particular to a method, a device, a system, a cloud server and a storage medium for binding equipment of the Internet of things.
Background
The Internet of Things (IoT) is a necessary choice for future interconnection and interworking of everything, and various manufacturers are working on the interconnection and interworking of Internet of Things devices. At present, when a user configures an internet of things device of an internet of things system B through a client of the internet of things system a, user account information between the internet of things system a and the internet of things system B is generally bound based on a predetermined protocol, so that the two parties need to be connected for exchanging user information, which requires mutual trust to be achieved based on the two parties, however, the trust is generally guaranteed through a business contract, which makes the device interconnection and intercommunication in the internet of things become point-to-point communication, which is high in cost and low in efficiency.
Disclosure of Invention
The embodiment of the application provides a method, a device and a system for binding equipment of the Internet of things, a cloud server and a storage medium, and the binding efficiency of the equipment of the Internet of things can be improved.
The method for binding the Internet of things equipment comprises the following steps:
receiving a first binding request aiming at the Internet of things equipment initiated by a client, wherein the client logs in a user account;
responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and performing identity verification on a first cloud server matched with the client;
receiving authorization authentication information returned by the second cloud server, wherein the first authorization authentication information is sent by the second cloud server after the identity of the first cloud server is verified;
and sending second authorization authentication information to the client according to the first authorization authentication information, so that the client sends a second binding request to a second cloud server based on the second authorization authentication information, wherein the second binding request is used for indicating the second cloud server to generate token information for the user account, and binding the Internet of things equipment based on the token information.
Another method for binding devices of the internet of things provided in the embodiments of the present application includes:
receiving a verification request sent by a first cloud server, wherein the verification request is sent by the first cloud server in response to a first binding request for Internet of things equipment initiated by a client, and the client logs in a user account;
authenticating the first cloud server based on the authentication request;
if the identity verification passes, first authorization and authentication information is sent to the first cloud server, so that the first cloud server sends second authorization and authentication information to the client;
and responding to a request sent by the client based on the second authorization authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information.
Correspondingly, the internet of things equipment binding device that this application embodiment still provided includes:
the device comprises a first receiving module, a second receiving module and a third receiving module, wherein the first receiving module is used for receiving a first binding request aiming at the Internet of things equipment initiated by a client, and the client logs in a user account;
the response module is used for responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and carrying out identity verification on a first cloud server matched with the client;
the second receiving module is used for receiving first authorization and authentication information returned by the second cloud server, wherein the first authorization and authentication information is sent by the second cloud server after the second cloud server passes the identity verification of the first cloud server;
the first binding module is used for sending second authorization authentication information to the client according to the first authorization authentication information so that the client sends a second binding request to a second cloud server based on the second authorization authentication information, the second binding request is used for indicating the second cloud server to generate token information for the user account, and the internet of things equipment is bound based on the token information.
Correspondingly, another thing networking equipment binding means that this application embodiment still provided includes:
the third receiving module is used for receiving a verification request sent by a first cloud server, wherein the verification request is a request sent by the first cloud server in response to a first binding request for the internet of things equipment initiated by a client, and the client logs in a user account;
the verification module is used for performing identity verification on the first cloud server based on the verification request;
the sending module is used for sending first authorization and authentication information to the first cloud server if the identity verification passes, so that the first cloud server sends second authorization and authentication information to the client based on the first authorization and authentication information;
and the second binding module is used for responding to a second binding request sent by the client based on the authorization authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information.
Correspondingly, the internet of things equipment binding system provided by the embodiment of the application further comprises a first cloud server, a second cloud server, a client matched with the first cloud server, and internet of things equipment matched with the second cloud server, wherein:
the client is used for sending a binding request aiming at the Internet of things equipment to the first cloud server, and the client logs in a user account;
the first cloud server is used for responding to the first binding request and sending a verification request to the second cloud server, wherein the verification request carries verification information of the first cloud server;
the second cloud server is used for carrying out identity authentication on the first cloud server based on the authentication information;
the second cloud server is used for returning first authorization and authentication information to the first cloud server if the identity verification is passed;
the first cloud server is used for sending second authorization authentication information to the client based on the first authorization authentication information;
the client is used for sending a second binding request to the second cloud server based on the second authorization and authentication information;
the second cloud server is used for responding to the second binding request, generating token information for the user account logged in the client based on the second authorization and authentication information, and sending the token information to the client;
the second cloud server is used for binding the Internet of things equipment based on the token information;
the client is used for binding the user account and the Internet of things equipment based on the token information.
Correspondingly, the cloud server provided by the embodiment of the application comprises a memory and a processor; the memory stores computer programs, and the processor is used for running the computer programs in the memory to execute any one of the internet of things device binding methods provided by the embodiments of the present application.
Correspondingly, an embodiment of the present application further provides a storage medium, where the storage medium is used to store a computer program, and the computer program is loaded by a processor to execute any one of the internet of things device binding methods provided in the embodiment of the present application.
The method comprises the steps that a first binding request aiming at the Internet of things equipment and initiated by a client is received, and the client logs in a user account; responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and performing identity verification on a first cloud server matched with the client; receiving first authorization and authentication information returned by the second cloud server, wherein the first authorization and authentication information is sent by the second cloud server after the second cloud server passes the identity verification of the first cloud server; according to the scheme, the user account logged in the client and the Internet of things equipment are bound through the token information without interacting the user information, the fact that the user information does not need to be interacted between the first cloud server and the second cloud server, and the Internet of things equipment is bound on the premise that a business contract does not need to be guaranteed is achieved, and the binding efficiency of the Internet of things equipment is improved so that the information security of the user is protected.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a scene diagram of an internet of things device binding method provided in an embodiment of the present application;
fig. 2 is a flowchart of an internet of things device binding method provided in an embodiment of the present application;
fig. 3 is another flowchart of an internet of things device binding method provided in an embodiment of the present application;
fig. 4 is another flowchart of an internet of things device binding method provided in an embodiment of the present application;
fig. 5 is a schematic diagram of an internet of things device binding apparatus provided in an embodiment of the present application;
fig. 6 is another schematic diagram of an internet of things device binding apparatus provided in an embodiment of the present application;
fig. 7 is a schematic structural diagram of a cloud server provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The embodiment of the application provides a method, a device and a system for binding equipment of the Internet of things, a cloud server and a storage medium. The Internet of things equipment binding device can be integrated in computer equipment such as a cloud server.
The cloud server may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a web service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), and a big data and artificial intelligence platform, but is not limited thereto. The cloud server may be the first cloud server or the second cloud server.
Referring to fig. 1, fig. 1 is a schematic view of a scene of an application of an internet of things device binding method provided in an embodiment of the present application, where the scene may include a first cloud server, a second cloud server, a client, an internet of things device, and the like. After a user logs in a user account on a client, a first binding request aiming at the Internet of things equipment can be sent to a first cloud server through the client; after receiving the first binding request, the first cloud server can carry a digital certificate issued by a third-party trust authority with mutual trust between the first cloud server and the second cloud server, and request the second cloud server for identity verification; the second cloud server performs identity authentication on the first cloud server based on the digital certificate, and if the second cloud server passes the identity authentication on the first cloud server, first authorization authentication information is sent to the first cloud server; the first cloud server sends second authorization and authentication information to the client after receiving the first authorization and authentication information; after receiving the second authorization authentication information, the client may request the second cloud server to generate token information for the client; the second cloud server sends the token information to the client after generating the token information, and binds the token information with the Internet of things equipment; and after receiving the token information, the client binds the token information with the user account logged in the client to realize the binding of the Internet of things equipment. When the user account logged on the client controls the internet of things equipment through the client, the client sends a control instruction carrying token information to the second cloud server, and the second cloud server is bound with the internet of things equipment according to the token information, so that the second cloud server can determine the internet of things equipment to be controlled according to the token information and sends the instruction to the corresponding internet of things equipment.
The first cloud server can be a private cloud server corresponding to the client, that is, the client and the first cloud server can belong to the same internet of things system, and can establish communication connection with the client and perform data interaction. The second cloud server can be a private cloud server corresponding to the internet of things device, namely the second cloud server and the internet of things device can belong to the same internet of things system, and can be in communication connection with the internet of things device and perform data interaction. The first cloud server and the second cloud server may be cloud servers belonging to different internet of things systems, for example, the first cloud server and the second cloud server are provided private cloud servers of different manufacturers.
The client may include a browser application (also referred to as a Web application), an application on the terminal (also referred to as an APP), an applet, and the like. The Internet of Things device may be a physical device that can be accessed to The Internet of Things (IOT for short), for example, a refrigerator, an air conditioner, a television, a floor sweeping robot, and an intelligent sound box.
The internet of things can acquire any object or process needing monitoring, connection or interaction in real time through various devices and technologies such as various information sensors, radio frequency identification technologies, global positioning systems, infrared sensors or laser scanners and acquire various required information such as sound, light, heat, electricity, mechanics, chemistry, biology or positions of the object or process, and the object, the object and people are connected in a ubiquitous manner through various possible network accesses, so that the intelligent sensing, identification and management of the object and the process are realized. The internet of things is an information bearer based on the internet, a traditional telecommunication network and the like, and all common physical objects which can be independently addressed form an interconnected network.
In order to improve the efficiency and reliability of data processing by the first cloud server and the second cloud server, the first cloud server may be divided into a first device management unit, a first user management unit, and the like, and the second cloud server may be divided into a second device management unit, a second user management unit, and the like, and each management unit may cooperate to process data in a labor-sharing manner.
For example, a first cloud server may receive, by a first user management unit, a first binding request for an internet of things device initiated by a client, the first cloud server may send, by the first user management unit, a verification request to a second cloud server in response to the first binding request, and the first cloud server may generate, by the first user management unit, second authorization and authentication information based on the received first authorization and authentication information and send the second authorization and authentication information to the client. The first cloud server can also receive a control instruction sent by the client through the first device management unit, send the control instruction to the internet of things device, control the internet of things device based on the control instruction, and the like.
The second cloud server can receive the verification request sent by the first cloud server through the second user management unit, perform identity verification on the first cloud server based on the verification request, and send first authorization and authentication information to the first cloud server through the second user management unit if the identity verification passes. The second cloud server can respond to a second binding request sent by the client through the second equipment management unit, generate token information for a user account logged in the client, and bind the internet of things equipment based on the token information. The second cloud server can also receive the control instruction sent by the first device management unit through the second device management unit, control the internet of things device based on the control instruction through the second device management unit, and the like.
In the above embodiments, the descriptions of the embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to the following detailed description of the internet of things device binding method, which is not described herein again.
It should be noted that the scene diagram of the application of the internet of things device binding method shown in fig. 1 is merely an example, and the application and the scene of the internet of things device binding method described in the embodiment of the present application are for more clearly illustrating the technical solution of the embodiment of the present application, and do not form a limitation on the technical solution provided in the embodiment of the present application.
The following are detailed below. It should be noted that the following description of the embodiments is not intended to limit the preferred order of the embodiments.
The embodiment will be described from the perspective of an internet of things device binding apparatus, which may be specifically integrated in a cloud server, where the cloud server may be a first cloud server.
Referring to fig. 2, fig. 2 is a schematic flowchart of a method for binding devices of the internet of things according to an embodiment of the present application. The Internet of things equipment binding method can comprise the following steps:
101. the method comprises the steps that a first cloud server receives a first binding request which is initiated by a client and aims at the equipment of the Internet of things, and the client logs in a user account.
The first binding request may be a request sent by a client for requesting to bind a user account logged on the client with an internet of things device.
The user account is an account corresponding to the client, the user account can be obtained by pre-registering the client, and the first cloud server stores the user account and information corresponding to the user account, such as user information of user age, gender, or constellation, and information of operation records.
For example, the first binding request for the internet of things device triggered by operations such as clicking or sliding performed by the user on the client may be specifically received by the first cloud server. Optionally, the client may display a setup interface including an internet of things device list, which may include one or more internet of things devices. For example, the internet of things device list includes an internet of things device a, an internet of things device B, and an internet of things device C.
The user can select the internet of things device to be bound in the setting interface, for example, when the user currently wants to bind the internet of things device a, the user can select the internet of things device a by clicking in the setting interface, and a first binding request for the selected internet of things device a is generated from the trigger client.
Optionally, the client may also receive voice information or gesture information input by the user, and generate a first binding request for the selected internet of things device. For example, the client acquires voice information or gesture information and the like input by a user, identifies or confirms the voice information or gesture information and the like, determines the internet of things equipment which the user wants to bind, and then generates a first binding request according to the selected internet of things equipment.
The first cloud server receives a first binding request sent by the client, and the specific type, content and the like of the first binding request can be flexibly set according to actual needs, and are not limited herein.
102. And the first cloud server responds to the first binding request, indicates a second cloud server matched with the Internet of things equipment, and performs identity verification on the first cloud server matched with the client.
In the method and the device, after receiving a first binding request, a first cloud server determines a second cloud server corresponding to the internet of things device according to the first binding request, and sends a request to the second cloud server to indicate the second cloud server matched with the internet of things device, and identity authentication is performed on the first cloud server.
Optionally, the first cloud server may carry information capable of proving the identity of the first cloud server in a verification request sent to the first cloud server in response to the first binding request, a white list may be stored in the second cloud server, the white list includes a trusted object, and the second cloud server compares the information carried in the request sent by the first cloud server with the white list to determine whether the first cloud server exists in the white list, so as to perform identity verification on the first cloud server, and improve security.
Optionally, the verification request sent by the first cloud server to the first cloud server in response to the first binding request may carry verification information of the first cloud server, and the second cloud server may perform identity verification on the first cloud server based on the verification information.
The verification information may be information used by the second cloud server to verify the identity of the first cloud server, for example, the verification information may be unique identification information of the first cloud server, or a digital certificate granted by an identity authentication authority, or the like.
For example, the digital certificate may be an identity authentication mechanism that is trusted by the first cloud server and the second cloud server together, and the digital certificate is issued to the first cloud server after the first cloud server is authenticated.
The first cloud server instructs the second cloud server to perform identity authentication on the first cloud server based on the digital certificate. Since the second cloud server trusts the identity authentication mechanism as well, when the second cloud server receives the first digital certificate sent by the first cloud server, the identity of the first cloud server can be confirmed according to the digital certificate, and the identity authentication of the first cloud server is completed.
It should be noted that, in the present application, the request sent by the first cloud server to the second cloud server may include, in addition to the verification information of the first cloud server, other information related to the first cloud server and enabling the second cloud server to perform identity authentication on the first cloud server, which is not limited in this application.
103. And if the second cloud server passes the identity verification of the first cloud server, the first cloud server receives first authorization and authentication information returned by the second cloud server.
The first authorization and authentication information may include information required for mutual authentication between the client and the second cloud server, and for example, may include a protocol for mutual authentication between the client and the second cloud server, a version number of the protocol, information related to an authorization page for authentication based on the protocol, and the like. In addition, the authorization authentication information may further include other information required for mutual authentication between the client and the second cloud server, which is not limited in this application.
In an embodiment, the first authorization authentication information may include information such as an identity (e.g., ClientId @ OAuth2) generated by the second cloud server for the first cloud server, a Uniform Resource Locator (URL) of the authorization page, and a protocol and version. In addition, the authorization authentication information may further include other information required for mutual authentication between the client and the second cloud server, which is not limited in this application.
The authorization page may be a webpage accessed through a URL, a page displayed through the URL in an Application (APP) corresponding to the second cloud server, or a page jumped through the URL in an applet corresponding to the second cloud server.
In the application, after the second cloud server receives the request sent by the first cloud server and performs identity verification on the first cloud server based on the request, and the verification passes, the second cloud server sends first authorization and authentication information to the first cloud server.
The authorization page may be a webpage accessed through a URL, a page displayed through the access URL in an Application (APP) corresponding to the second cloud server, or a page jumped through the access URL in an applet corresponding to the second cloud server, or the like.
For example, the following may be specifically mentioned: if the first cloud server indicates the second cloud server to perform identity authentication, and the identity authentication passes, which indicates that the first cloud server and the second cloud server trust each other, the second cloud server sends first authorization and authentication information to the first cloud server, and the first cloud server receives the first authorization and authentication information returned by the second cloud server.
For example, the client and the second cloud server perform mutual authentication through OAuth2.0, and the authorization authentication information received by the first cloud server and returned by the second cloud server may include an OAuth protocol, a version (e.g., 2.0) of the OAuth protocol, an access address (e.g., URL) of the authorization page, and the like.
104. And sending second authorization authentication information to the client according to the first authorization authentication information so that the client sends a second binding request to the second cloud server based on the second authorization authentication information, wherein the second binding request is used for indicating the second cloud server to generate token information for the user account based on the second authorization authentication information, and binding the Internet of things equipment based on the token information.
The token information may be identification information representing an object having a right to control the internet of things device, for example, if a user account logged in the client sends a control instruction to the internet of things device based on the token information, the control instruction is legal for the internet of things device and can be executed.
The binding may be a process of establishing an association relationship between the internet of things device and a user account logged in the client by the second cloud server, and specifically, the description is given by taking an identity of the internet of things device in the second cloud server as an internet of things device serial number as an example: the second cloud server generates token information aiming at the user account logged in the client, an object for sending a request or an instruction can be determined through the token information, and the token information corresponding to the user account logged in the client and the equipment serial number of the equipment of the Internet of things are bound by the second cloud server.
In the embodiment of the application, after the first cloud server receives the first authorization and authentication information sent by the second cloud server, the second authorization and authentication information is generated according to the first authorization and authentication information, and the second authorization and authentication information is sent to the client.
In this embodiment, the second authorization and authentication information may include content of the first authorization and authentication information. Optionally, the second authorization authentication information may include other content besides the content of the first authorization authentication information, for example, related information of the first cloud server.
For example, the first authorization and authentication information includes an identity (e.g., ClientId @ OAuth2) of the first cloud server, a Uniform Resource Locator (URL) of the authorization page, and information such as a protocol and a version, and after the first cloud server receives the first authorization and authentication information, the callback address information callback _ URL of the first cloud server is added to the first cloud server on the basis of the first authorization and authentication information, so as to generate second authorization and authentication information, and the second authorization and authentication information is sent to the client.
After receiving the second authorization and authentication information, the client authenticates with the second cloud server through the second authorization and authentication information, and sends a second binding request to the second cloud server to request the second cloud server to generate token information for the user account logged in the client according to the second authorization and authentication information. The second cloud server binds the token information with the internet of things equipment after generating the token information for the user account logged in the client, specifically binds the token information with the identity of the internet of things equipment, and sends the token information to the client. The client binds the token information with the user account logged in the client after receiving the token information sent by the second cloud server, the second cloud server binds the token information with the Internet of things equipment, the client binds the user account with the token information to complete the binding process, and the token information is used as a bound intermediate bridge to realize binding without interacting user information.
In an embodiment, when a user controls the internet of things through a client, the client sends a control instruction carrying token information to a second cloud server, and the second cloud server determines the internet of things equipment to be controlled by the user according to the token information and sends the control instruction to the internet of things equipment.
In another embodiment, after the second cloud server generates token information for the user account logged in the client, the second cloud server sends the token information to the internet of things device to be bound and sends the token information to the client, and the client binds the user account and the token information to complete the binding process.
When a user controls the Internet of things through the client, the client sends a control instruction carrying token information to the Internet of things equipment, the Internet of things equipment judges whether the token information in the control instruction is consistent with the stored control instruction, if so, the control instruction is executed, and if not, the control instruction is not executed.
It can be understood that the second cloud server does not obtain the information of the user account logged in the client, when the second cloud server performs identity authentication on the first cloud server, the digital certificate of the first cloud server is utilized, after the authentication is passed, the second cloud server can generate token information for the user account logged in the client, and the client accesses the second cloud server through the token information.
In practical application, the first cloud server and the second cloud server may be unit-divided according to functions or purposes, and the like, so as to balance loads of the first cloud server and the second cloud server, and improve response rates of the first cloud server and the second cloud server, that is, in an embodiment, the first cloud server may include a first device management unit, the second cloud server may include a second device management unit, and after the internet of things device binding method binds the internet of things device, the method specifically includes:
receiving a control instruction sent by a client through a first equipment management unit;
and sending the control instruction to the Internet of things equipment through the second equipment management unit by the first equipment management unit so as to control the Internet of things equipment based on the control instruction.
The first device management unit may be one of the first cloud servers that performs a specific function, and for example, may perform a function of receiving a control instruction sent by the client.
The second device management unit may be a unit of the second cloud server that is specified to execute a specific function, for example, may execute a function of sending a control instruction to the internet of things device.
The control instruction may be a code that the client tells the internet of things device to perform a specific operation.
For example, the first cloud server may specifically receive, by the first device management unit, a control instruction for the internet of things device sent by the client, store the control instruction in the database or in the cache, the first device management unit obtains the control instruction from the database or the cache, and sends the control instruction to the second device management unit of the second cloud server, and the second device management unit sends the control instruction to the internet of things device, so that the internet of things performs corresponding operations based on the control instruction.
In order to reduce data interaction and improve response speed to the control instruction, the first cloud server directly sends the control instruction to the internet of things device after receiving the control instruction, that is, in an embodiment, the first cloud server includes a first device management unit, and after the internet of things device is bound by the internet of things device binding method, the method may specifically include:
receiving a control instruction sent by a client through a first equipment management unit;
and sending the control instruction to the Internet of things equipment through the first equipment management unit so as to control the Internet of things equipment based on the control instruction.
For example, the first cloud server may specifically receive, by the first device management unit, the control instruction sent by the client, and send, by the first device management unit, the control instruction to the internet of things device, so that the internet of things performs a corresponding operation based on the control instruction.
In an embodiment, the client may generate a control instruction in response to an operation of a user, and directly send the control instruction to the internet of things device, so that the internet of things executes a corresponding operation based on the control instruction.
As can be seen from the above, the embodiment of the application can receive a first binding request for the internet of things device initiated by a client, where the client logs in a user account; responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and performing identity verification on a first cloud server matched with the client; receiving first authorization and authentication information returned by the second cloud server, wherein the first authorization and authentication information is sent by the second cloud server after the second cloud server passes the identity verification of the first cloud server; and sending second authorization authentication information to the client based on the first authorization authentication information so that the client sends a second binding request to the second cloud server based on the second authorization authentication information, wherein the second binding request is used for indicating the second cloud server to generate token information for the user account based on the second authorization authentication information, and binding the Internet of things equipment based on the token information. According to the scheme, the user information does not need to be interacted between the first cloud server and the second cloud server, and the user account logged in the client side is bound to the Internet of things equipment on the premise that the business contract does not need to be guaranteed, so that the binding efficiency of the Internet of things equipment is improved.
On the basis of the above-described embodiments, further details will be given below by way of example.
The embodiment will be described from the perspective of an internet of things device binding apparatus, which may be specifically integrated in a cloud server, and the cloud server may be a second cloud server.
In the method for binding the internet of things device provided in the embodiment of the present application, the method may be executed by the second cloud server, and as shown in fig. 3, a specific process of the method for binding the internet of things device may be as follows:
201. the method comprises the steps of receiving a verification request sent by a first cloud server, wherein the verification request is sent by the first cloud server in response to a first binding request which is initiated by a client and aims at the equipment of the Internet of things, and the client logs in a user account.
The first cloud server and the second cloud server may be the first cloud server mentioned in the above embodiments. For example, the first cloud server and the second cloud server may be provided private cloud servers of different vendors.
The authentication request may be request information sent by the first cloud server to request the second cloud server to perform identity authentication.
For example, the following may be specifically mentioned: the first cloud server may respond to a binding request sent by the client for the internet of things device, generate a verification request, and send the verification request to the second cloud server, where the second cloud server may receive the verification request sent by the first cloud server.
202. And performing identity authentication on the first cloud server based on the authentication request.
For example, after receiving a verification request sent by the first cloud server, the first cloud server may perform identity verification on the first cloud server according to information carried in the verification request, for example, the first cloud server may carry an identifier, the second cloud server compares the identifier with a preset identifier list according to the identifier, if the identifier is included in the identifier list, the verification on the first cloud server is passed, and if the identifier is not included in the identifier list, the verification on the first cloud server is not passed.
In order to prevent the situation that the identification information is modified to obtain the trust of the second cloud server, and improve the security and reliability of the authentication, the authentication request may further carry authentication information, where the authentication information may be information used by the second cloud server to authenticate the identity of the first cloud server, and may be, for example, a digital certificate provided by a third party trust authority, that is, in an embodiment, the step "receiving the authentication request sent by the first cloud server, and performing the authentication on the first cloud server based on the authentication request" may specifically include:
receiving a verification request sent by the first cloud server based on the binding request of the response client, wherein the verification request carries verification information of the first cloud server;
and performing identity verification on the first cloud server based on the verification information.
The verification information may be information used by the second cloud server to verify the identity of the first cloud server, for example, unique identification information of the first cloud server, or a digital certificate granted by an identity authentication authority.
For example, the method specifically includes that a user triggers a binding request to be sent to a first cloud server at a client, the first cloud server sends an authentication request to a second cloud server in response to the binding request, and the authentication request carries authentication information.
And after receiving the verification request, the second cloud server verifies the first cloud server according to the verification information carried by the request.
In an embodiment, the verification information may be an identity authentication mechanism that is trusted by the first cloud server and the second cloud server together, and the digital certificate is issued to the first cloud server after the first cloud server is authenticated.
Since the second cloud server trusts the identity authentication mechanism, when the second cloud server receives the digital certificate, it can be determined that the first cloud server is trusted according to the digital certificate, that is, the second cloud server passes the verification of the first cloud server.
203. And if the identity verification passes, sending first authorization and authentication information to the first cloud server, so that the first cloud server sends second authorization and authentication information to the client based on the first authorization and authentication information.
The first authorization and authentication information may be information required for the client to perform mutual authentication with the second cloud server, for example, information such as a protocol for performing mutual authentication between the client and the second cloud server, a version number of the protocol, and an authorization page providing mutual authentication.
Wherein the second authorization authentication information may include the content of the first authorization authentication information. Optionally, the second authorization and authentication information may include other content besides the content of the first authorization and authentication information, for example, related information of the first cloud server.
For example, the first authorization and authentication information includes an identity (e.g., ClientId @ OAuth2) of the first cloud server, a Uniform Resource Locator (URL) of the authorization page, and information such as a protocol and a version, and after the first cloud server receives the first authorization and authentication information, the callback address information callback _ URL of the first cloud server is added to the first cloud server on the basis of the first authorization and authentication information, so as to generate second authorization and authentication information, and the second authorization and authentication information is sent to the client.
For example, the first authorization authentication information may be sent to the first cloud server if the second cloud server passes the verification of the first cloud server, so that the first cloud server adds the callback address information to the first authorization authentication information to generate the second authorization authentication information, and sends the second authorization authentication information to the client.
204. And responding to a second binding request sent by the client based on the second authorization and authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information.
For example, after the first cloud server sends the second authorization and authentication information to the client, the user account logged in the client is authenticated with the second cloud server through the content included in the second authorization and authentication information, and then the second binding request is sent to the second cloud server.
The second cloud server responds to a second binding request sent by the terminal, generates token information for the user account logged in the client, and binds the token information with the internet of things equipment requested to be bound by the client, specifically, binds the token information with the equipment identifier of the internet of things equipment.
In an embodiment, the step "generating token information for the user account in response to a second binding request sent by the client based on the second authorization and authentication information, and binding the internet of things device based on the token information" may specifically include:
receiving the second authorization authentication information sent by the client based on the first cloud server and fed back binding agreement information;
based on the binding agreement information, generating token information aiming at the user account, and sending the token information to the client so that the client binds the user account with the Internet of things equipment based on the token information;
and binding the Internet of things equipment based on the token information.
The binding agreement information may be information indicating that the client agrees to bind with the internet of things device, for example, the information indicating that the client agrees to bind with the internet of things device is 1, and the information indicating that the client disagrees to bind with the internet of things device is 0, that is, if the user agrees to bind, the binding agreement information is 1.
For example, the method may specifically include that if the second cloud server passes verification of the first cloud server, the first cloud server sends first authorization authentication information to the first cloud server, the first cloud server sends second authorization authentication information to the client based on the first authorization authentication information, the client accesses the authorization webpage according to a URL of the authorization webpage in the second authorization authentication information, the user performs binding confirmation on the authorization webpage, and the client responds to a confirmation operation of the user on the authorization webpage and sends binding agreement information to the second cloud server.
The second cloud server can generate token information according to the binding agreement information, bind the token information with the Internet of things equipment requested to be bound by the client, and send the token information to the client, so that the client binds the token information with the user account logged on the client after receiving the token information.
In an embodiment, the step "binding the internet of things device based on the token information" may specifically include:
responding to an information acquisition request sent by the client carrying the token information, generating equipment binding information, and sending the equipment binding information to the client;
and if the information returned by the client is matched with the equipment binding information, binding the equipment of the Internet of things based on the token information.
The information obtaining request may be a request for requesting the second cloud server to generate the device binding information.
The device binding information may be a device binding code, and the specific type and content of the device binding information may be flexibly set according to actual needs, and are not limited herein specifically, for example, the device binding information may be in the form of a string of numbers or a character string.
For example, the client may specifically carry token information to initiate an information acquisition request for acquiring the device binding information to the second cloud server, that is, request the second cloud server to generate the device binding information.
The second cloud server can verify the identity of the object sending the information acquisition request according to the token information carried by the received information acquisition request, and if the verification is passed, generate corresponding equipment binding information and send the equipment binding information to the client.
The user can check the device binding information through the client, input the obtained device binding information in a user interface provided by the client, and the client responds to the input operation of the user and returns the information input by the user to the second cloud server. And the second cloud server compares the information returned by the client with the self-generated equipment binding information, and if the information returned by the client is consistent with the self-generated equipment binding information, the token information is bound with the Internet of things equipment requested to be bound by the client.
Optionally, in order to improve security, an expiration date may be set for the device binding information, and if the client sends the device binding information outside the expiration date, the second cloud server determines that the device binding information sent by the terminal is invalid information, and does not bind the internet of things device.
In an embodiment, the step of "sending token information to the client", may specifically include:
obtaining callback address information of a first cloud server;
and sending token information to the first cloud server based on the callback address information.
The callback address information may be address information of the first cloud server, and is used for instructing the second cloud server to return token information based on the callback address information.
For example, the first cloud server may specifically obtain callback address information, and send the callback address information and the first authorization authentication information to the client, so that the client accesses an authorization page according to the received second authorization authentication information, the authorization page may include a confirmation control, the confirmation control may be used for a user to perform binding confirmation, the client responds to an operation of the user on the confirmation control in the authorization page, for example, the operation such as clicking may be performed to trigger the control, and sends the agreement binding information to the second cloud server, and sends the callback address information.
And the second cloud server sends the token information to the first cloud server according to the callback address information.
In practical application, the first cloud server and the second cloud server may be subjected to unit division according to functions or purposes, and the like, so as to balance loads of the first cloud server and the second cloud server, and improve response rates of the first cloud server and the second cloud server, that is, in an embodiment, the first cloud server may include a first device management unit, and after the internet of things device is bound, the method for binding the internet of things device may further include:
receiving a control instruction sent by a first equipment management unit;
and controlling the Internet of things equipment based on the control instruction.
The first device management unit may be one of the first cloud servers that performs a specific function, and for example, may perform a function of transmitting a control instruction transmitted by the client to the second cloud server.
For example, the second cloud server may specifically receive a control instruction sent by the first device management unit of the first cloud server, and send the control instruction to the internet of things device, so that the internet of things device executes a corresponding operation based on the received control instruction.
Optionally, the second cloud server may include a second device management unit, and the second device management unit may be a unit of the second cloud server that is specified to execute a specific function, for example, the second cloud server may receive a control instruction sent by the first device management unit of the first cloud server, and send the control instruction to the internet of things device to control the internet of things device.
For example, the second cloud server may specifically receive, by the second device management unit, the control instruction sent by the first device management unit of the first cloud server, and send, by the second device management unit, the control instruction to the internet of things device, so that the internet of things device executes a corresponding operation based on the received control instruction.
In the foregoing embodiments, the descriptions of the embodiments have respective emphasis, and a part that is not described in detail in a certain embodiment may refer to the above detailed description of the internet of things device binding method, and is not described here again.
As can be seen from the above, in the embodiment of the application, the authentication request sent by the first cloud server in response to the first binding request sent by the client is received, and the client logs in the user account; performing identity authentication on the first cloud server based on the authentication request; if the identity verification passes, sending first authorization and authentication information to the first cloud server, so that the first cloud server generates second authorization and authentication information based on the first authorization and authentication information, and sending the second authorization and authentication information to the client; and responding to a second binding request sent by the client based on the second authorization and authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information. According to the scheme, the user information does not need to be interacted between the first cloud server and the second cloud server, the Internet of things equipment is bound on the premise that the business contract does not need to be guaranteed, and the binding efficiency of the Internet of things equipment is improved.
On the basis of the above-described embodiments, further details will be given below by way of example.
The embodiment will be described in terms of an internet of things device binding system, wherein the internet of things device binding system includes a first cloud server, a second cloud server, a client matched with the first cloud server, and an internet of things device matched with the second cloud server, wherein,
the client may be configured to send a first binding request for the internet of things device to the first cloud server.
The first cloud server may be configured to send, in response to the binding request, an authentication request to the second cloud server, where the authentication request carries authentication information of the first cloud server, and the client logs in a user account.
The second cloud server may be configured to authenticate the first cloud server based on the authentication information.
The second cloud server may be configured to return the first authorization and authentication information to the first cloud server if the identity verification passes.
The first cloud server may be configured to send second authorization authentication information to the client based on the first authorization authentication information.
The client may be configured to send a second binding request to the second cloud server based on the second authorization authentication information.
The second cloud server may be configured to, in response to the second binding request, generate token information for the user account logged in to the client based on the authorization authentication information, and send the token information to the client.
The second cloud server may be configured to bind the internet of things device based on the token information;
the client may be configured to bind the user account with the internet of things device based on the token information.
The meaning of the noun is the same as that in the internet of things equipment binding method, and specific implementation details can refer to detailed descriptions in the internet of things equipment binding method embodiment.
Specifically, based on the internet of things device binding system, in the internet of things device binding method provided in the embodiment of the present application, as shown in fig. 4, a specific process of the internet of things device binding method may be as follows:
301. and the client establishes connection with the Internet of things equipment.
For example, the internet of things device may be in a distribution network state, the client may search for the internet of things device and configure the internet of things device, and the internet of things device verifies the client, for example, the client sends a first digital certificate to the internet of things device, where the first digital certificate may be a first digital certificate granted to the client by a third-party certification authority that the internet of things device and the client trust together.
For another example, the client sends authentication information to the internet of things device, where the authentication information may be identification information of the internet of things device, such as a PIN number (abbreviated as PIN) or a secret key, and the internet of things device compares the authentication information sent by the client according to preset authentication information, and if the authentication information is consistent with the preset authentication information, the authentication of the client is completed, and the client establishes a contact with the internet of things device.
The internet of things equipment can send information required for binding to the client, for example, an identity of the client is required, and the client can generate an identity (ClientId @ OAuth2) for the first cloud server by using the second cloud server in the first authorization and authentication information in a subsequent binding process, and send the identity as its own identity to the internet of things equipment.
Optionally, the client discovers the internet of things device, and may display a connection page for the user to perform a confirmation operation to confirm the connection, and the client responds to the confirmation operation of the user on the connection page to configure with the internet of things device.
The distribution network state may be a state in which the internet of things device waits to be associated with the client.
The network distribution mode for configuring the client and the internet of things device can be a broadcast packet mode, a multicast address mode, a device hotspot network distribution mode, a bluetooth network distribution mode, a mobile phone hotspot network distribution mode, a router network distribution mode and the like, and different network distribution modes determine the communication mode of the internet of things device and the associated client, for example, the client and the internet of things device are configured in the network distribution mode through the router, and the client and the internet of things device are communicated through a local area network.
302. The client sends a first binding request to a first user management unit of a first cloud server.
For example, the client may specifically initiate the first binding request to the first user management unit of the first cloud server.
303. The first user management unit of the first cloud server responds to the first binding request of the client and sends an identity authentication request to the second user management unit of the second cloud server.
For example, after receiving the first binding request sent by the client, the first user management unit of the first cloud server may initiate an authentication request to the second user management unit of the second cloud server, so as to perform mutual authentication with the second cloud server.
For example, the identity verification request sent by the first cloud server may carry a second digital certificate, where the second digital certificate may be a third-party certificate authority that is trusted by both the first cloud server and the second cloud server, and is granted to the digital certificate of the first cloud server.
304. And the second user management unit of the second cloud server performs identity verification on the first cloud server.
For example, the second user management unit of the second cloud server may specifically perform identity verification on the first cloud server through a second digital certificate sent by the first user management unit of the first cloud server, and if the second digital certificate is granted by a common trusted third party authority, the verification on the first cloud server is passed. If the second digital certificate is not granted by a co-trusted third party authority, the first cloud server is not verified.
305. And if the verification is passed, the second user management unit of the second cloud server returns the first authorization authentication information to the first user management unit of the first cloud server.
And if the second cloud server passes the verification of the first cloud server, returning first authorization and authentication information to the first user management unit of the first cloud server, wherein the first authorization and authentication information may include a protocol for mutual authentication between the client and the second cloud server, a version number of the protocol, relevant information of an authorization page for providing mutual authentication, and the like. For example, the client and the second cloud server perform mutual authentication through OAuth2.0, and the identity and the authorization authentication information, which are received by the first cloud server and returned by the second cloud server, generated by the second cloud server for the first cloud server may include an OAuth protocol, version 2.0, an access address of an authorization page, and the like.
If the verification fails, the second cloud server does not return authorization authentication information to the first cloud server, and the second cloud server can also send prompt information that the identity authentication fails to pass to the client.
306. And the first user management unit of the first cloud server sends the first authorization and authentication information and the callback address information to the client.
For example, the first user management unit of the first cloud server may specifically acquire callback address information of the first cloud server, and send the first authorization and authentication information and the callback address information to the client.
307. And the client accesses the authorization page according to the first authorization authentication information.
For example, the client may specifically access the authorization page according to an access address (URL) of the authorization page in the first authorization authentication information, such as accessing the authorization page pointed by the URL through a browser, or jump to an authorization page in the app corresponding to the second cloud server according to the URL, or jump to an authorization page in the applet corresponding to the second cloud server according to the URL.
The user can input an account password on the authorization page, the account password can be an account and a password applied by the user for the second cloud server, and the user indicates that the user account logged in the client is authorized to access the specified information of the first cloud server by inputting the account and the password. And after the account and the password are verified by the second cloud server, generating token information for the user account logged in the client.
Optionally, before binding a user account (hereinafter referred to as a first user account) logged in the client and the internet of things device, the internet of things device and a user account registered by the user on the second cloud server (the user account is an account input by the user on an authorization page, and hereinafter referred to as a second user account for distinction) may be bound, when the first user account logged in the client sends an instruction to the internet of things device, the internet of things device may synchronize the instruction to data corresponding to the second user account in the second cloud server, specifically, the second user account and the internet of things device may be bound first, and then the first user account and the internet of things device are bound, so that even if the internet of things device is controlled by user accounts of different internet of things systems, the second cloud server may also obtain information that the device is controlled, the staff of the corresponding manufacturer of the second cloud server can timely acquire the control condition of the Internet of things equipment, so that the attack operation on the Internet of things equipment is timely prevented, and the safety of the Internet of things equipment is improved.
308. And the client responds to the confirmation operation of the user based on the authorization page and generates an information acquisition request.
For example, after the user inputs the second user account and the password of the second user account in the authorization page, the confirmation control is determined, for example, the confirmation control is clicked, the terminal responds to the confirmation operation of the user on the authorization page, a second user account and a password input by the user are obtained, a request is sent to the second equipment management unit, after the second user account and the password are verified by the second equipment management unit, in response to the request, a temporary token, which may be a code, is returned to the client, and upon receipt of the code by the client, and the second user management unit of the second cloud server generates token information according to the temporary token and sends the token information to the client based on the address indicated by the callback address information.
The client generates an information acquisition request based on the token information, wherein the information acquisition request carries the token information.
309. The client sends an information acquisition request to the second device management unit.
For example, the client may specifically send an information acquisition request to the second device management unit by carrying token information.
310. And the second equipment management unit of the second cloud server responds to the information acquisition request and sends equipment binding information to the client.
For example, the client may specifically initiate a request for obtaining the device binding information to a second device management unit of the second cloud server based on the token information, that is, request the second device management unit to generate the device binding information. And the second equipment management unit checks whether the token information is legal or not, generates equipment binding information if the token information is legal, and sends the equipment binding information to the client.
311. And the client sends the equipment binding information to the Internet of things equipment.
For example, the client may specifically display the device binding information after receiving the device binding information, and display a user interface for inputting information based on the received device binding information, where the client responds to an input operation of a user, acquires information input by the user, and sends the information to the internet of things device.
312. The Internet of things equipment sends the equipment binding information to a second equipment management unit of a second cloud server.
For example, the internet of things device may specifically send the information input by the user, which is sent by the client, to the second device management unit of the second cloud server.
313. And a second equipment management unit of the second cloud server binds the Internet of things equipment.
For example, the second device management unit may specifically compare the information input by the user and sent by the internet of things device with the generated device binding information, and if the information sent by the internet of things device is consistent with the generated device binding information, the second cloud server binds the token information generated for the first user account logged in the client with the internet of things device.
Optionally, after the token information and the internet of things device are bound by the second cloud server, a prompt message of successful binding is returned to the client, the client responds to the prompt message and binds the first user account logged in the client with the token information, it can be understood that the first user account logged in the client is bound with the internet of things device by using the token information as an intermediate bridge, and the first user account is indirectly bound with the internet of things device by binding the first user account with the token information and the token information with the internet of things device.
Optionally, in order to improve security, an expiration date may be set for the token information, and when the token information is invalid, the user may bind the internet of things device again in the above manner, and the second cloud server and the client may update the binding relationship accordingly.
Optionally, the validity period of the token information may be updated each time the user accesses the second cloud server or controls the internet of things device through the token information, for example, if the user does not access the second cloud server for 48 hours continuously, the token information is invalid, and when the user accesses within 48 hours, the validity period is updated to 48 hours again.
314. The client responds to the control operation of the user and generates a control instruction.
For example, the method may specifically be that a user executes a control operation for the internet of things device in a display page of the client, and the client responds to the control operation of the user to generate a control instruction carrying token information corresponding to a user account logged in the client. For example, when the internet of things device is an air conditioner, an adjustment operation of operating parameters such as temperature, operating mode, and wind speed for the air conditioner, which is input by a user, may be received in a display page of the client for air conditioner control, and a control instruction carrying token information may be generated based on the adjustment operation. For another example, when the internet-of-things device is a television, the adjustment operation of the operation parameters such as the volume, program switching, and brightness for the television input by the user may be received in the display page for television control of the client, and the generation control instruction of the token information corresponding to the user account registered in the client may be carried based on the adjustment operation.
315. And the client sends the control instruction to a second equipment management unit of the second cloud server.
For example, the client may specifically send the control instruction to the second device management unit of the second cloud server.
316. And the second equipment management unit of the second cloud server sends the control instruction to the Internet of things equipment.
For example, the second device management unit may specifically determine the internet of things device to be controlled by the control instruction according to the token information carried in the control instruction and the binding relationship between the token information and the internet of things device, and send the control instruction to the corresponding internet of things device.
317. And the Internet of things equipment executes corresponding operation according to the received control command.
For example, the internet of things device may specifically execute a corresponding operation according to the received control instruction.
For example, when the internet of things device is an air conditioner, the air conditioner may adjust the temperature according to the received temperature adjustment instruction (i.e., control instruction). For another example, when the internet of things device is a television, the television may adjust the volume according to the received volume adjustment instruction (i.e., control instruction).
As can be seen from the above, in the embodiment of the present application, a client is connected to an internet of things device, the client may send a binding request to a first user management unit of a first cloud server, the first user management unit of the first cloud server responds to the first binding request of the client, and sends an identity verification request to a second user management unit of a second cloud server, the second user management unit of the second cloud server performs identity verification on the first cloud server, if the verification is passed, the second user management unit of the second cloud server returns first authorization authentication information to the first user management unit of the first cloud server, the first user management unit of the first cloud server sends the first authorization authentication information and callback address information to the client, the client accesses an authorization page according to the first authorization authentication information, and the client performs a confirmation operation on the authorization page, the client sends an information acquisition request to a second equipment management unit, the second equipment management unit of a second cloud server responds to the information acquisition request and sends equipment binding information to the client, the client sends the equipment binding information to the Internet of things equipment, the Internet of things equipment sends the equipment binding information to a second equipment management unit of the second cloud server, the second equipment management unit of the second cloud server binds the Internet of things equipment, the client responds to control operation of a user and generates a control instruction, the client sends the control instruction to a first equipment management unit of a first cloud server, the first equipment management unit of the first cloud server sends the control instruction to a second equipment management unit of the second cloud server, the second equipment management unit of the second cloud server sends the control instruction to the Internet of things equipment, and the Internet of things equipment executes corresponding operation according to the received control instruction. According to the scheme, the user information does not need to be interacted between the first cloud server and the second cloud server, the Internet of things equipment is bound on the premise that the business contract does not need to be guaranteed, the security of user privacy is guaranteed, the binding efficiency of the Internet of things equipment is improved, and the security of data interaction is improved.
In order to better implement the method for binding the internet of things equipment provided by the embodiment of the application, an embodiment of the invention further provides a device for binding the internet of things equipment. The meaning of the noun is the same as that in the internet of things device binding method, and specific implementation details can refer to the description in the method embodiment.
The internet of things device binding apparatus may be specifically integrated in a cloud server, and the cloud server may be a first cloud server, as shown in fig. 5, and the internet of things device binding apparatus may include: the first receiving module 401, the responding module 402, the second receiving module 403, the first binding module 404, and the like may specifically be as follows:
the first receiving module 401: the method comprises the steps of receiving a first binding request which is initiated by a client and aims at the equipment of the Internet of things, wherein the client logs in a user account.
The response module 402: and the server is used for responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and authenticating the first cloud server matched with the client.
Optionally, the response module 402 may include a sending sub-module and an indication sub-module, specifically:
a sending submodule: and the server is used for responding to the first binding request and sending a verification request to the second cloud server, wherein the verification request carries verification information of the first cloud server matched with the client.
An indication submodule: and the cloud server is used for indicating the second cloud server according to the verification request and carrying out identity verification on the first cloud server based on the verification information.
The second receiving module 403: and the first authorization and authentication information is sent after the second cloud server passes the identity verification of the first cloud server.
The first binding module 404: the second binding request is used for indicating the second cloud server to generate token information for the user account, and binding the Internet of things equipment based on the token information.
Optionally, the first binding module 404 may include an obtaining submodule and a sending submodule, specifically:
obtaining a submodule: for obtaining callback address information.
A generation module: the second authorization authentication information is generated based on the first authorization authentication information;
an information generation module: the first authorization authentication information and the callback address information are used for generating second authorization authentication information;
a sending submodule: and the callback address information is used for indicating the second cloud server to return token information.
Optionally, the internet of things device binding apparatus may include a fourth receiving module and a second sending module, specifically:
a fourth receiving module: the first device management unit is used for receiving a control instruction sent by the client.
A second receiving module: the device management system comprises a first device management unit and a second device management unit, wherein the first device management unit is used for sending a control instruction to the Internet of things device through the second device management unit so as to control the Internet of things device based on the control instruction.
Optionally, the internet of things device binding apparatus may include a fifth receiving module and a third sending module, specifically:
a fifth receiving module: the first device management unit is used for receiving a control instruction sent by the client.
A third receiving module: the device management unit is used for sending the control instruction to the Internet of things device through the first device management unit so as to control the Internet of things device based on the control instruction.
As can be seen from the above, in the embodiment of the application, the first receiving module 401 receives a first binding request for the internet of things device, which is initiated by a client, and the client logs in a user account; responding to the first binding request through a response module 402, indicating a second cloud server matched with the internet of things equipment, and performing identity verification on a first cloud server matched with the client; the second receiving module 403 receives the first authorization and authentication information returned by the second cloud server; the first binding module 404 sends second authorization authentication information to the client based on the first authorization authentication information, so that the client sends a second binding request to the second cloud server based on the second authorization authentication information, the second binding request is used for indicating the second cloud server to generate token information for the user account, and the internet of things device is bound based on the token.
In order to better implement the method for binding the internet of things equipment provided by the embodiment of the application, an embodiment of the invention further provides a device for binding the internet of things equipment. The meaning of the noun is the same as that in the internet of things device binding method, and specific implementation details can refer to the description in the method embodiment.
The internet of things device binding apparatus may be specifically integrated in a cloud server, and the cloud server may be a second cloud server, as shown in fig. 6, and the internet of things device binding apparatus may include: the third receiving module 501, the verifying module 502, the sending module 503, the second binding module 504, and the like may specifically be as follows:
the third receiving module 501: the cloud server is used for receiving a verification request sent by the first cloud server, wherein the verification request is sent by the first cloud server in response to a first binding request for the Internet of things equipment, which is initiated by the client, and the client logs in a user account.
The verification module 502: the authentication server is used for authenticating the first cloud server based on the authentication request.
Optionally, the verification module 502 may include a sending sub-module and a verification sub-module, specifically:
a sending submodule: the authentication request is sent by the first cloud server based on the first binding request of the response client, and carries authentication information of the first cloud server.
A verification submodule: and the first cloud server is used for identity verification based on the verification information.
The sending module 503: and the server is used for sending first authorization and authentication information to the first cloud server if the identity verification passes, so that the first cloud server sends second authorization and authentication information to the client based on the first authorization and authentication information.
The second binding module 504: and the server is used for responding to a request sent by the client based on the second authorization authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information.
Optionally, the second binding module 504 may include a receiving sub-module and a generating sub-module, specifically:
a receiving submodule: and the second authorization authentication information is used for receiving the consent binding information fed back by the client based on the first cloud server.
Generating a submodule: the token information is generated aiming at the user account based on the binding agreement information, and is sent to the client side, so that the client side binds the user account and the Internet of things equipment based on the token information;
and binding the Internet of things equipment based on the token information.
Optionally, the generating sub-module is specifically configured to: responding to an information acquisition request sent by the client carrying the token information, generating equipment binding information, and sending the equipment binding information to the client;
and if the information returned by the client is matched with the equipment binding information, binding the equipment of the Internet of things based on the token information.
Optionally, the generating sub-module is specifically configured to:
and obtaining callback address information of the first cloud server.
And sending the token information to the first cloud server based on the callback address information, so that the first cloud server sends the token information to the client.
Optionally, the internet of things device binding apparatus may include a sixth receiving module and a control module, specifically:
a sixth receiving module: the device management unit is used for receiving a control instruction sent by the first device management unit.
A control module: the control device is used for controlling the Internet of things equipment based on the control instruction.
As can be seen from the above, in the embodiment of the present application, the third receiving module 501 receives the verification request sent by the first cloud server; authenticating the first cloud server based on the authentication request by the authentication module 502; if the identity verification passes, the sending module 503 sends first authorization and authentication information to the first cloud server, so that the first cloud server sends second authorization and authentication information to the client based on the first authorization and authentication information; responding to a second binding request sent by the client based on the second authorization and authentication information through the second binding module 504, generating token information for the user account, and binding the internet of things equipment based on the token information. According to the scheme, the user information does not need to be interacted between the first cloud server and the second cloud server, the Internet of things equipment is bound on the premise that the business contract does not need to be guaranteed, and the binding efficiency of the Internet of things equipment is improved.
An embodiment of the present application further provides a cloud server, where the cloud server may be a first cloud server or a second cloud server, and as shown in fig. 7, it shows a schematic structural diagram of a cloud server according to an embodiment of the present application, specifically:
the cloud server may include components such as a processor 1001 of one or more processing cores, memory 1002 of one or more computer-readable storage media (which may also be referred to as storage media), a power source 1003, and an input unit 1004. Those skilled in the art will appreciate that the cloud server architecture shown in fig. 7 does not constitute a limitation of a cloud server, and may include more or fewer components than shown, or some components in combination, or a different arrangement of components. Wherein:
the processor 1001 is a control center of the cloud server, connects various parts of the entire cloud server by using various interfaces and lines, and performs various functions of the cloud server and processes data by running or executing software programs and/or modules stored in the memory 1002 and calling data stored in the memory 1002, thereby performing overall monitoring of the cloud server. Optionally, processor 1001 may include one or more processing cores; preferably, the processor 1001 may integrate an application processor, which mainly handles operating systems, user interfaces, computer programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 1001.
The memory 1002 may be used to store software programs and modules, and the processor 1001 executes various functional applications and data processing by operating the software programs and modules stored in the memory 1002. The memory 1002 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, a computer program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data created according to the use of the cloud server, and the like. Further, the memory 1002 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 1002 may also include a memory controller to provide the processor 1001 access to the memory 1002.
The cloud server further includes a power source 1003 for supplying power to each component, and preferably, the power source 1003 may be logically connected to the processor 1001 through a power management system, so that functions of managing charging, discharging, power consumption management and the like are implemented through the power management system. The power source 1003 may also include any component including one or more of a dc or ac power source, a recharging system, a power failure detection circuit, a power converter or inverter, a power status indicator, and the like.
The cloud server may further include an input unit 1004, and the input unit 1004 may be used to receive input numeric or character information and generate a keyboard, mouse, joystick, optical or trackball signal input related to user setting and function control.
Although not shown, the cloud server may further include a display unit and the like, which are not described in detail herein. Specifically, in this embodiment, the processor 1001 in the cloud server loads the executable file corresponding to the process of one or more computer programs into the memory 1002 according to the following instructions, and the processor 1001 runs the computer programs stored in the memory 1002, so as to implement various functions as follows:
when the cloud server is a first cloud server, a first binding request for the internet of things equipment, which is initiated by a client, can be received; responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and performing identity verification on a first cloud server matched with the client; receiving first authorization and authentication information returned by the second cloud server, wherein the first authorization and authentication information is sent by the second cloud server after the second cloud server passes the identity verification of the first cloud server; and sending second authorization authentication information to the client according to the first authorization authentication information so that the client sends a second binding request to the second cloud server based on the second authorization authentication information, wherein the second binding request is used for indicating the second cloud server to generate token information for the user account and binding the Internet of things equipment based on the token information.
When the cloud server is a second cloud server, a verification request sent by the first cloud server can be received, wherein the verification request is sent by the first cloud server in response to a first binding request which is initiated by a client and aims at the Internet of things equipment, and the client logs in a user account; performing identity authentication on the first cloud server based on the authentication request; if the identity verification passes, sending first authorization and authentication information to the first cloud server, so that the first cloud server sends second authorization and authentication information to the client based on the first authorization and authentication information; and responding to a second binding request sent by the client based on the second authorization and authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information.
According to an aspect of the application, a computer program product or computer program is provided, comprising computer instructions, the computer instructions being stored in a computer readable storage medium. The processor of the cloud server reads the computer instructions from the computer readable storage medium, and the processor executes the computer instructions, so that the cloud server executes the method provided in the various optional implementation manners in the above embodiments.
It will be understood by those skilled in the art that all or part of the steps of the methods of the above embodiments may be performed by a computer program, which may be stored in a computer-readable storage medium and loaded and executed by a processor, or by related hardware controlled by the computer program.
To this end, an embodiment of the present application provides a storage medium, in which a computer program is stored, where the computer program can be loaded by a processor to execute any one of the methods for binding devices in the internet of things provided in the embodiment of the present application.
The above operations can be implemented in the foregoing embodiments, and are not described in detail herein.
Wherein the storage medium may include: a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic or optical disk, or the like.
Since the computer program stored in the storage medium can execute the steps in any of the internet of things device binding methods provided in the embodiments of the present application, beneficial effects that can be achieved by any of the internet of things device binding methods provided in the embodiments of the present application can be achieved, which are detailed in the foregoing embodiments and are not described herein again.
The method, the device, the system, the cloud server and the storage medium for binding the internet of things equipment provided by the embodiment of the application are introduced in detail, a specific example is applied in the method for explaining the principle and the implementation mode of the application, and the description of the embodiment is only used for helping to understand the method and the core idea of the application; meanwhile, for those skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (16)

1. An Internet of things equipment binding method is characterized by comprising the following steps:
receiving a first binding request aiming at the Internet of things equipment initiated by a client, wherein the client logs in a user account;
responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and performing identity verification on a first cloud server matched with the client;
receiving first authorization and authentication information returned by the second cloud server, wherein the first authorization and authentication information is sent by the second cloud server after the identity of the first cloud server is verified;
and sending second authorization and authentication information to the client according to the first authorization and authentication information, so that the client sends a second binding request to a second cloud server based on the second authorization and authentication information, wherein the second binding request is used for indicating the second cloud server to generate token information for the user account, and binding the Internet of things equipment based on the token information.
2. The internet of things device binding method of claim 1, wherein the instructing, in response to the first binding request, a second cloud server matching the internet of things device to authenticate a first cloud server matching the client comprises:
responding to the first binding request, and sending a verification request to the second cloud server, wherein the verification request carries verification information of the first cloud server matched with the client;
and indicating the second cloud server according to the verification request, and performing identity verification on the first cloud server based on the verification information.
3. The internet of things device binding method according to claim 1, wherein the sending second authorization and authentication information to the client according to the first authorization and authentication information includes:
obtaining callback address information;
generating the second authorization and authentication information based on the first authorization and authentication information and the callback address information;
and sending the second authorization authentication information to the client, wherein the callback address information is used for indicating the second cloud server to return token information to the client.
4. The internet of things device binding method according to any one of claims 1 to 3, wherein the first cloud server comprises a first device management unit, the second cloud server comprises a second device management unit, and the method further comprises:
receiving a control instruction sent by the client through the first equipment management unit;
and sending the control instruction to the Internet of things equipment through the second equipment management unit by the first equipment management unit so as to control the Internet of things equipment based on the control instruction.
5. The internet of things device binding method according to any one of claims 1 to 3, wherein the first cloud server comprises a first device management unit, and the method further comprises:
receiving a control instruction sent by the client through the first equipment management unit;
and sending the control instruction to the Internet of things equipment through the first equipment management unit so as to control the Internet of things equipment based on the control instruction.
6. An Internet of things equipment binding method is characterized by comprising the following steps:
receiving a verification request sent by a first cloud server, wherein the verification request is sent by the first cloud server in response to a first binding request for Internet of things equipment initiated by a client, and the client logs in a user account;
authenticating the first cloud server based on the authentication request;
if the identity verification passes, sending first authorization and authentication information to the first cloud server, so that the first cloud server sends second authorization and authentication information to the client based on the first authorization and authentication information;
responding to a second binding request sent by the client based on the second authorization and authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information.
7. The internet of things device binding method according to claim 6, wherein the receiving a verification request sent by a first cloud server, and performing identity verification on the first cloud server based on the verification request comprises:
receiving a verification request sent by a first cloud server based on a first binding request for the Internet of things equipment initiated by a response client, wherein the verification request carries verification information of the first cloud server;
and performing identity verification on the first cloud server based on the verification information.
8. The internet of things equipment binding method of claim 6, wherein the generating token information for the user account in response to a second binding request sent by the client based on the second authorization and authentication information and binding the internet of things equipment based on the token information comprises:
receiving feedback agreement binding information of the client based on second authorization authentication information sent by the first cloud server;
generating token information aiming at the user account based on the binding agreement information, and sending the token information to the client so that the client binds the user account with the Internet of things equipment based on the token information;
and binding the Internet of things equipment based on the token information.
9. The internet of things device binding method of claim 8, wherein the binding the internet of things device based on the token information comprises:
responding to an information acquisition request sent by the client carrying the token information, generating equipment binding information, and sending the equipment binding information to the client;
and if the information returned by the client is matched with the equipment binding information, binding the Internet of things equipment based on the token information.
10. The internet of things device binding method of claim 9, wherein the sending the token information to the client comprises:
obtaining callback address information of the first cloud server;
sending token information to the first cloud server based on the callback address information, so that the first cloud server sends the token information to the client.
11. The internet of things device binding method according to any one of claims 6 to 10, wherein the first cloud server comprises a first device management unit, and the method further comprises:
receiving a control instruction sent by the first equipment management unit;
and controlling the Internet of things equipment based on the control instruction.
12. An internet of things equipment binding device, comprising:
the device comprises a first receiving module, a second receiving module and a third receiving module, wherein the first receiving module is used for receiving a first binding request aiming at the Internet of things equipment initiated by a client, and the client logs in a user account;
the response module is used for responding to the first binding request, indicating a second cloud server matched with the Internet of things equipment, and carrying out identity verification on a first cloud server matched with the client;
the second receiving module is used for receiving first authorization and authentication information returned by the second cloud server, wherein the first authorization and authentication information is sent by the second cloud server after the second cloud server passes the identity verification of the first cloud server;
the first binding module is used for sending second authorization authentication information to the client according to the first authorization authentication information so that the client sends a second binding request to a second cloud server based on the second authorization authentication information, the second binding request is used for indicating the second cloud server to generate token information for the user account, and the internet of things equipment is bound based on the token information.
13. An internet of things equipment binding device, comprising:
the third receiving module is used for receiving a verification request sent by a first cloud server, wherein the verification request is sent by the first cloud server in response to a first binding request which is initiated by a client and aims at the Internet of things equipment, and the client logs in a user account;
the verification module is used for performing identity verification on the first cloud server based on the verification request;
the sending module is used for sending first authorization and authentication information to the first cloud server if the identity verification passes, so that the first cloud server sends second authorization and authentication information to the client based on the first authorization and authentication information;
and the second binding module is used for responding to a second binding request sent by the client based on the authorization authentication information, generating token information for the user account, and binding the Internet of things equipment based on the token information.
14. An Internet of things equipment binding system is characterized by comprising a first cloud server, a second cloud server, a client matched with the first cloud server, and Internet of things equipment matched with the second cloud server,
the client is used for sending a first binding request aiming at the Internet of things equipment to the first cloud server, and the client logs in a user account;
the first cloud server is used for responding to the first binding request and sending a verification request to the second cloud server, wherein the verification request carries verification information of the first cloud server;
the second cloud server is used for carrying out identity authentication on the first cloud server based on the authentication information;
the second cloud server is used for returning first authorization and authentication information to the first cloud server if the identity verification is passed;
the first cloud server is used for sending second authorization authentication information to the client based on the first authorization authentication information;
the client is used for sending a second binding request to the second cloud server based on the second authorization and authentication information;
the second cloud server is used for responding to the second binding request, generating token information for the user account logged in the client based on the second authorization and authentication information, and sending the token information to the client;
the second cloud server is used for binding the Internet of things equipment based on the token information;
the client is used for binding the user account and the Internet of things equipment based on the token information.
15. A cloud server, comprising a processor and a memory, wherein the memory stores a computer program, and the processor executes the internet of things device binding method according to any one of claims 1 to 5 or the internet of things device binding method according to any one of claims 6 to 11 when calling the computer program in the memory.
16. A storage medium for storing a computer program which is loaded by a processor to perform the internet of things device binding method of any one of claims 1 to 5 or the internet of things device binding method of any one of claims 6 to 11.
CN202110898234.2A 2021-08-05 2021-08-05 Internet of things equipment binding method, device, system, cloud server and storage medium Active CN113746633B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110898234.2A CN113746633B (en) 2021-08-05 2021-08-05 Internet of things equipment binding method, device, system, cloud server and storage medium
PCT/CN2022/099279 WO2023011016A1 (en) 2021-08-05 2022-06-16 Internet of things device binding method, apparatus and system, and cloud server and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110898234.2A CN113746633B (en) 2021-08-05 2021-08-05 Internet of things equipment binding method, device, system, cloud server and storage medium

Publications (2)

Publication Number Publication Date
CN113746633A true CN113746633A (en) 2021-12-03
CN113746633B CN113746633B (en) 2023-10-17

Family

ID=78730238

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110898234.2A Active CN113746633B (en) 2021-08-05 2021-08-05 Internet of things equipment binding method, device, system, cloud server and storage medium

Country Status (2)

Country Link
CN (1) CN113746633B (en)
WO (1) WO2023011016A1 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113839917A (en) * 2021-06-30 2021-12-24 海信(广东)空调有限公司 Voice information processing method, data processing platform and equipment cloud server
CN114500617A (en) * 2021-12-24 2022-05-13 青岛海尔科技有限公司 Internet equipment control method and device, storage medium and electronic equipment
CN114866251A (en) * 2022-04-25 2022-08-05 中国银联股份有限公司 Equipment interconnection security authentication system, method, device, server and medium
WO2023011016A1 (en) * 2021-08-05 2023-02-09 深圳Tcl新技术有限公司 Internet of things device binding method, apparatus and system, and cloud server and storage medium
CN116056076A (en) * 2022-07-21 2023-05-02 荣耀终端有限公司 Communication system, method and electronic equipment
CN116055147A (en) * 2022-12-30 2023-05-02 中国电子科技集团公司第三十研究所 Cloud service light-weight identity authentication method based on identification
CN116112236A (en) * 2023-01-06 2023-05-12 深圳感臻智能股份有限公司 Authentication and data transmission method based on intelligent device ecology and intelligent television
CN116170151A (en) * 2022-12-27 2023-05-26 海尔优家智能科技(北京)有限公司 Internet of things terminal association method and Internet of things terminal association system
WO2024031681A1 (en) * 2022-08-12 2024-02-15 Oppo广东移动通信有限公司 Device binding method and apparatus, and device, storage medium and program product
WO2024050754A1 (en) * 2022-09-08 2024-03-14 Oppo广东移动通信有限公司 Method for starting client, first device, configuration device, and cloud platform

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995710A (en) * 2017-12-29 2019-07-09 上海智显光电科技有限公司 A kind of lan device management system and method
CN110677248A (en) * 2019-10-30 2020-01-10 宁波奥克斯电气股份有限公司 Safe binding method and system based on narrowband Internet of things
CN110944035A (en) * 2019-10-22 2020-03-31 珠海格力电器股份有限公司 Internet of things equipment control method and system and readable medium
CN112637245A (en) * 2021-01-13 2021-04-09 广州技象科技有限公司 Internet of things equipment binding method and device
CN112738805A (en) * 2020-12-30 2021-04-30 青岛海尔科技有限公司 Device control method and apparatus, storage medium, and electronic device
US20210211432A1 (en) * 2020-01-08 2021-07-08 Beijing Xiaomi Pinecone Electronics Co., Ltd. Method and device for processing information, and storage medium

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10645557B2 (en) * 2017-04-04 2020-05-05 Dell Products L.P. Transferable ownership tokens for discrete, identifiable devices
US11689571B2 (en) * 2019-03-12 2023-06-27 Nxp B.V. Certificate provisioning and customer binding mechanisms using device group identification token
CN111327583B (en) * 2019-08-22 2022-03-04 刘高峰 Identity authentication method, intelligent equipment and authentication server
CN111639319B (en) * 2020-06-02 2023-04-25 抖音视界有限公司 User resource authorization method, device and computer readable storage medium
CN113746633B (en) * 2021-08-05 2023-10-17 深圳Tcl新技术有限公司 Internet of things equipment binding method, device, system, cloud server and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995710A (en) * 2017-12-29 2019-07-09 上海智显光电科技有限公司 A kind of lan device management system and method
CN110944035A (en) * 2019-10-22 2020-03-31 珠海格力电器股份有限公司 Internet of things equipment control method and system and readable medium
CN110677248A (en) * 2019-10-30 2020-01-10 宁波奥克斯电气股份有限公司 Safe binding method and system based on narrowband Internet of things
US20210211432A1 (en) * 2020-01-08 2021-07-08 Beijing Xiaomi Pinecone Electronics Co., Ltd. Method and device for processing information, and storage medium
CN112738805A (en) * 2020-12-30 2021-04-30 青岛海尔科技有限公司 Device control method and apparatus, storage medium, and electronic device
CN112637245A (en) * 2021-01-13 2021-04-09 广州技象科技有限公司 Internet of things equipment binding method and device

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113839917A (en) * 2021-06-30 2021-12-24 海信(广东)空调有限公司 Voice information processing method, data processing platform and equipment cloud server
WO2023011016A1 (en) * 2021-08-05 2023-02-09 深圳Tcl新技术有限公司 Internet of things device binding method, apparatus and system, and cloud server and storage medium
CN114500617A (en) * 2021-12-24 2022-05-13 青岛海尔科技有限公司 Internet equipment control method and device, storage medium and electronic equipment
CN114500617B (en) * 2021-12-24 2023-11-28 青岛海尔科技有限公司 Internet equipment control method and device, storage medium and electronic equipment
CN114866251B (en) * 2022-04-25 2023-07-07 中国银联股份有限公司 Equipment interconnection security authentication system, method, device, server and medium
CN114866251A (en) * 2022-04-25 2022-08-05 中国银联股份有限公司 Equipment interconnection security authentication system, method, device, server and medium
CN116056076B (en) * 2022-07-21 2023-10-20 荣耀终端有限公司 Communication system, method and electronic equipment
CN116056076A (en) * 2022-07-21 2023-05-02 荣耀终端有限公司 Communication system, method and electronic equipment
WO2024031681A1 (en) * 2022-08-12 2024-02-15 Oppo广东移动通信有限公司 Device binding method and apparatus, and device, storage medium and program product
WO2024050754A1 (en) * 2022-09-08 2024-03-14 Oppo广东移动通信有限公司 Method for starting client, first device, configuration device, and cloud platform
CN116170151A (en) * 2022-12-27 2023-05-26 海尔优家智能科技(北京)有限公司 Internet of things terminal association method and Internet of things terminal association system
CN116055147A (en) * 2022-12-30 2023-05-02 中国电子科技集团公司第三十研究所 Cloud service light-weight identity authentication method based on identification
CN116112236A (en) * 2023-01-06 2023-05-12 深圳感臻智能股份有限公司 Authentication and data transmission method based on intelligent device ecology and intelligent television

Also Published As

Publication number Publication date
WO2023011016A1 (en) 2023-02-09
CN113746633B (en) 2023-10-17

Similar Documents

Publication Publication Date Title
CN113746633B (en) Internet of things equipment binding method, device, system, cloud server and storage medium
US9473496B2 (en) Dynamically mapping network trust relationships
EP3073699B1 (en) System and method for controlling mutual access of smart devices
CN106063308B (en) Device, identity and event management system based on user identifier
US20110030047A1 (en) Method, apparatus and system for protecting user information
US20140075513A1 (en) Device token protocol for authorization and persistent authentication shared across applications
JP2018529245A (en) Authorization processing method and device
US9344417B2 (en) Authentication method and system
WO2015196908A1 (en) Service processing method, terminal, server and system
CN109344628B (en) Method for managing trusted nodes in block chain network, nodes and storage medium
CN103685204A (en) Resource authentication method based on internet of things resource sharing platform
CN113341798A (en) Method, system, device, equipment and storage medium for remotely accessing application
JP2011238083A (en) Authentication cooperation apparatus and program for the same, device authentication apparatus and program for the same, and authentication cooperation system
CN111194035B (en) Network connection method, device and storage medium
CN113765655A (en) Access control method, device, equipment and storage medium
WO2023005525A1 (en) Configuration method for device control privilege, apparatus, computer device, and storage medium
US20240179142A1 (en) Method and apparatus for account association, and computer device and storage medium
CN113612747B (en) Method and device for setting device control authority, computer device and storage medium
CN106802832B (en) Jenkins node state management method and device
JP2005217679A (en) Authentication server performing authentication of communication partner
CN115314895A (en) WAPI user identification method, system and access area AS
JP2018037025A (en) Program, authentication system, and authentication cooperative system
Kang U2fi: A provisioning scheme of iot devices with universal cryptographic tokens
JP5302665B2 (en) Authentication server presentation method, service providing system, service providing apparatus, and service providing program
WO2023015462A1 (en) Method and apparatus for connection establishment, device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant