CN114567425A - Internet of things communication method and system, SoC Sim and Internet of things terminal - Google Patents
Internet of things communication method and system, SoC Sim and Internet of things terminal Download PDFInfo
- Publication number
- CN114567425A CN114567425A CN202011362822.6A CN202011362822A CN114567425A CN 114567425 A CN114567425 A CN 114567425A CN 202011362822 A CN202011362822 A CN 202011362822A CN 114567425 A CN114567425 A CN 114567425A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- terminal
- server
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 53
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000004590 computer program Methods 0.000 claims description 10
- 238000010586 diagram Methods 0.000 description 19
- 230000006870 function Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 230000002457 bidirectional effect Effects 0.000 description 2
- 230000007613 environmental effect Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Abstract
The invention discloses an Internet of things communication method and system, SoC Sim and an Internet of things terminal, and relates to the field of Internet of things. The method comprises the following steps: the SoC Sim receives a first calling request of the terminal of the Internet of things, and encrypts a terminal message according to a first random secret key of the terminal of the Internet of things; receiving a second calling request of the terminal of the Internet of things, and encrypting the first random secret key by using a public key of the server of the Internet of things; receiving a third calling request of the Internet of things terminal, signing the first message digest by using a private key of the Internet of things terminal stored in the security kernel, and generating first signature information; and sending the first signature information to the Internet of things terminal so that the Internet of things terminal can send the first message packet, the first signature information and the equipment digital certificate to the Internet of things server. The SoC Sim is improved, communication between the Internet of things terminal and the Internet of things server and high-safety authentication service of the equipment can be realized through a single chip on the basis of not increasing hardware, and the equipment volume and power consumption are reduced.
Description
Technical Field
The disclosure relates to the field of internet of things, in particular to a communication method and system of the internet of things, a SoC Sim and a terminal of the internet of things.
Background
In recent years, the development of the internet of things is rapid, and the internet of things is widely applied to multiple fields of intelligent transportation, environmental protection, public safety, safe home, environmental monitoring, food traceability and the like. However, all the applications of the internet of things face two problems: communication and security.
In order to solve the above problems, the current application of the internet of things is to integrate a soft Sim (Subscriber Identity Module) and a high security authentication chip in the internet of things device, and the two chips respectively perform their own functions. However, integrating multiple chips increases the size and power consumption of the device, increases the cost of the device, and increases the complexity of the technical solution.
Disclosure of Invention
The technical problem to be solved by the present disclosure is to provide an internet of things communication method, system, SoC Sim and an internet of things terminal, which can realize communication between the internet of things terminal and an internet of things server and high security authentication service of a device through a single chip without adding hardware.
According to one aspect of the disclosure, a communication method of the internet of things is provided, which includes: the method comprises the steps that a user identity identification card SoC Sim of a safety operation center receives a first calling request of an Internet of things terminal, encrypts a terminal message according to a first random secret key of the Internet of things terminal, and sends the encrypted terminal message to the Internet of things terminal; receiving a second calling request of the terminal of the Internet of things, encrypting the first random secret key by using a public key of the server of the Internet of things, and sending the encrypted first random secret key to the terminal of the Internet of things; receiving a third call request of the terminal of the Internet of things, signing the first message digest by using a private key of the terminal of the Internet of things stored in the security kernel, and generating first signature information, wherein the first message digest comprises a digest of a first message packet consisting of encrypted terminal messages and an encrypted first random secret key; and sending the first signature information to the Internet of things terminal so that the Internet of things terminal can send the first message packet, the first signature information and the equipment digital certificate to the Internet of things server.
In some embodiments, the SoC Sim receives a request for generating a public and private key pair sent by the terminal of the internet of things, and generates a public key and a private key of the terminal of the internet of things; and storing the private key of the terminal of the Internet of things in the security kernel, and sending the public key of the terminal of the Internet of things to the terminal of the Internet of things so that the terminal of the Internet of things can register equipment.
In some embodiments, the SoC Sim receives the device digital certificate sent by the terminal of the internet of things, and stores the device digital certificate in the secure kernel.
In some embodiments, the SoC Sim receives a second message packet sent by the internet of things terminal, wherein when the internet of things server issues a message, the internet of things server generates a second random key, encrypts the server message by using the second random key, encrypts the second random key by using a public key of the internet of things terminal, and combines the encrypted second random key and the encrypted server message into the second message packet; decrypting the encrypted second random key by using a private key of the internet of things terminal stored in the secure core; and after the encrypted server message is decrypted by using the second random secret key, the decrypted server message is sent to the terminal of the Internet of things.
In some embodiments, the SoC Sim receives a digital certificate and second signature information of the internet of things server sent by the internet of things terminal, wherein the internet of things server signs the second message digest by using a private key of the internet of things server to generate second signature information; and after the validity of the digital certificate of the server of the Internet of things is verified, the validity of the second signature information is verified by using a public key in the digital certificate of the server of the Internet of things.
According to another aspect of the present disclosure, a method for communication of an internet of things is further provided, including: generating a first random key; calling an SoC Sim interface of a user identity identification card of a security operation center so that the SoC Sim encrypts a terminal message according to a first random secret key and encrypts the first random secret key by using a public key of an Internet of things server; the encrypted terminal message and the encrypted first random secret key form a first message packet, and a first message digest is generated; calling an SoC Sim interface so that the SoC Sim signs the first message digest by using a private key of the Internet of things terminal stored in the security kernel to generate first signature information; and sending the first message packet, the first signature information and the equipment digital certificate to the server of the Internet of things.
In some embodiments, a request to generate a public-private key pair is sent to the SoC Sim; receiving a public key of the Internet of things terminal generated by the SoC Sim; sending the public key and the registration authentication information of the terminal of the Internet of things to the server of the Internet of things, so that after the server of the Internet of things verifies the registration authentication information, the public key of the terminal of the Internet of things is sent to a CA server of a Certificate Authority (CA), and the CA server issues a digital certificate; and receiving a registration result and an equipment digital certificate sent by the Internet of things server, and storing the equipment digital certificate in the SoC Sim.
In some embodiments, a second message packet sent by the internet of things server is received, wherein when the internet of things server issues a message, the internet of things server generates a second random key, encrypts the server message by using the second random key, encrypts the second random key by using a public key of the internet of things terminal, and combines the encrypted second random key and the encrypted server message into the second message packet; sending the second message packet to the SoC Sim so that the SoC Sim decrypts the encrypted second random key by using a private key of the internet of things terminal stored in the secure core, and decrypts the encrypted server message by using the second random key; and receiving the decrypted server message sent by the SoC Sim.
In some embodiments, a digital certificate and second signature information of the internet of things server sent by the internet of things server are received, wherein the internet of things server signs the second message digest by using a private key of the internet of things server to generate second signature information; and after the validity of the digital certificate of the server of the Internet of things is verified, the validity of the second signature information is verified by using a public key in the digital certificate of the server of the Internet of things.
In some embodiments, a digital certificate and second signature information of the internet of things server sent by the internet of things server are received, wherein the internet of things server signs the second message digest by using a private key of the internet of things server to generate second signature information; and sending the digital certificate and the second signature information of the server of the Internet of things to the SoC Sim, so that the SoC Sim can verify the validity of the digital certificate of the server of the Internet of things and then verify the validity of the second signature information by using a public key in the digital certificate of the server of the Internet of things.
According to another aspect of the present disclosure, there is also provided an SoC Sim including: the safety certification application unit is configured to encrypt the terminal message according to a first random secret key of the terminal of the Internet of things, encrypt the first random secret key by using a public key of the server of the Internet of things, and send the encrypted terminal message and the encrypted first random secret key to the terminal of the Internet of things; signing the first message digest by using a private key of the Internet of things terminal stored in the security kernel to generate first signature information, and sending the first signature information to the Internet of things terminal, wherein the first message digest comprises a digest of a first message packet consisting of an encrypted terminal message and an encrypted first random key; and the security authentication application data unit is configured to manage a private key and a private key of the terminal of the Internet of things and a digital certificate.
According to another aspect of the present disclosure, a terminal of an internet of things is further provided, including: a parameter generating unit configured to generate a first random key, and to combine the encrypted terminal message and the encrypted first random key into a first message packet, and generate a first message digest; the system comprises an interface calling unit, a secure operation center user identity identification card SoC Sim interface, a first message digest signing unit and a second message digest signing unit, wherein the interface calling unit is configured to call the SoC Sim interface so that the SoC Sim encrypts a terminal message according to a first random key, encrypts the first random key by using a public key of an Internet of things server, and calls the SoC Sim interface so that the SoC Sim signs the first message digest by using a private key of the Internet of things terminal stored in a secure core to generate first signature information; and the information transceiving unit is configured to send the first message packet, the first signature information and the device digital certificate to the server of the internet of things.
According to another aspect of the present disclosure, a communication system of internet of things is further provided, including: the SoC Sim described above; the internet of things terminal; the Internet of things server is configured to communicate with the Internet of things terminal; and the certificate authority CA server is configured to issue the digital certificate to the terminal of the Internet of things.
According to another aspect of the present disclosure, there is also provided an electronic device, including: a memory; and a processor coupled to the memory, the processor configured to execute the internet of things communication method as described above based on instructions stored in the memory.
According to another aspect of the present disclosure, a non-transitory computer-readable storage medium is also proposed, on which computer program instructions are stored, which instructions, when executed by a processor, implement the internet of things communication method as described above.
In the embodiment of the disclosure, SoC Sim is improved, communication between the internet of things terminal and the internet of things server and high security authentication service of the device can be realized through a single chip on the basis of not increasing hardware, the size and power consumption of the device are reduced, and the device cost is reduced while the complexity of the technical scheme is reduced.
Other features of the present disclosure and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description, serve to explain the principles of the disclosure.
The present disclosure may be more clearly understood from the following detailed description, taken with reference to the accompanying drawings, in which:
fig. 1 is a flow diagram of some embodiments of an internet of things communication method of the present disclosure.
Fig. 2 is a flowchart of another embodiment of the internet of things communication method according to the present disclosure.
Fig. 3 is a flowchart illustrating another embodiment of the communication method of the internet of things according to the present disclosure.
Fig. 4 is a flowchart illustrating another embodiment of the communication method of the internet of things according to the present disclosure.
Fig. 5 is a flowchart illustrating another embodiment of the internet of things communication method according to the present disclosure.
Fig. 6 is a flowchart illustrating another embodiment of the internet of things communication method according to the present disclosure.
Fig. 7 is a schematic structural diagram of some embodiments of SoC Sim of the present disclosure.
Fig. 8 is a schematic structural diagram of some embodiments of an internet of things terminal of the present disclosure.
Fig. 9 is a schematic structural diagram of some embodiments of the internet of things communication system of the present disclosure.
Fig. 10 is a schematic structural diagram of some embodiments of an electronic device of the present disclosure.
Detailed Description
Various exemplary embodiments of the present disclosure will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, the numerical expressions, and numerical values set forth in these embodiments do not limit the scope of the present disclosure unless specifically stated otherwise.
Meanwhile, it should be understood that the sizes of the respective portions shown in the drawings are not drawn in an actual proportional relationship for the convenience of description.
The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate.
In all examples shown and discussed herein, any particular value should be construed as merely illustrative, and not limiting. Thus, other examples of the exemplary embodiments may have different values.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, further discussion thereof is not required in subsequent figures.
For the purpose of promoting a better understanding of the objects, aspects and advantages of the present disclosure, reference is made to the following detailed description taken in conjunction with the accompanying drawings.
In the traditional soft Sim technology, the Sim operates in an insecure environment, data Security cannot be guaranteed, while the SoC (Security Operating Center) Sim technology provides Security service through a special hardware Security core, and the Security level can reach EAL4 +. The SoC Sim is internally divided into a security core and an application core. The safety core is used for realizing the safe storage of the sensitive data and providing various high-safety encryption and decryption operation capabilities, and is realized by hardware. The SoC Sim application core is mainly used for running communication application and providing functions of communication authentication, online opening and the like for the Internet of things equipment through an external interface. The communication application calls the safety kernel interface to finish the storage and authentication operation of the communication data.
Besides the built-in communication application, the SoC Sim application core has enough space to support a third party to develop the application, and the data access mechanism of the security core ensures that different applications can only access the data of the application, thereby ensuring the isolation and the security of the application data. The present disclosure may enable the ability to provide high security authentication to third parties as well as communication capabilities by developing its own high security authentication applications on the SoC Sim application core.
Fig. 1 is a flow diagram of some embodiments of an internet of things communication method of the present disclosure. This embodiment is performed by SoC Sim.
In step 110, the SoC Sim receives the first call request of the terminal of the internet of things, encrypts the terminal message according to the first random key of the terminal of the internet of things, and sends the encrypted terminal message to the terminal of the internet of things.
In some embodiments, when the terminal of the internet of things needs to report a message to the server of the internet of things, a random key is generated as the transmission key. And the terminal of the Internet of things calls an SoC Sim interface, and the SoC Sim symmetrically encrypts the terminal message by using a first random key, so that the transmission safety is ensured.
In step 120, a second invocation request of the terminal of the internet of things is received, the first random key is encrypted by using the public key of the server of the internet of things, and the encrypted first random key is sent to the terminal of the internet of things.
In some embodiments, the SoC Sim asymmetrically encrypts the first random key using a public key of the internet of things server. Through an asymmetric security authentication mechanism, bidirectional authentication between the internet of things terminal and the internet of things server can be realized, and the truth and the validity of data are ensured.
In step 130, a third call request of the internet of things terminal is received, and the first message digest is signed by using a private key of the internet of things terminal stored in the secure core to generate first signature information, wherein the first message digest includes a digest of a first message packet composed of the encrypted terminal message and the encrypted first random key.
In some embodiments, the internet of things terminal composes a transmission message packet from the encrypted terminal message and the encrypted first random key, generates a message digest, and calls an SoC Sim interface, so that the SoC Sim signs the message digest to authenticate the identity of the internet of things terminal.
In step 140, the first signature information is sent to the terminal of the internet of things, so that the terminal of the internet of things sends the first message packet, the first signature information and the device digital certificate to the server of the internet of things.
In some embodiments, after receiving the device digital certificate, the internet of things server verifies the validity of the device digital certificate, then verifies the validity of the signature information by using a public key in the device digital certificate, decrypts the first random key by using a private key of the internet of things server, and decrypts the terminal message by using the first random key.
In the above embodiment, SoC Sim is improved, and communication between the internet of things terminal and the internet of things server and high-security authentication service of the device can be realized through a single chip without adding hardware, so that the size and power consumption of the device are reduced, the complexity of the technical scheme is reduced, and the device cost is reduced.
Fig. 2 is a schematic flow diagram of another embodiment of the communication method of the internet of things according to the present disclosure. This embodiment is performed by SoC Sim.
In step 210, the SoC Sim receives a request for generating a public and private key pair sent by the terminal of the internet of things, and generates a public key and a private key of the terminal of the internet of things.
In some embodiments, the internet of things terminal initiates registration, and requests the high-security authentication application to generate a public and private key pair through an SoC Sim external interface.
In step 220, the private key of the terminal of the internet of things is stored in the security kernel, and the public key of the terminal of the internet of things is sent to the terminal of the internet of things, so that the terminal of the internet of things can register the device.
In some embodiments, a high security authentication application in the SoC Sim invokes a security kernel capability to generate a public and private key pair, the private key is stored in the security kernel, and the public key is returned to the internet of things terminal. The terminal of the internet of things sends the public key and other registration authentication information to the server of the internet of things for registration, after the server of the internet of things verifies the registration authentication information, the public key is sent to a CA (Certificate Authority) server, and the CA server issues a digital Certificate to the terminal of the internet of things. And the Internet of things server returns the registration result, the certificate issued by the CA server, the CA root certificate and the Internet of things server certificate to the Internet of things terminal. And initializing other application data by the terminal of the Internet of things according to application requirements.
In some embodiments, the SoC Sim receives the device digital certificate sent by the terminal of the internet of things, and stores the device digital certificate in the secure kernel. The device digital certificate is securely stored by the SoC Sim.
In the embodiment, the terminal of the internet of things completes terminal registration by using the SoC Sim, and realizes hardware-level data isolation and brute force prevention through the independent hardware security core, so that the security of sensitive data can be ensured.
Fig. 3 is a flowchart illustrating another embodiment of the communication method of the internet of things according to the present disclosure. This embodiment is performed by a SoC Sim.
In step 310, the SoC Sim receives a second message packet sent by the internet of things terminal, wherein when the internet of things server issues a message, the SoC Sim generates a second random key, encrypts the server message by using the second random key, encrypts the second random key by using a public key of the internet of things terminal, and combines the encrypted second random key and the encrypted server message into the second message packet.
In some embodiments, the internet of things server symmetrically encrypts the server message by using the second random key through the CA server, and asymmetrically encrypts the second random key by using the public key of the terminal of the internet of things.
The internet of things server serves as a public platform, a public key and a private key of the internet of things server are usually registered in a credible CA server, and the legitimacy of a server certificate and the public key is verified through the CA server.
In step 320, the encrypted second random key is decrypted using a private key of the internet of things terminal stored in the secure core.
In step 330, after the encrypted server message is decrypted by using the second random key, the decrypted server message is sent to the terminal of the internet of things.
Therefore, the terminal of the Internet of things can obtain the message issued by the server of the Internet of things.
In other embodiments of the disclosure, the SoC Sim receives the digital certificate and the second signature information of the internet of things server sent by the internet of things terminal, verifies the validity of the digital certificate of the internet of things server, and then verifies the validity of the second signature information by using a public key in the digital certificate of the internet of things server, wherein the internet of things server signs the second message digest by using a private key of the internet of things server to generate the second signature information.
In this embodiment, the SoC Sim first verifies the validity of the digital certificate of the internet of things server and the validity of the second signature information, decrypts the encrypted second random key by using the private key of the internet of things terminal, and then decrypts the encrypted server message by using the second random key, and sends the decrypted server message to the internet of things terminal, thereby further ensuring the security of the communication between the internet of things terminal and the internet of things server.
Fig. 4 is a flowchart illustrating another embodiment of the communication method of the internet of things according to the present disclosure. The embodiment is performed by an internet of things terminal.
At step 410, a first random key is generated.
In some embodiments, when the terminal of the internet of things needs to report a message to the server of the internet of things, a random key is generated as the transmission key.
In step 420, the SoC Sim interface is called, so that the SoC Sim encrypts the terminal message according to the first random key, and encrypts the first random key by using the public key of the internet-of-things server.
In step 430, the encrypted terminal message and the encrypted first random key are combined into a first message packet, and a first message digest is generated.
In step 440, the SoC Sim interface is called, so that the SoC Sim signs the first message digest by using the private key of the internet of things terminal stored in the secure core, and generates first signature information.
In step 450, the first message packet, the first signature information and the device digital certificate are sent to the internet of things server.
In some embodiments, after receiving a message sent by the internet of things terminal, the internet of things server verifies the validity of the device digital certificate, verifies the validity of the first signature information by using a public key in the digital certificate, decrypts the first random key by using a private key of the internet of things server, and decrypts the terminal information by using the first random key.
In the above embodiment, the terminal of the internet of things utilizes the SoC Sim, and on the basis of not increasing hardware, the communication with the server of the internet of things and the high-security authentication service of the device can be realized through a single chip, so that the size and power consumption of the device are reduced, the complexity of the technical scheme is reduced, and the device cost is reduced.
Fig. 5 is a flowchart illustrating another embodiment of the internet of things communication method according to the present disclosure. The embodiment is performed by an internet of things terminal.
At step 510, a request to generate a public-private key pair is sent to the SoC Sim.
In some embodiments, when the terminal of the internet of things initiates registration, a public and private key pair is requested to be generated from the high-security authentication application through the SoC Sim external interface.
In step 520, a public key of the internet of things terminal generated by the SoC Sim is received.
In some embodiments, a high security authentication application in the SoC Sim invokes a security kernel capability to generate a public and private key pair, the private key is stored in the security kernel, and the public key is returned to the internet of things terminal.
In step 530, the public key of the terminal of the internet of things and the registration authentication information are sent to the server of the internet of things, so that after the server of the internet of things verifies the registration authentication information, the public key of the terminal of the internet of things is sent to the CA server, and the CA server issues the digital certificate.
In step 540, the registration result and the device digital certificate sent by the internet of things server are received, and the device digital certificate is stored in the SoC Sim.
In some embodiments, the internet of things server returns the registration result, the certificate issued by the CA server, the CA root certificate and the internet of things server certificate to the internet of things terminal, and the internet of things terminal sends the digital certificate returned by the platform to the SoC Sim for safe storage.
In some embodiments, the terminal of the internet of things initializes other application data according to application needs, thereby completing registration.
In the embodiment, the terminal of the internet of things completes terminal registration by using the SoC Sim, and the secure storage of the digital certificate can be ensured.
Fig. 6 is a flowchart illustrating another example of an internet of things communication method according to the present disclosure. The embodiment is performed by an internet of things terminal.
In step 610, a second message packet sent by the internet of things server is received, where the internet of things server generates a second random key when issuing a message, encrypts the server message using the second random key, encrypts the second random key using the public key of the internet of things terminal, and combines the encrypted second random key and the encrypted server message into the second message packet.
In some embodiments, the internet of things server symmetrically encrypts the server message by using the second random key through the CA server, and asymmetrically encrypts the second random key by using the public key of the terminal of the internet of things. Through an asymmetric security authentication mechanism, bidirectional authentication between the terminal of the Internet of things and the server can be realized, and the authenticity and effectiveness of data are ensured.
In some embodiments, the internet of things server signs the second message digest by using a private key of the internet of things server, and generates second signature information.
At step 620, the second message packet is sent to the SoC Sim, so that the SoC Sim decrypts the encrypted second random key by using the private key of the internet of things terminal stored in the secure core, and decrypts the encrypted server message by using the second random key.
In step 630, the decrypted server message sent by SoC Sim is received.
The terminal of the internet of things can obtain the message issued by the server of the internet of things.
In some embodiments of the disclosure, the terminal of the internet of things further receives the digital certificate and the second signature information of the server of the internet of things, which are sent by the server of the internet of things, and after the validity of the digital certificate of the server of the internet of things is verified, the validity of the second signature information is verified by using a public key in the digital certificate of the server of the internet of things. And after verifying the validity of the digital certificate of the internet-of-things server and the validity of the second signature information, the internet-of-things terminal sends the second message packet to the SoC Sim, the SoC Sim decrypts the encrypted second random key, and the encrypted server message is decrypted by using the second random key.
In other embodiments of the disclosure, the internet of things terminal further sends the digital certificate of the internet of things server and the second signature information to the SoC Sim after receiving the digital certificate of the internet of things server and the second signature information sent by the internet of things server, so that the SoC Sim verifies the validity of the digital certificate of the internet of things server and then verifies the validity of the second signature information by using a public key in the digital certificate of the internet of things server.
In the above embodiment, the verification of the digital certificate and the second signature information of the internet of things server may be performed by the internet of things terminal, or may be performed by the SoC Sim.
Fig. 7 is a schematic structural diagram of some embodiments of SoC Sim of the present disclosure. The SoC Sim includes a security authentication application unit 710 and a security authentication application data unit 720. The safety certification application unit 710 is arranged in the application core, interacts with the internet of things terminal through an external interface, and the safety certification application data unit 720 is arranged in the safety core.
The security authentication application unit 710 is configured to encrypt the terminal message according to a first random key of the internet of things terminal, encrypt the first random key using a public key of the internet of things server, and send the encrypted terminal message and the encrypted first random key to the internet of things terminal; the method comprises the steps of signing a first message digest by using a private key of an Internet of things terminal stored in a security core, generating first signature information, and sending the first signature information to the Internet of things terminal, wherein the first message digest comprises a digest of a first message packet consisting of encrypted terminal messages and an encrypted first random key.
In other embodiments of the present disclosure, the security authentication application unit 710 is further configured to receive a request for generating a public and private key pair sent by the terminal of the internet of things, and generate a public key and a private key of the terminal of the internet of things; and storing the private key of the terminal of the Internet of things in the security kernel, and sending the public key of the terminal of the Internet of things to the terminal of the Internet of things so that the terminal of the Internet of things can register equipment.
In some embodiments, the security authentication application unit 710 is further configured to receive a device digital certificate sent by the terminal of the internet of things, and store the device digital certificate in the security kernel.
In some embodiments, the security authentication application unit 710 is further configured to receive a second message packet sent by the terminal of the internet of things, where the server of the internet of things generates a second random key when issuing the message, encrypts the server message using the second random key, encrypts the second random key using a public key of the terminal of the internet of things, and combines the encrypted second random key and the encrypted server message into the second message packet; decrypting the encrypted second random key by using a private key of the internet of things terminal stored in the secure core; and after the encrypted server message is decrypted by using the second random secret key, the decrypted server message is sent to the terminal of the Internet of things.
In some embodiments, the security authentication application unit 710 is further configured to receive a digital certificate and second signature information of the internet of things server sent by the internet of things terminal, where the internet of things server signs the second message digest by using a private key of the internet of things server to generate second signature information; and after the validity of the digital certificate of the server of the Internet of things is verified, the validity of the second signature information is verified by using a public key in the digital certificate of the server of the Internet of things.
The secure authentication application data unit 720 is configured to manage private keys and private keys of the internet of things terminal and digital certificates.
In the above embodiment, the security authentication application unit 710 completes initialization management of public and private key pair generation, certificate issuance, and other sensitive data, encrypts application data reported to the internet of things server to ensure security, signs a message digest, implements authentication of the internet of things terminal, and can also verify validity of data issued by the internet of things server. The security authentication application data unit 720 can manage a plurality of pairs of public and private keys, so that the private key can only participate in the operation of signing and decrypting, and cannot issue a security kernel, and can also store a CA root certificate, a server certificate, a certificate issued to equipment by a CA, and the like. Through improving current SoC Sim, can realize communication and high security authentication between terminal and server, be favorable to reducing equipment volume and consumption, reduce technical scheme complexity, reduce the cost simultaneously.
Fig. 8 is a schematic structural diagram of some embodiments of an internet of things terminal of the present disclosure. This thing networking terminal includes: a parameter generating unit 810, an interface calling unit 820, and an information transceiving unit 830.
The key generation unit 810 is configured to generate a first random key, compose the encrypted terminal message and the encrypted first random key into a first message packet, and generate a first message digest.
The interface calling unit 820 is configured to call an SoC Sim interface, so that the SoC Sim encrypts the terminal message according to the first random key, encrypts the first random key by using a public key of the internet-of-things server, and calls the SoC Sim interface, so that the SoC Sim signs the first message digest by using a private key of the internet-of-things terminal stored in the secure kernel, thereby generating first signature information.
The information transceiving unit 830 is configured to transmit the first message packet, the first signature information, and the device digital certificate to the internet-of-things server.
In the above embodiment, the terminal of the internet of things calls the SoC Sim interface to complete terminal message encryption, random key encryption and message digest signature, and can complete support for high-security authentication of communication and equipment through a single chip.
In other embodiments of the present disclosure, the interface invoking unit 820 is further configured to send a request for generating a public-private key pair to the SoC Sim, and receive a public key of the internet of things terminal generated by the SoC Sim. The information transceiver unit 830 is further configured to send the public key of the terminal of the internet of things and the registration authentication information to the internet of things server, so that after the internet of things server verifies the registration authentication information, the public key of the terminal of the internet of things is sent to the CA server, and the CA server issues the digital certificate; and receiving a registration result and an equipment digital certificate sent by the Internet of things server, and storing the equipment digital certificate in the SoC Sim.
In the above embodiment, the terminal of the internet of things can realize registration of the terminal of the internet of things by using the improved SoC Sim.
In other embodiments of the present disclosure, the information transceiver unit 830 is further configured to receive a second message packet sent by the internet of things server, where the internet of things server generates a second random key when issuing a message, encrypts a server message using the second random key, encrypts the second random key using a public key of the terminal of the internet of things, and combines the encrypted second random key and the encrypted server message into the second message packet. The interface invoking unit 820 is further configured to send the second message packet to the SoC Sim so that the SoC Sim decrypts the encrypted second random key using a private key of the internet of things terminal stored in the secure core, and decrypts the encrypted server message using the second random key; and receiving the decrypted server message sent by the SoC Sim.
In the above embodiment, the terminal of the internet of things can obtain the message issued by the server of the internet of things by using the improved SoC Sim.
In other embodiments of the present disclosure, the information transceiver unit 830 is further configured to receive the digital certificate and the second signature information of the internet of things server sent by the internet of things server, where the internet of things server signs the second message digest by using a private key of the internet of things server to generate second signature information; and after the validity of the digital certificate of the server of the Internet of things is verified, the validity of the second signature information is verified by using a public key in the digital certificate of the server of the Internet of things.
In other embodiments of the present disclosure, the information transceiver unit 830 is further configured to receive the digital certificate and the second signature information of the internet of things server sent by the internet of things server, where the internet of things server signs the second message digest by using a private key of the internet of things server to generate the second signature information.
The interface invoking unit 820 is further configured to send the digital certificate of the internet of things server and the second signature information to the SoC Sim, so that after the SoC Sim verifies the validity of the digital certificate of the internet of things server, the validity of the second signature information is verified by using a public key in the digital certificate of the internet of things server.
In the above embodiment, the terminal of the internet of things utilizes the improved SoC Sim, so that the security authentication of the server of the internet of things can be realized.
Fig. 9 is a schematic structural diagram of some embodiments of the internet of things communication system of the present disclosure. The system comprises a SoC Sim 910, an Internet of things terminal 920, an Internet of things server 930 and a CA server 940. The SoC Sim 910 and the internet of things terminal 920 are described in detail in the above embodiments.
The internet of things server 930 is configured to communicate with the internet of things terminal 920, and can receive information sent by the internet of things terminal 920 and issue a message to the internet of things terminal 920.
The CA server 940 is configured to issue a digital certificate to the internet of things terminal.
In the above embodiment, while the SoC Sim technology is introduced as a communication solution, high-security authentication applications meeting the application needs of the internet of things are developed on the SoC Sim based on the hardware-level data security storage and operation capabilities of the SoC Sim chip, so that a whole set of efficient and low-cost internet of things application solution is provided for a third party.
The scheme disclosed by the invention can be applied to the block chain, and can be realized by only adding a corresponding module in the high-security authentication application and providing an external interface.
Fig. 10 is a schematic structural diagram of some embodiments of an electronic device of the present disclosure. The electronic device includes a memory 1010 and a processor 1020. Wherein: the memory 1010 may be a magnetic disk, flash memory, or any other non-volatile storage medium. The memory is used to store instructions in the embodiments corresponding to fig. 1-6. The processor 1020, coupled to the memory 1010, may be implemented as one or more integrated circuits, such as a microprocessor or microcontroller. The processor 1020 is configured to execute instructions stored in a memory.
In some embodiments, processor 1020 is coupled to memory 1010 through a BUS BUS 1030. The electronic device 1000 may also be coupled to an external storage system 1050 via a storage interface 1040 for retrieving external data, and may also be coupled to a network or another computer system (not shown) via a network interface 1060. And will not be described in detail herein.
In the embodiment, the data instructions are stored in the memory, and then the instructions are processed by the processor, so that the volume and the power consumption of the equipment can be reduced, and the cost of the equipment can be reduced.
In other embodiments, a computer-readable storage medium has stored thereon computer program instructions which, when executed by a processor, implement the steps of the method in the embodiments corresponding to fig. 1-6. As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, apparatus, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Thus far, the present disclosure has been described in detail. Some details that are well known in the art have not been described in order to avoid obscuring the concepts of the present disclosure. It will be fully apparent to those skilled in the art from the foregoing description how to practice the presently disclosed embodiments.
Although some specific embodiments of the present disclosure have been described in detail by way of example, it should be understood by those skilled in the art that the foregoing examples are for purposes of illustration only and are not intended to limit the scope of the present disclosure. It will be appreciated by those skilled in the art that modifications may be made to the above embodiments without departing from the scope and spirit of the present disclosure. The scope of the present disclosure is defined by the appended claims.
Claims (15)
1. An Internet of things communication method comprises the following steps:
the method comprises the steps that a user identity identification card SoC Sim of a safety operation center receives a first calling request of an Internet of things terminal, encrypts a terminal message according to a first random secret key of the Internet of things terminal, and sends the encrypted terminal message to the Internet of things terminal;
receiving a second calling request of the terminal of the Internet of things, encrypting the first random secret key by using a public key of a server of the Internet of things, and sending the encrypted first random secret key to the terminal of the Internet of things;
receiving a third call request of the terminal of the Internet of things, signing a first message digest by using a private key of the terminal of the Internet of things stored in a security kernel, and generating first signature information, wherein the first message digest comprises a digest of a first message packet consisting of an encrypted terminal message and an encrypted first random key; and
and sending the first signature information to the Internet of things terminal so that the Internet of things terminal can send the first message packet, the first signature information and the equipment digital certificate to the Internet of things server.
2. The internet of things communication method of claim 1, comprising:
the SoC Sim receives a request for generating a public and private key pair sent by the terminal of the Internet of things, and generates a public key and a private key of the terminal of the Internet of things; and
and storing the private key of the Internet of things terminal in a security kernel, and sending the public key of the Internet of things terminal to the Internet of things terminal so that the Internet of things terminal can register equipment.
3. The internet of things communication method of claim 2, further comprising:
and the SoC Sim receives the equipment digital certificate sent by the terminal of the Internet of things and stores the equipment digital certificate in a security core.
4. The internet of things communication method of any one of claims 1 to 3, further comprising:
the SoC Sim receives a second message packet sent by the Internet of things terminal, wherein when the Internet of things server issues a message, a second random secret key is generated, the server message is encrypted by using the second random secret key, the second random secret key is encrypted by using a public key of the Internet of things terminal, and the encrypted second random secret key and the encrypted server message form the second message packet;
decrypting the encrypted second random key by using a private key of the internet of things terminal stored in a secure kernel; and
and after the encrypted server message is decrypted by using the second random secret key, the decrypted server message is sent to the terminal of the Internet of things.
5. The internet of things communication method of any one of claims 1 to 3, further comprising:
the SoC Sim receives a digital certificate and second signature information of the Internet of things server sent by the Internet of things terminal, wherein the Internet of things server signs the second message digest by using a private key of the Internet of things server to generate second signature information; and
and after the validity of the digital certificate of the server of the Internet of things is verified, the validity of the second signature information is verified by using a public key in the digital certificate of the server of the Internet of things.
6. An Internet of things communication method comprises the following steps:
generating a first random key;
calling an SoC Sim interface of a user identity identification card of a secure operation center so that the SoC Sim encrypts a terminal message according to the first random secret key, and encrypting the first random secret key by using a public key of an Internet of things server;
the encrypted terminal message and the encrypted first random secret key form a first message packet, and a first message digest is generated;
calling the SoC Sim interface so that the SoC Sim signs the first message digest by using a private key of the Internet of things terminal stored in a security core to generate first signature information; and
and sending the first message packet, the first signature information and the equipment digital certificate to the Internet of things server.
7. The internet of things communication method of claim 6, further comprising:
sending a request for generating a public and private key pair to the SoC Sim;
receiving a public key of the Internet of things terminal generated by the SoC Sim;
sending the public key and the registration authentication information of the terminal of the Internet of things to an Internet of things server so that the public key of the terminal of the Internet of things is sent to a Certificate Authority (CA) server after the Internet of things server verifies the registration authentication information, and the CA server issues a digital certificate; and
and receiving a registration result and an equipment digital certificate sent by the Internet of things server, and storing the equipment digital certificate in the SoC Sim.
8. The internet of things communication method of claim 6 or 7, further comprising:
receiving a second message packet sent by the server of the internet of things, wherein the server of the internet of things generates a second random secret key when sending messages, encrypts the server messages by using the second random secret key, encrypts the second random secret key by using a public key of a terminal of the internet of things, and combines the encrypted second random secret key and the encrypted server messages into the second message packet;
sending the second message packet to the SoC Sim, so that the SoC Sim decrypts the encrypted second random key by using a private key of the internet of things terminal stored in a secure core, and decrypts an encrypted server message by using the second random key; and
and receiving the decrypted server message sent by the SoC Sim.
9. The internet of things communication method of claim 6 or 7, further comprising:
receiving a digital certificate and second signature information of the internet of things server sent by the internet of things server, wherein the internet of things server signs the second message digest by using a private key of the internet of things server to generate second signature information; and
and after the validity of the digital certificate of the server of the Internet of things is verified, the validity of the second signature information is verified by using a public key in the digital certificate of the server of the Internet of things.
10. The internet of things communication method of claim 6 or 7, further comprising:
receiving a digital certificate and second signature information of the internet of things server sent by the internet of things server, wherein the internet of things server signs the second message digest by using a private key of the internet of things server to generate second signature information; and
and sending the digital certificate and the second signature information of the server of the Internet of things to the SoC Sim, so that the SoC Sim verifies the validity of the digital certificate of the server of the Internet of things and then verifies the validity of the second signature information by using a public key in the digital certificate of the server of the Internet of things.
11. An SoC Sim, comprising:
the security authentication application unit is configured to encrypt a terminal message according to a first random key of the terminal of the internet of things, encrypt the first random key by using a public key of the server of the internet of things, and send the encrypted terminal message and the encrypted first random key to the terminal of the internet of things; signing a first message digest by using a private key of an internet of things terminal stored in a security core to generate first signature information, and sending the first signature information to the internet of things terminal, wherein the first message digest comprises a digest of a first message packet consisting of an encrypted terminal message and an encrypted first random key; and
and the security authentication application data unit is configured to manage a private key and a private key of the terminal of the Internet of things and a digital certificate.
12. An internet of things terminal, comprising:
a parameter generating unit configured to generate a first random key, and to combine the encrypted terminal message and the encrypted first random key into a first message packet, and generate a first message digest;
the interface calling unit is configured to call a secure operation center user identity identification card SoC Sim interface so that the SoC Sim encrypts a terminal message according to the first random key, encrypts the first random key by using a public key of an Internet of things server, and calls the SoC Sim interface so that the SoC Sim signs the first message digest by using a private key of the Internet of things terminal stored in a secure kernel to generate first signature information; and
an information transceiving unit configured to send the first message packet, the first signature information, and a device digital certificate to the internet of things server.
13. An internet of things communication system, comprising:
the SoC Sim of claim 11;
the internet of things terminal of claim 12;
an Internet of things server configured to communicate with the Internet of things terminal; and
and the certificate authority CA server is configured to issue a digital certificate to the terminal of the Internet of things.
14. An electronic device, comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the internet of things communication method of any of claims 1-10 based on instructions stored in the memory.
15. A non-transitory computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement the internet of things communication method of any one of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011362822.6A CN114567425B (en) | 2020-11-27 | 2020-11-27 | Internet of things communication method and system, soC Sim and Internet of things terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011362822.6A CN114567425B (en) | 2020-11-27 | 2020-11-27 | Internet of things communication method and system, soC Sim and Internet of things terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114567425A true CN114567425A (en) | 2022-05-31 |
| CN114567425B CN114567425B (en) | 2024-02-02 |
Family
ID=81712591
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011362822.6A Active CN114567425B (en) | 2020-11-27 | 2020-11-27 | Internet of things communication method and system, soC Sim and Internet of things terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114567425B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103067402A (en) * | 2013-01-10 | 2013-04-24 | 天地融科技股份有限公司 | Method and system for digital certificate generation |
| CN103812871A (en) * | 2014-02-24 | 2014-05-21 | 北京明朝万达科技有限公司 | Development method and system based on mobile terminal application program security application |
| CN105095696A (en) * | 2015-06-25 | 2015-11-25 | 三星电子(中国)研发中心 | Method, system and apparatus for carrying out safety authentication on application programs |
| US20170244562A1 (en) * | 2014-11-06 | 2017-08-24 | Huawei Technologies Co., Ltd. | Security information configuration method, security verification method, and related chip |
| CN107743067A (en) * | 2017-11-30 | 2018-02-27 | 美的智慧家居科技有限公司 | Awarding method, system, terminal and the storage medium of digital certificate |
-
2020
- 2020-11-27 CN CN202011362822.6A patent/CN114567425B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103067402A (en) * | 2013-01-10 | 2013-04-24 | 天地融科技股份有限公司 | Method and system for digital certificate generation |
| CN103812871A (en) * | 2014-02-24 | 2014-05-21 | 北京明朝万达科技有限公司 | Development method and system based on mobile terminal application program security application |
| US20170244562A1 (en) * | 2014-11-06 | 2017-08-24 | Huawei Technologies Co., Ltd. | Security information configuration method, security verification method, and related chip |
| CN105095696A (en) * | 2015-06-25 | 2015-11-25 | 三星电子(中国)研发中心 | Method, system and apparatus for carrying out safety authentication on application programs |
| CN107743067A (en) * | 2017-11-30 | 2018-02-27 | 美的智慧家居科技有限公司 | Awarding method, system, terminal and the storage medium of digital certificate |
Non-Patent Citations (1)
| Title |
|---|
| 曾晓洋, 吴敏, 韩军, 吴永一, 林一帆, 陈俊, 闵昊, 章倩苓: "信息安全芯片SoC平台及其应用", 信息安全与通信保密, no. 07 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114567425B (en) | 2024-02-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1708942B (en) | Secure implementation and utilization of device-specific security data | |
| CA2692326C (en) | Authenticated communication between security devices | |
| US20170195121A1 (en) | Token binding using trust module protected keys | |
| CN108566381A (en) | A kind of security upgrading method, device, server, equipment and medium | |
| KR102469979B1 (en) | Method for mutually symmetric authentication between a first application and a second application | |
| EP2095288B1 (en) | Method for the secure storing of program state data in an electronic device | |
| US20100150351A1 (en) | Method of Delivering Direct Proof Private Keys to Devices Using an On-Line Service | |
| Seo et al. | A security framework for a drone delivery service | |
| US7693286B2 (en) | Method of delivering direct proof private keys in signed groups to devices using a distribution CD | |
| CN104094267A (en) | Method, device, and system for securely sharing media content from a source device | |
| CN109800588B (en) | Dynamic bar code encryption method and device and dynamic bar code decryption method and device | |
| CN112351037B (en) | Information processing method and device for secure communication | |
| CN113067823B (en) | Mail user identity authentication and key distribution method, system, device and medium | |
| WO2006025952A2 (en) | Method of delivering direct proof private keys to devices using a distribution cd | |
| JP2020530726A (en) | NFC tag authentication to remote servers with applications that protect supply chain asset management | |
| CN108964922A (en) | mobile terminal token activation method, terminal device and server | |
| CN109936456B (en) | Anti-quantum computation digital signature method and system based on private key pool | |
| CN109951274B (en) | Anti-quantum computing point-to-point message transmission method and system based on private key pool | |
| CN107483191A (en) | A kind of SM2 algorithm secret keys segmentation signature system and method | |
| JP2016523060A (en) | Method and system for backing up private key of electronic signature token | |
| CN109905229B (en) | Anti-quantum computing Elgamal encryption and decryption method and system based on group asymmetric key pool | |
| CN114553590A (en) | Data transmission method and related equipment | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| CN113726733B (en) | Encryption intelligent contract privacy protection method based on trusted execution environment | |
| CN110716724A (en) | Method and device for realizing privacy block chain based on FPGA |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |