CN113765713B - Data interaction method based on Internet of things equipment acquisition - Google Patents
Data interaction method based on Internet of things equipment acquisition Download PDFInfo
- Publication number
- CN113765713B CN113765713B CN202110997397.6A CN202110997397A CN113765713B CN 113765713 B CN113765713 B CN 113765713B CN 202110997397 A CN202110997397 A CN 202110997397A CN 113765713 B CN113765713 B CN 113765713B
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- equipment
- data
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 101
- 230000003993 interaction Effects 0.000 title claims abstract description 28
- 238000009826 distribution Methods 0.000 claims abstract description 18
- 230000008447 perception Effects 0.000 claims abstract description 12
- 238000012545 processing Methods 0.000 claims abstract description 11
- 238000003860 storage Methods 0.000 claims abstract description 7
- 238000004458 analytical method Methods 0.000 claims abstract description 4
- 238000007405 data analysis Methods 0.000 claims abstract description 4
- 230000004927 fusion Effects 0.000 claims abstract description 4
- 238000005065 mining Methods 0.000 claims abstract description 4
- 238000013499 data model Methods 0.000 claims description 62
- 230000005540 biological transmission Effects 0.000 claims description 24
- 230000006870 function Effects 0.000 claims description 21
- 230000004044 response Effects 0.000 claims description 21
- 238000004364 calculation method Methods 0.000 claims description 18
- 230000007246 mechanism Effects 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 15
- 238000007476 Maximum Likelihood Methods 0.000 claims description 9
- 230000004913 activation Effects 0.000 claims description 9
- 230000006399 behavior Effects 0.000 claims description 9
- 238000011156 evaluation Methods 0.000 claims description 9
- 238000007726 management method Methods 0.000 claims description 9
- 230000002159 abnormal effect Effects 0.000 claims description 6
- 238000005315 distribution function Methods 0.000 claims description 6
- 238000004519 manufacturing process Methods 0.000 claims description 6
- 230000002776 aggregation Effects 0.000 claims description 5
- 238000004220 aggregation Methods 0.000 claims description 5
- 238000012544 monitoring process Methods 0.000 claims description 4
- 238000013475 authorization Methods 0.000 claims description 3
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 230000008531 maintenance mechanism Effects 0.000 claims description 3
- 230000006855 networking Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 10
- 238000005516 engineering process Methods 0.000 description 8
- 238000011161 development Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- QVFWZNCVPCJQOP-UHFFFAOYSA-N chloralodol Chemical compound CC(O)(C)CC(C)OC(O)C(Cl)(Cl)Cl QVFWZNCVPCJQOP-UHFFFAOYSA-N 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000005538 encapsulation Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000008713 feedback mechanism Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000013468 resource allocation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0823—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/084—Configuration by using pre-existing information, e.g. using templates or copying from other elements
- H04L41/0843—Configuration by using pre-existing information, e.g. using templates or copying from other elements based on generic templates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Abstract
The invention discloses a data interaction method based on Internet of things equipment collection, which is realized by using a gateway, internet of things equipment and an Internet of things informatization system, wherein the Internet of things informatization system is connected with the gateway, the Internet of things equipment is connected with the gateway, and the gateway, the Internet of things equipment and the Internet of things informatization system jointly form an Internet of things network; the system comprises an Internet of things informatization system, a storage unit and a storage unit, wherein the Internet of things informatization system is used for receiving perception data acquired by various Internet of things devices, providing a unified informatization platform for acquisition, convergence, processing, fusion and mining analysis of the perception data, and providing sharing distribution service of the perception data; the gateway is used for realizing data analysis on the heterogeneous network modules, so that the data forwarding coordinators among the heterogeneous networks exchange information with each other through the serial port modules of the gateway. The invention is matched with the communication network module interface capability of the gateway, the intelligent terminal and other devices, so that the Internet of things device can select a proper mode according to the network environment condition.
Description
Technical Field
The invention relates to the field of service application of the Internet of things, in particular to a data interaction method based on equipment acquisition of the Internet of things.
Background
At present, with the rapid development of the application field of the Internet of things and the rapid iterative innovation of the technology of the Internet of things, the system presents the current situations that the communication network is heterogeneous and diverse, the number of communication devices is increased by power, the distribution range of the devices is wider, the acquired data expression forms are various, and the like, so that the system brings serious challenges to the information security of the Internet of things. The data interaction of the Internet of things not only ensures that the transmission link can safely send the message to the receiving end, but also prevents the receiving end from being hit by tracking and prevents the data of the sending end from being tampered and transmitted. Meanwhile, when the application field of the internet of things lacks a full-link and full-flow integrated data security interaction method from an originating terminal to a final terminal and application thereof.
Along with the rapid development of the internet of things and the rapid progress of technology, the gateway mode solves the problem of point-to-point single network communication of the traditional equipment, so that the multipoint sensing data are converged to the gateway for unified processing, thereby realizing the long-distance communication, but the gateway mode has the problems of complex transmission process, lower network transmission efficiency, easy tampering and monitoring of related data and the like.
Disclosure of Invention
Aiming at the problem that the application field of the Internet of things lacks a full-link and full-flow integrated data security interaction method from an originating terminal to a final terminal, the invention combines the interface capability of communication network modules of devices such as a gateway and an intelligent terminal, applies a software development component to the devices such as the gateway by virtue of the advantages of an embedded technology, provides an integrated and comprehensive solution by virtue of soft and hard matching, and realizes that the Internet of things device can select a proper mode according to the condition of the network environment where the Internet of things device is positioned to transmit Internet of things data to an Internet of things informatization system of the final terminal. The invention has good application prospect.
The invention defines that a software development component (SDK) loaded in the Internet of things equipment realizes data acquisition, data encapsulation, data reporting and the like; according to the method, the Internet of things data model is used for digitally describing the Internet of things equipment entity, so that the Internet of things equipment can be identified and subjected to processing such as function call by an Internet of things informatization system; the invention confirms the credibility of the Internet of things equipment accessed to the informatization system by using a self-defined equipment identity card mechanism; the invention realizes safe and efficient data transmission by using an improved encryption technology and matching with a self-defined protocol.
The invention discloses a data interaction method based on Internet of things equipment acquisition, which is realized by using a gateway, internet of things equipment and an Internet of things informatization system, wherein the Internet of things informatization system is connected with the gateway, the Internet of things equipment is connected with the gateway, and the gateway, the Internet of things equipment and the Internet of things informatization system jointly form an Internet of things network. The internet of things informatization system is used for receiving perception data acquired by various internet of things devices, providing a unified informatization platform for acquisition, aggregation, processing, fusion and mining analysis of the perception data, and providing sharing distribution service of the perception data. The internet of things equipment comprises various sensors, and the gateway comprises a WAPI module, an Ethernet module, a ZigBee module, a serial port module, a LORA module, an LTE module, a 4G/5G module, a Beidou module and the like, an NBIOT module and the like. The gateway is used for realizing data analysis on the heterogeneous network modules, enabling the data forwarding coordinators among the heterogeneous networks to exchange information with each other through the serial port modules of the gateway, reading and analyzing the data uploaded by the data forwarding coordinators among the heterogeneous networks by the gateway, providing the read data through the serial port modules of the gateway, storing the data uploaded by the data forwarding coordinators among the heterogeneous networks into the database of the gateway after analyzing the data uploaded by the data forwarding coordinators among the heterogeneous networks by the gateway, and simultaneously repackaging and converting the data into a standardized format.
The gateway also comprises an embedded software development component of the Internet of things, wherein the embedded software development component of the Internet of things is loaded in the gateway and is used for realizing the rapid input of data into the terminal of the Internet of things, and the embedded software development component of the Internet of things provides an edge computing function, so that the gateway is supported to realize the random access and the plug-and-play of heterogeneous network environments. The embedded software development component of the Internet of things comprises a data model SDK, an encryption and decryption SDK, an edge calculation SDK and the like, provides a standardized data transmission mode, and has the functions of data caching, data deduplication, data retransmission, data aggregation, data reporting, equipment control, standardized data format conversion and the like. The method comprises the following specific steps:
s1, defining a data model of the Internet of things;
the method comprises the steps that after abstract modeling is conducted on entity equipment, standard digital description is conducted on sensing data of various pieces of Internet of things equipment, corresponding JSON format file data models are built for the various pieces of Internet of things equipment, and the Internet of things data models are stored in a JSON format in an Internet of things informatization system; the data model of the Internet of things defines a set of corresponding standard data parameters for each type of Internet of things equipment, and the standard data parameters comprise all parameters used by the type of Internet of things equipment. Specifically, the internet of things informatization system utilizes the internet of things data model to abstract the functions of various internet of things devices into data parameters consisting of attributes, functions, events and extensions, wherein the data parameters are used for data interaction between the various internet of things devices and the internet of things informatization system; and the attribute in the data parameter is used for describing the running state of the Internet of things equipment. The internet of things informatization system actively transmits messages to obtain the attributes of all the internet of things devices, and all the internet of things devices report the attributes to the internet of things informatization system through events.
The functions in the data parameters record the capability or method of the Internet of things equipment which can be called by the outside, and the settable input parameters and output parameters of the Internet of things equipment, and are the basis of the Internet of things informatization system to execute a task control function instruction such as a certain linkage on the Internet of things equipment.
And the event in the data parameters records the event which occurs when the Internet of things equipment runs, and the event comprises notification information which needs to be perceived and processed externally and comprises a plurality of output parameters.
And the expansion of the data parameters records custom expansion fields such as equipment labels and the like, and is used for realizing information sharing.
The data model of the Internet of things adopts the same data model for the same type of Internet of things equipment, the same type of Internet of things equipment is defined by using the data model of the Internet of things, and the data of the same type of Internet of things equipment is standardized, so that the same type of Internet of things equipment can be automatically identified and analyzed and configured by an Internet of things informatization system after being connected to the Internet of things, and the manual configuration workload is reduced. The internet of things informatization system utilizes the internet of things data model to form a standardized service pool or resource pool, and utilizes the service pool or resource pool to acquire data resources or service resources of different types of internet of things equipment.
The data model of the Internet of things has abnormal data processing capability, and data which can cause misoperation of the equipment of the Internet of things are shielded, specifically, a controlled range and a boundary range are defined in the attribute of the data parameter of the data model of the Internet of things, when the trigger event information value of the equipment of the Internet of things is in the boundary range, the trigger event is marked with the generation time as a time stamp, and the trigger event information value of the equipment of the Internet of things is sent to an informatization system of the Internet of things; but when the value of the triggering event information value of the Internet of things equipment is out of the boundary range, the Internet of things data model directly takes the data as dirty data, adds a shielding label to the data, and feeds back shielding label information to an Internet of things informatization system.
S2, carrying out identity authentication on the equipment of the Internet of things;
and carrying out identity authentication on the Internet of things equipment, and ensuring that the Internet of things equipment accessed to the Internet of things terminal is credible, wherein the Internet of things equipment which does not pass the identity authentication cannot be accessed to the Internet of things terminal. For all the Internet of things equipment which needs to be accessed into the Internet of things information system for information interaction, the Internet of things information system needs to register the equipment, and after the Internet of things information system distributes equipment ID for each Internet of things equipment which needs to be accessed into the Internet of things information system and activates the equipment, the equipment can perform a session with the Internet of things information system.
Step S2, using the device ID as an identity tag of the Internet of things device, wherein each Internet of things device has an independent device ID; the internet of things equipment applies for activation to the internet of things informatization system, and sends equipment information comprising manufacturers, production batches, production passwords, unique codes of chips and the like to the internet of things informatization system. And the information system of the Internet of things judges and generates a unique equipment ID according to the equipment information through activation. The internet of things informatization system informs that the internet of things equipment is successfully activated, and issues equipment codes, equipment keys, digital certificates and the like to the internet of things equipment, and the internet of things equipment permanently stores the standby IDs thereof. If the internet of things device is activated for multiple times, the device key and the digital certificate thereof must be changed after each activation, and the device ID remains unchanged. After the internet of things equipment is activated, every time the internet of things equipment is connected with the internet of things informatization system, equipment ID (identity) is submitted, a piece of random number is encrypted by using an equipment key, and information to be sent to the internet of things informatization system is mixed with the encrypted random number and then sent, so that interception and theft of the information are prevented.
For devices that have interacted with the platform, an information mechanism needs to be employed for the device identity each time a reconnection occurs. The method comprises the steps of carrying out identity authentication on the Internet of things equipment by adopting a trust mechanism based on behaviors, dynamically judging the credibility of the Internet of things equipment through a behavior history record of the Internet of things equipment and the current behavior characteristics of the Internet of things equipment, using equipment ID, an Internet of things data model, digital signature information, a smart card or an encryption chip of the equipment or other identity authentication attribute information (secret information, an encrypted file of a user password or a random number is stored in the smart card) as a trust certificate, comparing the trust certificate with related information in a database containing identity authentication rule information of an Internet of things informatization system, and outputting trust evaluation through a trust management engine of the Internet of things informatization system.
The trust evaluation calculation method of the trust management engine on a certain piece of internet of things equipment comprises the following steps:
H X =α*T B -β*T M +γ*T Q +k*T t ,
wherein H is X Trust evaluation value T representing certain internet of things equipment B 、T M 、T Q 、T t Respectively representing the equipment ID of the equipment of the Internet of things, the data model of the Internet of things, the digital signature and the trust degree of the identity identification attribute information of the equipment, T B 、T M 、T Q 、T t The values of (a) are all 1 or not, and alpha, beta, gamma and k are respectively T B 、T M 、T Q 、T t And the sum is 1, and k=0 when the smart card or encryption chip or other identification attribute information of the internet of things device itself is not present.
T B 、T M 、T Q 、T t By evaluating or maximum likelihoodEnergy value method. For the judgment value method, T B Is 0 or 1, T M The judgment value of (1) is related to the number of times of deleting abnormal dirty data in unit time of the data model of the Internet of things, T Q 、T t And (3) defining the judgment value according to the judgment requirement.
For the maximum likelihood method, a maximum likelihood estimation method MLE is used, and in the case that the confidence probability distribution function is known and the parameters of the probability distribution are unknown, the MLE estimates the unknown probability distribution parameters according to the already obtained confidence results, and the estimated probability distribution parameters maximize the probability of occurrence of the already obtained confidence results. The credibility of the ith Internet of things equipment is t i The probability that the ith Internet of things equipment passes identity authentication is equal to the credibility of the ith Internet of things equipment, and the verification result of the ith Internet of things equipment on the kth Internet of things equipment is x i,k The adjacent equipment of the ith Internet of things equipment is marked as n (i), and the MLE method is used for solving the trust probability distribution function p (x) i,k ,t i ,l k ) Parameters at maximum, i.e. at maximum
Solving to obtain t when the above equation is maximized i Namely, the calculation result of the trust degree of the equipment ID, the data model, the digital signature or the identity identification attribute information of the equipment of the i-th Internet of things equipment is obtained, N is the number of the physical network equipment, and l is the number of the physical network equipment k The method comprises the steps that a certain trust initial estimated value of a kth internet of things device is taken as one of a device ID, an internet of things data model, a digital signature or trust initial estimated value of identity attribute information of the device, and according to l k The initial estimate, t, of the specific confidence level taken i The result of the corresponding trust degree calculation is the result of the corresponding trust degree calculation. For example, l k When the trust initial estimated value of the equipment ID of the kth Internet of things equipment is t i The calculation result of the trust degree of the device ID of the ith Internet of things device is obtained.
S3, encrypting and transmitting the data;
the method for encrypting the data sent by the Internet of things equipment or the Internet of things informatization system by adopting the hybrid encryption algorithm specifically comprises the steps that in the data transmission process, a receiver sends a public key of the receiver to a sender, the public key of the sender is used for encrypting a key of the symmetric encryption algorithm, the encrypted key of the symmetric encryption algorithm is sent to the receiver, the receiver decrypts the received key by using an own private key to obtain a key of the symmetric encryption method, the sender sends original information encrypted by using the own private key to the receiver, and the receiver decrypts the received information by using the key of the symmetric encryption algorithm.
In the information transmission process between the Internet of things equipment or the Internet of things informationized systems, digital signature is carried out on the transmitted information to prove the identity of the information, signature authentication is carried out on the transmitted information by utilizing an improved asymmetric encryption algorithm, the identity of a private key owner is verified through a public key, the information is signed and sent out by an information sender through the digital signature, the signature authentication process encrypts the summary information of the transmitted information by using the private key of the sender, then the encrypted ciphertext is transmitted to a receiver of the information together with an unencrypted original text, the receiver decrypts the encrypted summary information by using the public key of the sender, then the decrypted summary information is decrypted by using the same summary information encryption method as the sender, the obtained summary information is compared with the summary information of the original transmitted information, if the obtained summary information is the same, the received information is complete, and the received information is not tampered by a third party in the transmission process. The method comprises the steps that the internet of things equipment performs registration authentication in an internet of things concept informatization system, after the internet of things informatization system performs authorization authentication, a certificate management system in the internet of things informatization system generates 2 pairs of keys, one pair of keys is used for a private key and a public key of an asymmetric encryption method, the other pair of keys is used for a symmetric encryption method, and meanwhile, a digital certificate is generated and fed back to the internet of things equipment.
S4, defining an application layer protocol;
the internet of things equipment and the internet of things informatization system perform data interaction through an application layer protocol, the adopted application layer protocol comprises MQTT, COAP, HTTP, MIT-LINK protocol and the like, and parameters of the application layer protocol MIT-LINK are redefined according to data interaction requirements. The MIT-LINK protocol is a message transmission protocol of a request/distribution mode of a client/server architecture, the MIT-Link protocol adopts a request/response model, the Internet of things equipment sends a request message to an Internet of things informatization system, the request message comprises a request type, a protocol name and a version, an Internet of things equipment identifier and request data, and the Internet of things informatization system sends a response message to the Internet of things equipment after receiving the request message, wherein the response message comprises a response type, the protocol name and the version, a reason code and response data; the method specifically comprises the steps that the Internet of things equipment is connected to an Internet of things informatization system, and a connection request message is sent. The internet of things informatization system receives the connection request, sends a response message and establishes a TCP socket connection; the method comprises the steps that the Internet of things equipment sends an operation request message, an Internet of things informatization system receives the operation request message and returns a response message, the Internet of things equipment sends a connection closing request message, and the Internet of things informatization system receives the connection closing request message and releases TCP connection.
The message of MIT-Link protocol includes message header, message body, the message header includes: message type, protocol name, protocol version, connection flag, keep connection time, message body length, message body includes: device ID, message data.
S5, adopting a data access maintenance mechanism;
when a plurality of internet of things devices initiate a network access operation process at the same time, the initiated network access application generates message collision at a gateway, so that the plurality of internet of things devices cannot normally join the network, the internet of things devices adopt a monitoring mechanism and a rule engine mechanism, the internet of things devices firstly randomly retreat for a period of time and monitor the busy and idle states of the network in the network access operation process, if the current network channel is in the idle state, the internet of things devices initiate the network access operation, and if the current network channel is in the busy state, the internet of things devices wait for the next network access time slot to perform the network access operation. According to the operation, the networking process of all the Internet of things equipment is realized.
The beneficial effects of the invention are as follows:
according to the invention, the communication network module interface capability of the gateway, the intelligent terminal and other equipment is matched, the software development component is applied to the gateway and other equipment by virtue of the advantages of the embedded technology, and an integrated and comprehensive solution is provided by the soft and hard matching, so that the Internet of things equipment can select a proper mode according to the network environment condition and transmit the Internet of things data to the Internet of things informatization system of the final end. The invention has good application prospect.
Drawings
FIG. 1 is a flow chart of an implementation of the method of the present invention;
FIG. 2 is a data streaming architecture design diagram of the method of the present invention;
FIG. 3 is a flow chart of the authentication of device identity trust in the method of the present invention;
FIG. 4 is a flow chart of reporting attributes of an Internet of things data model according to the method of the present invention;
fig. 5 is a definition chart of attribute rules of an internet of things data model according to the method of the present invention.
Detailed Description
For a better understanding of the present disclosure, an embodiment is presented herein.
The invention defines that a software development component (SDK) loaded in the Internet of things equipment realizes data acquisition, data encapsulation, data reporting and the like; according to the method, the Internet of things data model is used for digitally describing the Internet of things equipment entity, so that the Internet of things equipment can be identified and subjected to processing such as function call by an Internet of things informatization system; the invention confirms the credibility of the Internet of things equipment accessed to the informatization system by using a self-defined equipment identity card mechanism; the invention realizes safe and efficient data transmission by using an improved encryption technology and matching with a self-defined protocol. The architecture relationship of the implementation of the present invention is shown in fig. 1. The data streaming architecture is shown in fig. 2. FIG. 3 is a flow chart of the device identity trust authentication of the method of the present invention. Fig. 4 is a flow chart of reporting attributes of an internet of things data model according to the method of the present invention. Fig. 5 is a definition chart of attribute rules of an internet of things data model according to the method of the present invention.
The invention discloses a data interaction method based on Internet of things equipment acquisition, which is realized by using a gateway, internet of things equipment and an Internet of things informatization system, wherein the Internet of things informatization system is connected with the gateway, the Internet of things equipment is connected with the gateway, and the gateway, the Internet of things equipment and the Internet of things informatization system jointly form an Internet of things network. The internet of things informatization system is used for receiving perception data acquired by various internet of things devices, providing a unified informatization platform for acquisition, aggregation, processing, fusion and mining analysis of the perception data, and providing sharing distribution service of the perception data. The internet of things equipment comprises various sensors, and the gateway comprises a WAPI module, an Ethernet module, a ZigBee module, a serial port module, a LORA module, an LTE module, a 4G/5G module, a Beidou module and the like, an NBIOT module and the like. The gateway is used for realizing data analysis on the heterogeneous network modules, enabling the data forwarding coordinators among the heterogeneous networks to exchange information with each other through the serial port modules of the gateway, reading and analyzing the data uploaded by the data forwarding coordinators among the heterogeneous networks by the gateway, providing the read data through the serial port modules of the gateway, storing the data uploaded by the data forwarding coordinators among the heterogeneous networks into the database of the gateway after analyzing the data uploaded by the data forwarding coordinators among the heterogeneous networks by the gateway, and simultaneously repackaging and converting the data into a standardized format.
The gateway also comprises an embedded software development component of the Internet of things, wherein the embedded software development component of the Internet of things is loaded in the gateway and is used for realizing the rapid input of data into the terminal of the Internet of things, and the embedded software development component of the Internet of things provides an edge computing function, so that the gateway is supported to realize the random access and the plug-and-play of heterogeneous network environments. The embedded software development component of the Internet of things comprises a data model SDK, an encryption and decryption SDK, an edge calculation SDK and the like, provides a standardized data transmission mode, and has the functions of data caching, data deduplication, data retransmission, data aggregation, data reporting, equipment control, standardized data format conversion and the like. The largest characteristic of the SDK can be cut and packaged according to the storage space of the Internet of things device, can be adjusted according to the size of the storage space and the transmission requirement process sequence, and can be suitable for a device scene with small codes and packaging requirements.
The method comprises the following specific steps:
s1, defining a data model of the Internet of things;
the method comprises the steps that after abstract modeling is conducted on entity equipment, standard digital description is conducted on sensing data of various pieces of Internet of things equipment, corresponding JSON format file data models are built for the various pieces of Internet of things equipment, and the Internet of things data models are stored in a JSON format in an Internet of things informatization system; based on the data model of the Internet of things, application development of the Internet of things can be directly performed. The data model of the Internet of things defines a set of corresponding standard data parameters for each type of Internet of things equipment, and the standard data parameters comprise all parameters used by the type of Internet of things equipment. Specifically, the internet of things informatization system utilizes the internet of things data model to abstract the functions of various internet of things devices into data parameters consisting of attributes, functions, events and extensions, wherein the data parameters are used for data interaction between the various internet of things devices and the internet of things informatization system; and the attribute of the data parameter is used for describing the running state of the Internet of things equipment. The internet of things informatization system actively transmits messages to obtain the attributes of all the internet of things devices, and all the internet of things devices report the attributes to the internet of things informatization system through events.
The function of the data parameter records the capability or method of the Internet of things equipment which can be called by the outside, and the settable input parameter and output parameter of the Internet of things equipment, and is the basis of the Internet of things informatization system to execute a task control function instruction such as a certain linkage on the Internet of things equipment.
The event of the data parameter records the event occurring when the Internet of things equipment runs, and the event contains notification information which needs to be perceived and processed externally and contains a plurality of output parameters.
And the expansion of the data parameters records custom expansion fields such as equipment labels and the like, and is used for realizing information sharing.
The data model of the Internet of things adopts the same data model for the same type of Internet of things equipment, the same type of Internet of things equipment is defined by using the data model of the Internet of things, and the data of the same type of Internet of things equipment is standardized, so that the same type of Internet of things equipment can be automatically identified and analyzed and configured by an Internet of things informatization system after being connected to the Internet of things, and the manual configuration workload is reduced. The internet of things informatization system utilizes the internet of things data model to form a standardized service pool or resource pool, and utilizes the service pool or resource pool to acquire data resources or service resources of different types of internet of things equipment.
The design element fields contained in the data model of the Internet of things can be customized by a user, support the customization of data types and units, and have the characteristics of convenience and flexibility. The data model of the Internet of things has abnormal data processing capability, and data which can cause misoperation of the equipment of the Internet of things are shielded, specifically, a controlled range and a boundary range are defined in the attribute of the data parameter of the data model of the Internet of things, when the trigger event information value of the equipment of the Internet of things is in the boundary range, the trigger event is marked with the generation time as a time stamp, and the trigger event information value of the equipment of the Internet of things is sent to an informatization system of the Internet of things; but when the value of the triggering event information value of the Internet of things equipment is out of the boundary range, the Internet of things data model directly takes the data as dirty data, adds a shielding label to the data, and feeds back shielding label information to an Internet of things informatization system.
S2, carrying out identity authentication on the equipment of the Internet of things;
the application service of the Internet of things is characterized by more access devices and wide distribution area, so that the Internet of things has the possibility of being falsely used and changed in series. And carrying out identity authentication on the Internet of things equipment, and ensuring that the Internet of things equipment accessed to the Internet of things terminal is credible, wherein the Internet of things equipment which does not pass the identity authentication cannot be accessed to the Internet of things terminal. For all the Internet of things equipment which needs to be accessed into the Internet of things information system for information interaction, the Internet of things information system needs to register the equipment, and after the Internet of things information system distributes equipment ID for each Internet of things equipment which needs to be accessed into the Internet of things information system and activates the equipment, the equipment can perform a session with the Internet of things information system.
Step S2, using the device ID as an identity tag of the Internet of things device, wherein each Internet of things device has an independent device ID; the internet of things equipment applies for activation to the internet of things informatization system, and sends equipment information comprising manufacturers, production batches, production passwords, unique codes of chips and the like to the internet of things informatization system. And the information system of the Internet of things judges and generates a unique equipment ID according to the equipment information through activation. The internet of things informatization system informs that the internet of things equipment is successfully activated, and issues equipment codes, equipment keys, digital certificates and the like to the internet of things equipment, and the internet of things equipment permanently stores the standby IDs thereof. If the internet of things device is activated for multiple times, the device key and the digital certificate thereof must be changed after each activation, and the device ID remains unchanged. After the internet of things equipment is activated, every time the internet of things equipment is connected with the internet of things informatization system, equipment ID (identity) is submitted, a piece of random number is encrypted by using an equipment key, and information to be sent to the internet of things informatization system is mixed with the encrypted random number and then sent, so that interception and theft of the information are prevented.
For devices that have interacted with the platform, an information mechanism needs to be employed for the device identity each time a reconnection occurs. The method comprises the steps of carrying out identity authentication on the Internet of things equipment by adopting a trust mechanism based on behaviors, dynamically judging the credibility of the Internet of things equipment through a behavior history record of the Internet of things equipment and the current behavior characteristics of the Internet of things equipment, taking equipment ID, an Internet of things data model, digital signature information, a smart card or an encryption chip of the equipment or other identity authentication attribute information (secret information, an encrypted file of a user password or a random number is stored in the smart card) as a trust certificate, comparing the trust certificate with related information in a database containing identity authentication rule information of an Internet of things informatization system, and outputting trust evaluation through a trust management engine of the Internet of things informatization system, as shown in figure 4.
The trust evaluation calculation method of the trust management engine on a certain piece of internet of things equipment comprises the following steps:
H X =α*T B -β*T M +γ*T Q +k*T t ,
wherein H is X Trust evaluation value T representing certain internet of things equipment B 、T M 、T Q 、T t Respectively representing the equipment ID of the equipment of the Internet of things, the data model of the Internet of things, the digital signature and the trust degree of the identity identification attribute information of the equipment, T B 、T M 、T Q 、T t The values of (a) are all 1 or not, and alpha, beta, gamma and k are respectively T B 、T M 、T Q 、T t And the sum is 1, and k=0 when the smart card or encryption chip or other identification attribute information of the internet of things device itself is not present. The alpha, beta, gamma and k parameter values can provide two sets of parameter value results according to the existence of the smart card or the encryption chip of the equipment or other identification attribute information (secret information is stored in the smart card).
T B 、T M 、T Q 、T t And (3) adopting a judgment value method or a maximum likelihood value method. For the judgment value method, T B Is 0 or 1, T M The judgment value of (1) is related to the number of times of deleting abnormal dirty data in unit time of the data model of the Internet of things, T Q 、T t And (3) defining the judgment value according to the judgment requirement.
For the maximum likelihood method, a maximum likelihood estimation Method (MLE) is utilized, the maximum likelihood estimation Method (MLE) is a probability-based trust reasoning method, and is applicable to a probability model and a belief model, and when a trust probability distribution function is known and parameters of probability distribution are unknown, the MLE estimates unknown probability distribution parameters according to the obtained trust result, and the estimated probability distribution parameters enable the possibility of the obtained trust result to be maximum. The credibility of the ith Internet of things equipment is t i The probability that the ith Internet of things equipment passes identity authentication is equal to the credibility of the ith Internet of things equipment, and the verification result of the ith Internet of things equipment on the kth Internet of things equipment is x i,k The adjacent equipment of the ith Internet of things equipment is marked as n (i), and the MLE method is used for solving the trust probability distribution function p (x) i,k ,t i ,l k ) Parameters at maximum, i.e. at maximum
Solving to obtain t when the above equation is maximized i Namely, the calculation result of the trust degree of the equipment ID, the data model, the digital signature or the identity identification attribute information of the equipment of the i-th Internet of things equipment is obtained, N is the number of the physical network equipment, and l is the number of the physical network equipment k The method comprises the steps that a certain trust initial estimated value of a kth internet of things device is taken as one of a device ID, an internet of things data model, a digital signature or trust initial estimated value of identity attribute information of the device, and according to l k The initial estimate, t, of the specific confidence level taken i The result of the corresponding trust degree calculation is the result of the corresponding trust degree calculation. For example, l k When the trust initial estimated value of the equipment ID of the kth Internet of things equipment is t i The calculation result of the trust degree of the device ID of the ith Internet of things device is obtained.
S3, encrypting and transmitting the data;
the data is encrypted and transmitted by an encryption algorithm of a digital certificate mechanism, and the data is sent to a destination by adopting an encryption transmission technology. The invention improves the prior art, ensures the safe transmission of data (information is not tampered, monitored, and the like) and simultaneously improves the encryption and decryption speed efficiency.
The data sent by the Internet of things equipment is guaranteed not to be eavesdropped by adopting a key encryption mode, and the key encryption mode comprises a symmetric encryption algorithm and an asymmetric encryption algorithm. The symmetric encryption algorithm has high possibility of password leakage, and the efficiency is very low by adopting the asymmetric encryption algorithm. The method specifically comprises the steps that in the data transmission process, a receiver sends a public key of the receiver to a sender, the public key of the sender is used for encrypting a secret key of the symmetric encryption algorithm, the encrypted secret key of the symmetric encryption algorithm is sent to the receiver, the receiver receives the secret key, the receiver decrypts the secret key by using an own private key to obtain a secret key of the symmetric encryption method, the sender sends original information encrypted by using the own private key to the receiver, and the receiver decrypts the received information by using the secret key of the symmetric encryption algorithm.
In the process of information transmission between the Internet of things equipment or the Internet of things informatization system, the transmitted information is digitally signed to prove the identity of the information, the transmitted information is subjected to signature authentication by utilizing an improved asymmetric encryption algorithm, the identity of a private key owner is checked by a public key, and the confirmed information is signed and sent by an information sender through the digital signature, because other people do not have the private key of the information sender, the signature of the information sender cannot be counterfeited at all. The signature authentication process comprehensively utilizes an asymmetric encryption method and a digital digest method, the signature authentication process encrypts digest information of transmitted information by using a private key of a sender, then the encrypted ciphertext is transmitted to a receiver of the information together with an unencrypted original text, the receiver decrypts the encrypted digest information by using a public key of the sender, then the decrypted digest information is decrypted by using the same digest information encryption method as the sender, the obtained digest information is compared with the digest information of the original transmitted information, if the obtained digest information is the same, the received information is indicated to be complete, and the received information is not tampered by a third party in the transmission process. The method comprises the steps of carrying out hash calculation on information to obtain a hash value, encrypting the hash value when the information is sent out, and sending the encrypted hash value together with the information as a signature. After receiving the information, the receiver recalculates the hash value of the information and compares the hash value with the hash value (after decryption) attached to the information, and if the hash value is consistent with the hash value, the receiver indicates that the content of the information is not modified. The digital signature is intercepted and imitated, and the unmanageable person can modify the information content and the hash value so that the information content and the hash value can be matched, so that a third-party authority is required to confirm the condition to ensure that the content is true and effective. The scheme of the invention is as follows: the internet of things equipment performs registration authentication in the internet of things concept informatization system, and after the internet of things informatization system performs authorization authentication, a certificate management system in the internet of things informatization system generates 2 pairs of keys, one pair of keys is used for a private key and a public key of an asymmetric encryption method, the other pair of keys is used for a symmetric encryption method, and a digital certificate (comprising a device signature and a public key) is generated and fed back to the internet of things equipment. The digital certificate defined in the present invention includes a certificate information field as described in table 1.
TABLE 1 certificate information Domain
S4, defining an application layer protocol;
the internet of things equipment and the internet of things informatization system perform data interaction through an application layer protocol, the adopted application layer protocol comprises MQTT, COAP, HTTP, MIT-LINK protocol and the like, parameters of the application layer protocol MIT-LINK are redefined according to data interaction requirements, and the application layer protocol can be well matched with an encryption technology to provide a safe and reliable channel. The MIT-LINK protocol is a request/distribution mode message transmission protocol of a client/server architecture, and has the characteristics of light weight, specification and the like aiming at an application protocol set by the Internet of things. The MIT-LINK supports long connection, real-time communication, off-line feedback mechanism and other functions. The MIT-LINK is suitable for low-power consumption, low-storage and narrow-bandwidth application scenes. The MIT-Link protocol defines how a client communicates with a server. The MIT-Link protocol adopts a request/response model, the Internet of things equipment sends a request message to an Internet of things informatization system, the request message comprises a request type, a protocol name and version, an Internet of things equipment identifier and request data, and after the Internet of things informatization system receives the request message, the Internet of things informatization system sends a response message to the Internet of things equipment, wherein the response message comprises a response type, a protocol name and version, a reason code and response data; the method specifically comprises the steps that the Internet of things equipment is connected to an Internet of things informatization system, and a connection request message is sent. The internet of things informatization system receives the connection request, sends a response message and establishes a TCP socket connection; the method comprises the steps that the Internet of things equipment sends an operation request message, an Internet of things informatization system receives the operation request message and returns a response message, the Internet of things equipment sends a connection closing request message, and the Internet of things informatization system receives the connection closing request message and releases TCP connection.
The message of MIT-Link protocol includes message header, message body, the message header includes: message type, protocol name, protocol version, connection flag, keep connection time, message body length, message body includes: device ID, message data.
S5, adopting a data access maintenance mechanism;
aiming at the performance requirements (including real-time data processing capability and transmission rate) of the heterogeneous network simultaneous access of the Internet of things equipment, the Internet of things informatization system adopts a load balancing strategy, a resource allocation mechanism and the like, so that the data link communication capability of the Internet of things equipment is improved, and the application requirements are met. And when the heterogeneous network is accessed simultaneously, the Internet of things equipment moves to an overlapping area covered by a plurality of networks simultaneously, and simultaneously accesses the plurality of networks according to the data link communication system equipped with the Internet of things equipment.
When a plurality of internet of things devices initiate a network access operation process at the same time, the initiated network access application generates message collision at a gateway, so that the plurality of internet of things devices cannot normally join the network, the internet of things devices adopt a monitoring mechanism and a rule engine mechanism, whether the internet of things devices adopt an active network access or passive network access mode, the internet of things devices firstly retract for a period of time randomly and monitor the busy state of the network in the network access operation process, if the current network channel is in the idle state, the internet of things devices initiate the network access operation, and if the current network channel is in the busy state, the internet of things devices wait for the next network access time slot to perform the network access operation. According to the operation, the networking process of all the Internet of things equipment is realized.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.
Claims (6)
1. The data interaction method based on the Internet of things equipment is characterized in that the method is realized by using a gateway, the Internet of things equipment and an Internet of things informatization system, wherein the Internet of things informatization system is connected with the gateway, the Internet of things equipment is connected with the gateway, and the gateway, the Internet of things equipment and the Internet of things informatization system jointly form an Internet of things network; the system comprises an Internet of things informatization system, a storage unit and a storage unit, wherein the Internet of things informatization system is used for receiving perception data acquired by various Internet of things devices, providing a unified informatization platform for acquisition, convergence, processing, fusion and mining analysis of the perception data, and providing sharing distribution service of the perception data; the internet of things equipment comprises various sensors, the gateway is used for realizing data analysis on heterogeneous network modules, so that data forwarding coordinators among the heterogeneous networks exchange information with each other through a serial port module of the gateway, the gateway reads and analyzes data uploaded by the data forwarding coordinators among the heterogeneous networks and provides the read data through the serial port module of the gateway, and the gateway stores the data uploaded by the data forwarding coordinators among the heterogeneous networks in a database of the gateway after analyzing the data uploaded by the data forwarding coordinators among the heterogeneous networks and re-encapsulates the data and converts the data into a standardized format;
The gateway also comprises an embedded software development component of the Internet of things, wherein the embedded software development component of the Internet of things is loaded in the gateway and is used for realizing the rapid input of data into the terminal of the Internet of things, and the embedded software development component of the Internet of things provides an edge computing function so as to support the random access and the plug-and-play of the gateway to the heterogeneous network environment; the embedded software development component of the Internet of things comprises a data model SDK, an encryption and decryption SDK and an edge calculation SDK, provides a standardized data transmission mode, and has the functions of data caching, data deduplication, data retransmission, data aggregation, data reporting, equipment control and standardized data format conversion; the method comprises the following specific steps:
s1, defining a data model of the Internet of things;
the method comprises the steps that after abstract modeling is conducted on entity equipment, standard digital description is conducted on sensing data of various pieces of Internet of things equipment, corresponding JSON format file data models are built for the various pieces of Internet of things equipment, and the Internet of things data models are stored in a JSON format in an Internet of things informatization system; the data model of the Internet of things defines a set of corresponding standard data parameters for each type of Internet of things equipment, wherein the standard data parameters comprise all parameters used by the type of Internet of things equipment; specifically, the internet of things informatization system utilizes the internet of things data model to abstract the functions of various internet of things devices into data parameters consisting of attributes, functions, events and extensions, wherein the data parameters are used for data interaction between the various internet of things devices and the internet of things informatization system;
The data model of the Internet of things adopts the same data model for the same type of Internet of things equipment, the same type of Internet of things equipment is defined by using the data model of the Internet of things, and the data of the same type of Internet of things equipment is standardized, so that the same type of Internet of things equipment can be automatically identified and analyzed and configured by an Internet of things informatization system after being connected to the Internet of things; the internet of things informatization system utilizes the internet of things data model to form a standardized service pool or resource pool, and utilizes the service pool or resource pool to acquire data resources or service resources of different types of internet of things equipment;
the data model of the Internet of things has abnormal data processing capability, and data which can cause misoperation of the equipment of the Internet of things are shielded, specifically, a controlled range and a boundary range are defined in the attribute of the data parameter of the data model of the Internet of things, when the trigger event information value of the equipment of the Internet of things is in the boundary range, the trigger event is marked with the generation time as a time stamp, and the trigger event information value of the equipment of the Internet of things is sent to an informatization system of the Internet of things; when the value of the triggering event information value of the Internet of things equipment is out of the boundary range, the Internet of things data model directly takes the data as dirty data, adds a shielding label to the data, and feeds back shielding label information to an Internet of things informatization system;
S2, carrying out identity authentication on the equipment of the Internet of things;
the method comprises the steps that identity authentication is conducted on the Internet of things equipment, the credibility of the Internet of things equipment accessed to the Internet of things terminal is guaranteed, and the Internet of things equipment which does not pass the identity authentication cannot be accessed to the Internet of things terminal; for all the Internet of things equipment which needs to be accessed into the Internet of things information system for information interaction, the Internet of things information system needs to register the equipment, the Internet of things information system distributes equipment ID for each Internet of things equipment which needs to be accessed into the Internet of things information system and activates the equipment, and then the equipment can perform a session with the Internet of things information system;
s3, encrypting and transmitting the data;
the method for encrypting the data sent by the Internet of things equipment or the Internet of things informatization system by adopting the hybrid encryption algorithm specifically comprises the steps that in the data transmission process, a receiver sends a public key of the receiver to a sender, the public key of the sender is used for encrypting a key of the symmetric encryption algorithm, the encrypted key of the symmetric encryption algorithm is sent to the receiver, the receiver decrypts the received key by using an own private key to obtain a key of the symmetric encryption method, the sender sends original information encrypted by using the own private key to the receiver, and the receiver decrypts the received information by using the key of the symmetric encryption algorithm;
In the information transmission process between the Internet of things equipment or the Internet of things informationized system, digital signature is carried out on the transmitted information to prove the identity of the information, signature authentication is carried out on the transmitted information by utilizing an improved asymmetric encryption algorithm, the identity of a private key owner is verified by a public key, the information is signed and sent out by an information sender through the digital signature, the signature authentication process encrypts the summary information of the transmitted information by using the private key of the sender, then the encrypted ciphertext is transmitted to a receiver of the information together with an unencrypted original text, the receiver decrypts the encrypted summary information by using the public key of the sender, then the decrypted summary information is decrypted by using the same summary information encryption method as the sender, the obtained summary information is compared with the summary information of the original transmitted information, if the obtained summary information is the same, the received information is complete, and the received information is not tampered by a third party in the transmission process; the method comprises the steps that the internet of things equipment performs registration authentication in an internet of things concept informatization system, after the internet of things informatization system performs authorization authentication, a certificate management system in the internet of things informatization system generates 2 pairs of keys, one pair of keys is used for a private key and a public key of an asymmetric encryption method, the other pair of keys is used for a symmetric encryption method, and meanwhile, a digital certificate is generated and fed back to the internet of things equipment;
S4, defining an application layer protocol;
the method comprises the steps that data interaction is carried out between the Internet of things equipment and an Internet of things informatization system through an application layer protocol, the adopted application layer protocol comprises a MQTT, COAP, HTTP protocol and an MIT-LINK protocol, and parameters of the application layer protocol MIT-LINK are redefined according to data interaction requirements; the MIT-LINK protocol is a message transmission protocol of a request/distribution mode of a client/server architecture, the MIT-Link protocol adopts a request/response model, the Internet of things equipment sends a request message to an Internet of things informatization system, the request message comprises a request type, a protocol name and a version, an Internet of things equipment identifier and request data, and the Internet of things informatization system sends a response message to the Internet of things equipment after receiving the request message, wherein the response message comprises a response type, the protocol name and the version, a reason code and response data;
s5, adopting a data access maintenance mechanism;
when a plurality of internet of things devices initiate an internet access operation process at the same time, the initiated internet access application generates message collision at a gateway, so that the plurality of internet of things devices cannot normally join the network, the internet of things devices adopt a monitoring mechanism and a rule engine mechanism, the internet of things devices firstly randomly retreat for a period of time and monitor the busy and idle states of the network in the internet of things operation process, if the current network channel is in the idle state, the internet of things devices initiate the internet access operation, and if the current network channel is in the busy state, the internet of things devices wait for the next internet access time slot to perform the internet access operation; according to the operation, the networking process of all the Internet of things equipment is realized.
2. The data interaction method based on the Internet of things equipment collection of claim 1, wherein,
the attribute in the data parameter is used for describing the running state of the Internet of things equipment; the internet of things informatization system actively transmits a message to obtain the attribute of each internet of things device, and each internet of things device reports the attribute to the internet of things informatization system through an event;
the functions in the data parameters record the capability or method of the Internet of things equipment which can be called by the outside, and the settable input parameters and output parameters of the Internet of things equipment, and are the basis of the Internet of things informatization system to execute a certain linkage task control function instruction on the Internet of things equipment;
the event in the data parameters records the event which occurs when the Internet of things equipment runs, and the event comprises notification information which needs to be perceived and processed externally and comprises a plurality of output parameters;
and the expansion in the data parameter records a device tag custom expansion field for realizing information sharing.
3. The data interaction method based on the Internet of things equipment collection of claim 1, wherein,
step S2, using the device ID as an identity tag of the Internet of things device, wherein each Internet of things device has an independent device ID; the method comprises the steps that the Internet of things equipment applies for activation to an Internet of things informatization system, and information of equipment which comprises manufacturers, production batches, production passwords and unique codes of chips is sent to the Internet of things informatization system; the information system of the Internet of things judges and generates a unique equipment ID according to the equipment information through activation; the internet of things informatization system informs that the internet of things equipment is successfully activated, and issues equipment codes, equipment keys and digital certificates to the internet of things equipment, and the internet of things equipment permanently stores the standby IDs thereof; if the Internet of things equipment is activated for multiple times, after each activation, the equipment key and the digital certificate of the Internet of things equipment are required to be changed, and the equipment ID is kept unchanged; after the Internet of things equipment is activated, every time the Internet of things equipment is connected with an Internet of things informatization system, an equipment ID (identity) is submitted, a piece of random number is encrypted by using an equipment key, and information to be sent to the Internet of things informatization system is mixed with the encrypted random number and then sent, so that interception and theft of the information are prevented;
For the interaction of the equipment with the platform, an information mechanism is required to be adopted for the identity of the equipment when reconnecting each time; carrying out identity authentication on the Internet of things equipment by adopting a trust mechanism based on behaviors, dynamically judging the credibility of the Internet of things equipment through the behavior history record of the Internet of things equipment and the current behavior characteristics of the Internet of things equipment, taking equipment ID, an Internet of things data model, digital signature information, a smart card or an encryption chip of the equipment or other identity authentication attribute information as a trust certificate, comparing the trust certificate with related information in a database containing identity authentication rule information of an Internet of things informatization system, and outputting trust evaluation through a trust management engine of the Internet of things informatization system;
the trust evaluation calculation method of the trust management engine on a certain piece of internet of things equipment comprises the following steps:
H X =α*T B -β*T M +γ*T Q +k*T t ,
wherein H is X Trust evaluation value T representing certain internet of things equipment B 、T M 、T Q 、T t Respectively representing the equipment ID of the equipment of the Internet of things, the data model of the Internet of things, the digital signature and the trust degree of the identity identification attribute information of the equipment, T B 、T M 、T Q 、T t The values of (a) are all 1 or not, and alpha, beta, gamma and k are respectively T B 、T M 、T Q 、T t The sum of the weighting parameters is 1, and when the intelligent card or the encryption chip or other identification attribute information of the internet of things equipment is not available, k=0;
T B 、T M 、T Q 、T t And (3) adopting a judgment value method or a maximum likelihood value method.
4. The data interaction method based on the Internet of things equipment collection according to claim 3, wherein,
for the judgment value method, T B Is 0 or 1, T M The judgment value of (1) is related to the number of times of deleting abnormal dirty data in unit time of the data model of the Internet of things, T Q 、T t And (3) defining the judgment value according to the judgment requirement.
5. The data interaction method based on the Internet of things equipment collection according to claim 3, wherein,
for the maximum likelihood estimation method, the maximum likelihood estimation method MLE is utilized, and when the trust probability distribution function is known and the parameters of the probability distribution are unknown, the MLE estimates unknown probability distribution parameters according to the obtained trust results, and the estimated probability distribution parameters maximize the possibility of the occurrence of the obtained trust results; the credibility of the ith Internet of things equipment is t i The probability that the ith Internet of things equipment passes identity authentication is equal to the credibility of the ith Internet of things equipment, and the verification result of the ith Internet of things equipment on the kth Internet of things equipment is x i,k The adjacent equipment of the ith Internet of things equipment is marked as n (i), and the MLE method is used for solving the trust probability distribution function p (x) i,k ,t i ,l k ) Parameters at maximum, i.e. at maximum
Solving to obtain t when the above equation is maximized i Namely, the calculation result of the trust degree of the equipment ID, the data model, the digital signature or the identity identification attribute information of the equipment of the i-th Internet of things equipment is obtained, N is the number of the physical network equipment, and l is the number of the physical network equipment k The method comprises the steps that a certain trust initial estimated value of a kth internet of things device is taken as one of a device ID, an internet of things data model, a digital signature or trust initial estimated value of identity attribute information of the device, and according to l k The initial estimate, t, of the specific confidence level taken i The result of the corresponding trust degree calculation is the result of the corresponding trust degree calculation.
6. The data interaction method based on the Internet of things equipment collection of claim 1, wherein,
the step S4 specifically comprises the steps that the equipment of the Internet of things is connected to an informatization system of the Internet of things, and a connection request message is sent; the internet of things informatization system receives the connection request, sends a response message and establishes a TCP socket connection; the method comprises the steps that the Internet of things equipment sends an operation request message, an Internet of things informatization system receives the operation request message and returns a response message, the Internet of things equipment sends a connection closing request message, and the Internet of things informatization system receives the connection closing request message and releases TCP connection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110997397.6A CN113765713B (en) | 2021-08-27 | 2021-08-27 | Data interaction method based on Internet of things equipment acquisition |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110997397.6A CN113765713B (en) | 2021-08-27 | 2021-08-27 | Data interaction method based on Internet of things equipment acquisition |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113765713A CN113765713A (en) | 2021-12-07 |
| CN113765713B true CN113765713B (en) | 2024-02-27 |
Family
ID=78791666
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110997397.6A Active CN113765713B (en) | 2021-08-27 | 2021-08-27 | Data interaction method based on Internet of things equipment acquisition |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113765713B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113746850B (en) * | 2021-09-07 | 2023-08-15 | 成都小步创想慧联科技有限公司 | Multichannel data acquisition method for Internet of things |
| CN114363377A (en) * | 2022-01-11 | 2022-04-15 | 徐工汉云技术股份有限公司 | Mechanical vehicle communication method and system |
| CN114048017B (en) * | 2022-01-13 | 2022-04-22 | 之江实验室 | Internet of things equipment cooperative linkage method and device |
| CN114430369B (en) * | 2022-01-27 | 2024-01-09 | 重庆电子工程职业学院 | Industrial Internet heterogeneous network fusion management system |
| TWI802447B (en) * | 2022-06-21 | 2023-05-11 | 桓達科技股份有限公司 | Packet encrypting and decrypting method for sensor with wireless communication |
| CN115145989B (en) * | 2022-07-04 | 2023-03-10 | 夏文祥 | Data sharing method and device based on data model of Internet of things |
| CN115150204B (en) * | 2022-09-05 | 2023-01-10 | 广州中浩控制技术有限公司 | Data transmission system |
| CN117354062B (en) * | 2023-12-04 | 2024-02-09 | 天津市品茗科技有限公司 | Management system of application platform of Internet of things |
| CN117436053B (en) * | 2023-12-20 | 2024-02-23 | 永鼎行远(南京)信息科技有限公司 | Data service bus system and data authentication transmission method |
| CN117692530A (en) * | 2024-02-02 | 2024-03-12 | 中铁四局集团有限公司 | Multi-protocol access system and method for multi-Internet of things equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103336510A (en) * | 2013-06-27 | 2013-10-02 | 山东华戎信息产业有限公司 | Comprehensive operation and maintenance management system for internet of things |
| CN106899638A (en) * | 2015-12-21 | 2017-06-27 | 中国科学院信息工程研究所 | A kind of fusions networking relationships system for solving Heterogeneous data and method |
| CN108347457A (en) * | 2017-01-25 | 2018-07-31 | 电信科学技术研究院 | A kind of communication means and communication equipment |
| CN112512024A (en) * | 2021-02-05 | 2021-03-16 | 信联科技(南京)有限公司 | 5G network-oriented Internet of things terminal security convergence access method and system |
| CN112543140A (en) * | 2020-12-03 | 2021-03-23 | 陕西拓普索尔电子科技有限责任公司 | Intelligent gateway of internet of things supporting multi-protocol conversion from wired to wireless |
| GB202105097D0 (en) * | 2021-04-09 | 2021-05-26 | Vodafone Group Services Ltd | Secure sensor data distribution |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11095538B2 (en) * | 2018-01-31 | 2021-08-17 | ImageKeeper LLC | Synchronization of data collected by internet of things (IOT) devices |
-
2021
- 2021-08-27 CN CN202110997397.6A patent/CN113765713B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103336510A (en) * | 2013-06-27 | 2013-10-02 | 山东华戎信息产业有限公司 | Comprehensive operation and maintenance management system for internet of things |
| CN106899638A (en) * | 2015-12-21 | 2017-06-27 | 中国科学院信息工程研究所 | A kind of fusions networking relationships system for solving Heterogeneous data and method |
| CN108347457A (en) * | 2017-01-25 | 2018-07-31 | 电信科学技术研究院 | A kind of communication means and communication equipment |
| CN112543140A (en) * | 2020-12-03 | 2021-03-23 | 陕西拓普索尔电子科技有限责任公司 | Intelligent gateway of internet of things supporting multi-protocol conversion from wired to wireless |
| CN112512024A (en) * | 2021-02-05 | 2021-03-16 | 信联科技(南京)有限公司 | 5G network-oriented Internet of things terminal security convergence access method and system |
| GB202105097D0 (en) * | 2021-04-09 | 2021-05-26 | Vodafone Group Services Ltd | Secure sensor data distribution |
Non-Patent Citations (2)
| Title |
|---|
| 基于Socket.IO的物联网网关实时双向通信系统;陈文艺;张霏;龙艳;;西安邮电大学学报(06);全文 * |
| 基于节点认证的物联网感知层安全性问题研究;张玉婷;严承华;魏玉人;;信息网络安全(11);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113765713A (en) | 2021-12-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113765713B (en) | Data interaction method based on Internet of things equipment acquisition | |
| Yugha et al. | A survey on technologies and security protocols: Reference for future generation IoT | |
| US20230017740A1 (en) | Electric Border Gateway Device and Method for Chaining and Storage of Sensing Data Based on the Same | |
| Seliem et al. | Towards privacy preserving iot environments: a survey | |
| Jurcut et al. | Introduction to IoT security | |
| Mendez et al. | Internet of things: Survey on security and privacy | |
| Mahmoud et al. | Internet of things (IoT) security: Current status, challenges and prospective measures | |
| Yousuf et al. | Internet of things (IoT) security: current status, challenges and countermeasures | |
| Suo et al. | Security in the internet of things: a review | |
| CN105530253B (en) | Wireless sensor network access authentication method under Restful framework based on CA certificate | |
| Ataei Nezhad et al. | An authentication-based secure data aggregation method in internet of things | |
| Aziz et al. | A lightweight and compromise‐resilient authentication scheme for IoTs | |
| CN110474921B (en) | Perception layer data fidelity method for local area Internet of things | |
| Mehmood et al. | A comprehensive literature review of data encryption techniques in cloud computing and IoT environment | |
| CN115118756A (en) | Method and device for designing safety interaction protocol in energy internet scene | |
| Sudha et al. | A review on privacy requirements and application layer security in internet of things (IoT) | |
| Bhushan | Middleware and security requirements for internet of things | |
| Chen | Security management for the internet of things | |
| Wu et al. | Internet of Things Security | |
| Ambili et al. | A secure software defined networking based framework for IoT networks | |
| Iqbal et al. | The implementation of encryption algorithms in MQTT protocol for IoT constrained devices | |
| Raja et al. | Internet of things: A research-oriented introductory | |
| Arvandy et al. | Design of secure iot platform for smart home system | |
| Belej et al. | Features of application of data transmission protocols in wireless networks of sensors | |
| Kaur et al. | Securing network communication between motes using hierarchical group key management scheme using threshold cryptography in smart home using internet of things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240131 Address after: 100091 School of military management, No. 3 academy a, hongshankou, Haidian District, Beijing Applicant after: School of Military Management National Defense University of the People's Liberation Army of China Country or region after: China Address before: 100091 School of military management, No. 3 academy a, hongshankou, Haidian District, Beijing Applicant before: Xia Wenxiang Country or region before: China |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |