CN115189881B - Internet of things data access and processing system and method based on edge calculation - Google Patents
Internet of things data access and processing system and method based on edge calculation Download PDFInfo
- Publication number
- CN115189881B CN115189881B CN202211087398.8A CN202211087398A CN115189881B CN 115189881 B CN115189881 B CN 115189881B CN 202211087398 A CN202211087398 A CN 202211087398A CN 115189881 B CN115189881 B CN 115189881B
- Authority
- CN
- China
- Prior art keywords
- rsa
- edge computing
- configuration file
- private key
- public key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
Abstract
The invention relates to the technical field of Internet of things edge computing, and particularly discloses an Internet of things data access and processing system and method based on edge computing. The invention realizes the configuration of the resources of the edge computing base station by sending the configuration file to the edge computing base station through the server, and simultaneously can generate a new configuration file according to the configuration file modification instruction of the operation terminal to realize the reconfiguration of the resources of the edge computing base station, thereby ensuring the maximum utilization of the resources of the edge computing base station, avoiding equipment updating by workers running on site and reducing the system operation cost.
Description
Technical Field
The invention relates to the technical field of Internet of things edge computing, in particular to an Internet of things data access and processing system and method based on edge computing.
Background
The Internet of things is wide in application and extends to the fields of intelligent transportation, environment protection, government work, public safety, safe home, intelligent fire fighting, industrial monitoring, environment monitoring, old people nursing, personal health, flower cultivation, water system monitoring, food tracing, information collection and the like. With the development of various industries, the number of intelligent devices in the internet of things is also rapidly increased, and the data processing requirements of many scenes cannot be met only by a cloud computing mode, so that edge computing is gradually and widely applied. The wired/wireless connection between the edge device and the intelligent device is established, so that the real-time response of the service of the internet of things is realized, the edge device preprocesses a large amount of data generated by the field device, for example, the data directly processed by the cloud end is uploaded to a server, and the data capable of being processed locally is processed locally by the edge device.
However, the internet of things devices are complex and various, the field environment of the devices is also complex and variable, the number of edge devices is large, the positions of the edge devices are scattered, the edge computing devices in the existing market basically only can support a preset communication protocol, newly-set intelligent hardware cannot be added in the later period, and therefore the edge computing devices need to be updated by workers running on the field, and a large amount of workload and economic loss are caused.
Therefore, there is a need to find a new solution to solve the above problems.
Disclosure of Invention
Aiming at the technical problems in the prior art, the invention provides an Internet of things data access and processing system and method based on edge calculation.
The invention discloses an Internet of things data access and processing system based on edge computing.
The server comprises a storage module, a communication module, a safety verification module, a data processing module and a configuration file generation module; the storage module stores the equipment ID of the intelligent hardware and stores a preset RSA secret key library, wherein the RSA secret key library comprises m groups of public keys and private keys; the communication module is used for receiving the encrypted information uploaded by the intelligent hardware; the security verification module matches a corresponding private key according to a preset private key selection strategy and decrypts the encrypted information to obtain detection data of a plaintext; the data processing module is used for analyzing and processing the detection data;
the edge computing base station prestores an RSA private key library, and the RSA private key library consists of private keys in an RSA private key library; the edge computing base station is used for uploading the encrypted information of the intelligent hardware to the server, or selecting a strategy to match a corresponding private key according to a preset private key, and decrypting the encrypted information to obtain the detection data of a plaintext; analyzing and processing the detection data;
the intelligent hardware is prestored with an RSA public key library which consists of public keys in an RSA secret key library; the intelligent hardware is used for generating detection data, selecting a corresponding public key in an RSA public key base according to the equipment ID and a preset public key selection strategy, and encrypting the detection data through the public key to obtain encrypted information;
in the server, the storage module is also used for storing the configuration file; the communication module is also used for issuing a configuration file to the edge computing base station and acquiring a configuration file modification instruction generated by the operation terminal; the configuration file generation module generates a new configuration file according to the configuration file modification instruction; the communication module is also used for sending the new configuration file to the corresponding edge computing base station; the operation terminal is used for generating a configuration file modification instruction; the edge computing base station is also used for receiving and operating the configuration file;
the private key selection strategy and the public key selection strategy comprise:
acquiring an equipment ID;
selecting bytes to be operated from the equipment ID, and converting the bytes to be operated into decimal values to be operated;
judging the value to be calculatedIf the number is even, then the new value to be calculated is set=2; if the number is odd, the new value to be calculated is ordered=3*+1;
Judging the value to be calculatedIf it is an even number, then the new value to be calculated is ordered=2; if the number is odd, the new value to be calculated is ordered=3*+1;
selecting from RSA key libraryA private key; or choose from RSA private key libraryA private key; or from RSA public key libraryA public key.
Further, the server further comprises a login authentication module, wherein:
the storage module stores a preset special identification code;
the communication module is used for acquiring a login request sent by the intelligent hardware; the login request comprises a pre-allocated special identification code and an equipment ID;
the login verification module verifies the login request, if the special identification code and the equipment ID in the login request are matched with the special identification code and the equipment ID stored in the storage module, the login request passes the verification, and a verification passing notice is generated;
and the communication module sends a verification passing notice to the intelligent hardware.
Further, the bytes to be operated are 3 bytes selected from the equipment ID according to a preset byte selection strategy; the byte selection strategy is as follows:
judging the length of the equipment ID, if the length of the equipment ID is greater than a set value, reducing the length of the equipment ID through self XOR operation, and if the length of the equipment ID is less than or equal to the set value, selecting bytes;
the byte selection comprises the following steps: setting a start bit in the device ID to select three consecutive bytes, or selecting three bytes in the device ID at least at two non-consecutive positions.
Furthermore, in the server, after the communication module issues the configuration file to the edge computing base station, the configuration reply of the edge computing base station is also received.
Further, the communication module issues the configuration file to the edge computing base stations, including the communication module individually issuing the configuration file to each edge computing base station, and/or the communication module issuing the configuration file to a plurality of edge computing base stations in a unified manner.
Further, the configuration file includes a network channel, network settings, a packet name, a packet type, a callback function, a reply level, reply data, real-time reply time, a report level, and status update information.
Further, the state update information includes information generated when the following states are passed: scanning to a new device, being connected by the new device, receiving new data, receiving a command confirmation reply, receiving a disconnection, receiving a timeout event.
The invention also provides an Internet of things data access and processing method based on edge calculation, which comprises the following steps:
the server prestores the equipment ID of the intelligent hardware and a preset RSA secret key library; the RSA secret key library comprises m groups of public keys and private keys;
receiving encryption information of intelligent hardware; the encryption information is obtained by generating detection data for the intelligent hardware, selecting a corresponding public key in an RSA public key base according to the equipment ID and a preset public key selection strategy, and encrypting the detection data through the public key; the RSA public key base consists of public keys in the RSA secret key base, and the RSA public key base is prestored in the intelligent hardware;
matching a corresponding private key according to a preset private key selection strategy, and decrypting the encrypted information to obtain plaintext detection data;
analyzing and processing the detection data;
and issuing a configuration file to the edge computing base station; the server stores a configuration file;
receiving a configuration file modification instruction of an operation terminal, and generating a new configuration file according to the configuration file modification instruction;
issuing the new configuration file to the corresponding edge computing base station;
the private key selection strategy and the public key selection strategy comprise:
acquiring an equipment ID;
selecting bytes to be operated from the device ID, and converting the bytes to be operated into decimal values to be operated;
Judging whether the value to be calculated is an even number, if so, ordering a new value to be calculated=2; if the number is odd, the new value to be calculated is ordered=3*+1;
Judging the value to be calculatedIf it is an even number, then the new value to be calculated is ordered=2; if the number is odd, the new value to be calculated is ordered=3*+1;
Selecting from RSA key libraryA private key; or from RSA private key libraryA private key; or from RSA public key bankA public key.
Further, the method further comprises:
a server acquires a login request of intelligent hardware; the login request comprises a pre-allocated special identification code and a device ID; the server stores a preset special identification code;
verifying the login request, if the special identification code and the equipment ID in the login request are matched with the special identification code and the equipment ID stored in the server, the verification is passed, and a verification passing notice is generated;
and issuing the verification passing notification to the intelligent hardware.
The invention also provides an Internet of things data access and processing method based on edge calculation, which comprises the following steps:
the edge computing base station receives and runs a new configuration file; the new configuration file is generated by the server according to the configuration file modification instruction of the operation terminal and the originally stored configuration file;
the edge computing base station prestores the equipment ID of the intelligent hardware and an RSA private key library; the RSA private key library consists of private keys in an RSA private key library, the RSA private key library is prestored in the server, and the RSA private key library comprises m groups of public keys and private keys;
the edge computing base station receives the encryption information of the intelligent hardware; the encryption information is obtained by generating detection data for the intelligent hardware, selecting a corresponding public key in an RSA public key library according to the equipment ID and a preset public key selection strategy of the intelligent hardware, and encrypting the detection data through the public key; the RSA public key library consists of public keys in the RSA private key library, and the RSA public key library is prestored in the intelligent hardware;
the edge computing base station uploads the encrypted information to a server; and/or the edge computing base station selects a strategy to match a corresponding private key according to a preset private key, decrypts the encrypted information to obtain detection data of a plaintext, and analyzes and processes the detection data;
the private key selection strategy and the public key selection strategy comprise:
acquiring an equipment ID;
selecting bytes to be operated from the device ID, and converting the bytes to be operated into decimal values to be operated;
Judging the value to be calculatedIf the number is even, the new value to be calculated is made to be = if the number is even2; if the number is odd, the new value to be calculated is set=3*+1;
Judging the value to be calculatedIf the number is an even number, then the new value to be calculated is made to be =2; if the number is odd, the new value to be calculated is set=3*+1;
from the RSA key libraryA private key; or from RSA private key libraryA private key; or from RSA public key libraryA public key.
The invention relates to an Internet of things data access and processing system and method based on edge computing, which realize the configuration of the resources of an edge computing base station by issuing a configuration file to the edge computing base station through a server, and simultaneously generate a new configuration file according to a configuration file modification instruction of an operation terminal to realize the reconfiguration of the resources of the edge computing base station, thereby ensuring the maximum utilization of the resources of the edge computing base station, avoiding equipment updating by workers running on site, reducing the running cost of the system.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a structural composition diagram of an internet of things data access and processing system based on edge computing according to an embodiment of the present invention;
fig. 2 is a flowchart of steps of a private key selection policy and a public key selection policy in an internet of things data access and processing system based on edge computing according to an embodiment of the present invention;
fig. 3 is a flowchart (one) of steps of a method for accessing and processing data of the internet of things based on edge computing according to an embodiment of the present invention;
fig. 4 is a flowchart (ii) of steps of a data access and processing method of the internet of things based on edge computing according to an embodiment of the present invention;
fig. 5 is a flowchart (iii) illustrating steps of a data access and processing method for the internet of things based on edge computing according to an embodiment of the present invention;
fig. 6 is a flowchart (iv) illustrating steps of a data access and processing method for the internet of things based on edge computing according to an embodiment of the present invention;
FIG. 7 is a matlab verification diagram according to an embodiment of the present invention;
wherein: 10-server, 101-storage module, 102-communication module, 103-security verification module, 104-data processing module, 105-configuration file generation module, 106-login verification module, 20-edge computing base station, 30-intelligent hardware and 40-operation terminal.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is to be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, the system for accessing and processing data of the internet of things based on edge computing in the embodiment of the present invention includes a server 10, a plurality of edge computing base stations 20, an operation terminal 40, and an intelligent hardware 30, where the intelligent hardware 30, the edge computing base stations 20, and the server 10 are sequentially in communication connection, and the operation terminal 40 is in communication connection with the server 10. The server 10 includes a storage module 101, a communication module 102, a security verification module 103, a data processing module 104, and a configuration file generation module 105, where the storage module 101 is connected to the communication module 102, the security verification module 103, the data processing module 104, and the configuration file generation module 105, and the communication module 102 is connected to the security verification module 103 and the configuration file generation module 105.
In the server 10, the storage module 101 stores the device ID of the intelligent hardware 30 and stores a preset RSA key library, where the RSA key library includes m sets of public and private keys; the communication module 102 is configured to receive encrypted information uploaded by the intelligent hardware 30; the security verification module 103 matches the corresponding private key according to a preset private key selection strategy, and decrypts the encrypted information to obtain plaintext detection data; the data processing module 104 is used for analyzing and processing the detection data. The edge computing base station 20 prestores an RSA private key library, which is composed of private keys in an RSA private key library; the edge computing base station 20 is configured to upload the encrypted information of the intelligent hardware 30 to the server 10, or select a policy to match a corresponding private key according to a preset private key, and decrypt encrypted information detection data; analyzing and processing the detection data; the intelligent hardware 30 prestores an RSA public key library, which is composed of public keys in an RSA private key library; the intelligent hardware 30 is configured to generate the detection data, select a corresponding public key in the RSA public key library according to the device ID and a preset public key selection policy, and encrypt the detection data through the public key to obtain encrypted information.
On the other hand, in the server 10, the storage module 101 is also used for storing configuration files; the communication module 102 is further configured to issue a configuration file to the edge computing base station 20 and obtain a configuration file modification instruction generated by the operation terminal 40; the configuration file generation module 105 generates a new configuration file according to the configuration file modification instruction; the communication module 102 is further configured to issue the new configuration file to the corresponding edge computing base station 20; the operation terminal 40 is used for generating a configuration file modification instruction; the edge computing base station 20 is also arranged to receive and run the configuration file. In order to obtain the result of issuing the configuration file, after the communication module 102 in the server 10 issues the configuration file to the edge computing base station 20, if the edge computing base station 20 receives the configuration file, the edge computing base station 20 replies to the server 10, so the communication module 102 also receives the configuration reply of the edge computing base station 20.
It should be noted that, in the embodiment of the present invention, when the communication module 102 issues the configuration file to the edge computing base station 20, the communication module 102 may issue the configuration file to each edge computing base station 20 separately, or the communication module 102 may issue the configuration file to a plurality of edge computing base stations 20 in a unified manner. The configuration file comprises a network channel NETCH, a network setting NETSET, a data packet name Pack _ name, a data packet type, a Callback function Callback, a reply level Ret _ cls, reply data Back _ data, a real-time reply time Back _ time, a report level updat _ cls and state update information. The network channel NETCH comprises a wired WAN/LAN, a wired RS485, wifi, bluetooth, 2.4G, loRa and the like, and when one edge computing base station 20 is provided with a plurality of intelligent hardware of the same type, the intelligent hardware needs to be named in a distinguishing way, such as wifi0 and wifi1; the network setting NETSET can comprise a master/slave MODE MODE, a maximum connection number CON _ NUM, a maximum allowable bandwidth MAX _ BW and the like; the data packet name Pack _ name is used for looking up related parameter settings, and the number of packet names can be multiple; the data packet type comprises parameters Pack _ para/data Pack _ data/check Pack _ chk and the like; the reply level Ret _ cls comprises that Ret _ even is replied for each time/Ret _ N is replied for N times/Ret _ none is not replied and the like; the reply data Back _ data comprises fixed data Back _ fix/variable data Back _ var/wait server data reply Back _ ser and the like; the real-time reply time back _ time is 100ms/5s/24h and the like; reporting level updat _ cls, such as reporting up _ ever/N times of packed up _ N/no need to report up _ none, etc. The state update information includes information generated when the following state is passed: scan for new device, connected by new device, receive new data, receive command acknowledgement reply, receive disconnect, receive timeout event, etc.
In the embodiment of the present invention, the operation terminal 40 may also check the detection data under the authority of the operation terminal, in addition to modifying the configuration file.
In this embodiment, the server 10 sends the configuration file to the edge computing base station 20, the resources of the edge computing base station 20 are configured, and when the intelligent hardware 30 is newly added, only the operation terminal 40 needs to generate a configuration file modification instruction, and the configuration file generation module 105 in the server 10 generates a new configuration file correspondingly, and then the new configuration file is issued to the corresponding edge computing base station 20 by the communication module 102, so that the resources of the edge computing base station 20 can be reconfigured, the resources of the edge computing base station 20 are maximally utilized, and equipment update by workers during running on the spot is not needed, thereby reducing the system operation cost; on the basis of remote resource configuration of the edge computing base station 20, it is necessary to ensure security of information transmission, so the intelligent hardware 30 in this embodiment encrypts the detection data, and the edge computing base station 20 and the server 10 decrypt and then process the detection data. The encryption is based on the RSA private key library pre-stored in the server 10, the RSA public key library pre-stored in the smart hardware 30, and the RSA private key library pre-stored in the edge computing base station 20. The intelligent hardware 30 selects the public key used for encryption in the RSA public key library through a public key selection policy, and the edge computing base station 20 and the server 10 select the private key corresponding to the intelligent hardware 30 uploaded with the encrypted information according to the private key selection policy, thereby implementing encryption of the detection data and decryption of the encrypted information.
Specifically, as shown in fig. 2, the private key selection policy and the public key selection policy in the embodiment of the present invention include:
step S01: the device ID is acquired.
The intelligent hardware 30 can obtain its own device ID when encrypting the detection data, and the edge computing base station 20 and the server 10 can obtain the link information for transmitting the encrypted information when decrypting the encrypted information, and can also know the device ID of the intelligent hardware 30 corresponding to the encrypted information.
Step S02: selecting bytes to be operated from the ID of the equipment and converting the bytes to be operated into decimal values to be operated。
In the step, the bytes to be operated are 3 bytes selected from the equipment ID according to a preset byte selection strategy; the byte selection strategy is as follows: judging the length of the equipment ID, if the length of the equipment ID is greater than a set value, reducing the length of the equipment ID through self XOR operation, and if the length of the equipment ID is less than or equal to the set value, selecting bytes; the byte selection comprises the following steps: setting a start bit in the device ID to select three consecutive bytes, or selecting three bytes in the device ID at least at two non-consecutive positions.
Step S03: judging the value to be calculatedIf the number is an even number, executing step S04; if the number is odd, executing step S05;
Obtaining a new value to be calculated by step S04 or step S05Then, the value to be calculated is used to make another judgment and operation, i.e. the value to be calculated is judgedIf the number is even, then the new value to be calculated is set=2; if the number is odd, the new value to be calculated is ordered=3*+1。
determined by the above methodAfter the value of (3), the server 10 selects the second from the RSA key libraryA private key; the edge computing base station selects the second from the RSA private key libraryA private key; the intelligent hardware selects from the RSA public key libraryA public key.
In this embodiment, taking three bytes as an example, the matlab verifies the feasibility of the above calculation, and at most 704 times reach 1, the corresponding decimal number is 15733191, the simulation diagram is shown in fig. 7, and the codes are as follows:
b=zeros(1,65536*256);
for i=1:65536*256
tp=i;
cnt=0;
while tp~=1
cnt=cnt+1;
if mod(tp,2)==0
tp=tp/2;
else
tp=tp*3+1;
end
end
b(i)=cnt;
end
plot(b)
specifically, as shown in fig. 1, the server 10 according to the embodiment of the present invention further includes a login verification module 106, where: the storage module 101 stores a preset special identification code; the communication module 102 is configured to obtain a login request sent by the intelligent hardware 30; the login request comprises a pre-allocated special identification code and an equipment ID; the login verification module 106 verifies the login request, if the specific identification code and the device ID in the login request are matched with the specific identification code and the device ID stored in the storage module 101, the login request is verified, and a verification passing notification is generated; the communication module 102 sends a verification pass notification to the smart hardware 30.
The leading manufacturer can grant a special identification code for the cooperation manufacturer, the special identification code is directly used by authorized manufacturers, all the special identification codes are stored in the storage module 101 in the server 10, and the distributed special identification codes are stored in the intelligent hardware 30. The login authentication module 106 authenticates the login request sent by the intelligent hardware 30, and if the specific identification code and the device ID in the login request are consistent with the specific identification code and the device ID stored in the storage module 101, it indicates that the intelligent hardware 30 is authorized, and the authentication is passed, and if the specific identification code and the device ID are not consistent, the authentication is not passed. In this embodiment, the smart hardware 30 can successfully send the encrypted information to the server 10 only if the authentication is passed.
The invention also provides an internet of things data access and processing method based on edge computing, wherein an execution main body of the method is a server, and as shown in fig. 3, the method comprises the following steps:
step S101: the device ID of the intelligent hardware and a preset RSA secret key library are prestored.
The RSA key library includes m sets of public and private keys.
Step S102: and receiving the encryption information of the intelligent hardware.
The encryption information is obtained by generating detection data for the intelligent hardware, selecting a corresponding public key in an RSA public key library according to the equipment ID and a preset public key selection strategy of the intelligent hardware, and encrypting the detection data through the public key; the RSA public key base is composed of public keys in the RSA secret key base, and the RSA public key base is pre-stored in the intelligent hardware.
Step S103: and matching the corresponding private key according to a preset private key selection strategy, and decrypting the encrypted information to obtain the detection data of the plaintext.
Step S104: and analyzing and processing the detection data.
As shown in fig. 2, the private key selection policy and the public key selection policy in the embodiment of the method include:
step S01: the device ID is acquired.
Step S02: selecting bytes to be operated from the device ID, and converting the bytes to be operated into decimal values to be operated。
Step S03: judging the value to be calculatedIf the number is an even number, executing step S04; if the number is odd, step S05 is executed.
Obtaining a new value to be calculated by step S04 or step S05Then calculate the value to be calculatedPerforming another judgment and operation, namely judging the value to be operatedIf the number is even, then the new value to be calculated is set=2; if the number is odd, the new value to be calculated is set=3*+1。
the server selects from the RSA key libraryA private key; the intelligent hardware selects the first public key from the RSA public key library.
As shown in fig. 4, the method for accessing and processing data of the internet of things based on edge computing in the embodiment of the present invention further includes the steps of:
step S105: and issuing the configuration file to the edge computing base station.
The server stores a configuration file.
Step S106: and receiving a configuration file modification instruction of the operation terminal, and generating a new configuration file according to the configuration file modification instruction.
Step S107: and sending the new configuration file to the corresponding edge computing base station.
Specifically, as shown in fig. 5, the method for accessing and processing data of the internet of things based on edge computing further includes:
step S108: and acquiring a login request of the intelligent hardware.
The login request comprises a pre-allocated special identification code and a device ID, and a preset special identification code is stored in the server.
Step S109: verifying the login request, if the special identification code and the equipment ID in the login request are matched with the special identification code and the equipment ID stored in the server, the verification is passed, and a verification passing notice is generated;
step S110: and issuing the verification passing notification to the intelligent hardware.
The embodiment of the invention also comprises another method for accessing and processing the data of the internet of things based on edge computing, wherein the execution main body of the method is an edge computing base station, and as shown in fig. 6, the method comprises the following steps:
step S201: a new configuration file is received and run.
And the new configuration file is generated by the server according to the configuration file modification instruction of the operation terminal and the originally stored configuration file.
And, step S202: and pre-storing the device ID of the intelligent hardware and an RSA private key library. The RSA private key library consists of private keys in an RSA private key library, the RSA private key library is prestored in the server, and the RSA private key library comprises m groups of public keys and private keys;
and, step S203: and receiving the encryption information of the intelligent hardware. The encryption information is obtained by generating detection data for the intelligent hardware, selecting a corresponding public key in an RSA public key library according to the equipment ID and a preset public key selection strategy of the intelligent hardware, and encrypting the detection data through the public key; the RSA public key base is composed of public keys in the RSA secret key base, and the RSA public key base is pre-stored in the intelligent hardware.
Step S204: and uploading the encrypted information to the server.
And/or, step S205: and matching the corresponding private key according to a preset private key selection strategy, decrypting the encrypted information to obtain the detection data of the plaintext, and analyzing and processing the detection data.
As shown in fig. 2, the private key selection policy and the public key selection policy in the embodiment of the method include:
step S01: the device ID is acquired.
Step S02: selecting bytes to be operated from the device ID, and converting the bytes to be operated into decimal values to be operated。
Step S03: judging the value to be calculatedIf the number is an even number, executing step S04; if the number is odd, step S05 is executed.
Obtaining a new value to be calculated by step S04 or step S05Then calculate the value to be calculatedPerforming the judgment and operation again, i.e. judging the value to be operatedIf it is an even number, then the new value to be calculated is ordered=2; if the number is odd, the new value to be calculated is ordered=3*+1。
The edge computing base station selects from the RSA key baseA private key; the intelligent hardware selects from RSA public key libraryA public key.
For the description of the embodiment of the data access and processing method of the internet of things based on the edge computing, the description of the related embodiment of the data access and processing system of the internet of things based on the edge computing can be used for reference, so that the details are not repeated here.
The system and the method for accessing and processing the data of the internet of things based on the edge computing ensure the maximum utilization of the resources of the edge computing base station by issuing the configuration file to the edge computing base station through the server, simultaneously generate a new configuration file according to the configuration file modification instruction of the operation terminal and reconfigure the resources of the edge computing base station, do not need equipment updating by workers running on site, reduce the operation cost of the system.
The present invention has been further described with reference to specific embodiments, but it should be understood that the detailed description should not be construed as limiting the spirit and scope of the present invention, and various modifications made to the above-described embodiments by those of ordinary skill in the art after reading this specification are within the scope of the present invention.
Claims (10)
1. The utility model provides a thing networking data access and processing system based on edge calculation, includes server and a plurality of edge calculation basic station, operation terminal, intelligent hardware, edge calculation basic station and server communication connection in proper order, operation terminal with the server communication is connected, its characterized in that:
the server comprises a storage module, a communication module, a security verification module, a data processing module and a configuration file generation module; the storage module stores the equipment ID of the intelligent hardware and stores a preset RSA secret key library, and the RSA secret key library comprises m groups of public keys and private keys; the communication module is used for receiving the encrypted information uploaded by the intelligent hardware; the security verification module matches a corresponding private key according to a preset private key selection strategy and decrypts the encrypted information to obtain plaintext detection data; the data processing module is used for analyzing and processing the detection data;
the edge computing base station is prestored with an RSA private key base, and the RSA private key base consists of private keys in the RSA private key base; the edge computing base station is used for uploading the encrypted information of the intelligent hardware to the server, or selecting a strategy to match a corresponding private key according to a preset private key, and decrypting the encrypted information to obtain detection data of a plaintext; analyzing and processing the detection data;
the intelligent hardware is prestored with an RSA public key library, and the RSA public key library consists of public keys in the RSA private key library; the intelligent hardware is used for generating detection data, selecting a corresponding public key in the RSA public key library according to the equipment ID and a preset public key selection strategy, and encrypting the detection data through the public key to obtain encrypted information;
in the server, the storage module is further used for storing a configuration file; the communication module is also used for issuing a configuration file to the edge computing base station and acquiring a configuration file modification instruction generated by the operation terminal; the configuration file generation module generates a new configuration file according to the configuration file modification instruction; the communication module is also used for sending the new configuration file to the corresponding edge computing base station; the operation terminal is used for generating the configuration file modification instruction; the edge computing base station is also used for receiving and operating the configuration file;
wherein the private key selection policy and the public key selection policy include:
acquiring an equipment ID;
selecting bytes to be operated from the equipment ID, and converting the bytes to be operated into decimal values to be operated;
Judging the value to be calculatedIf it is an even number, then the new value to be calculated is ordered=2; if the number is odd, the new value to be calculated is set=3*+1;
Judging the value to be calculatedIf it is an even number, then the new value to be calculated is ordered=2; if the number is odd, the new value to be calculated is set=3*+1;
2. The internet of things data access and processing system based on edge computing as claimed in claim 1, wherein the server further comprises a login authentication module, wherein:
the storage module stores a preset special identification code;
the communication module is used for acquiring a login request sent by the intelligent hardware; the login request comprises a pre-allocated special identification code and a device ID;
the login verification module verifies the login request, if the special identification code and the equipment ID in the login request are matched with the special identification code and the equipment ID stored in the storage module, the login request passes the verification, and a verification passing notice is generated;
and the communication module sends the verification passing notice to the intelligent hardware.
3. The internet of things data access and processing system based on edge computing as claimed in claim 1, wherein the bytes to be computed are 3 bytes selected in the device ID according to a preset byte selection strategy; the byte selection strategy is as follows:
judging the length of the equipment ID, if the length is larger than a set value, reducing the length of the equipment ID through self exclusive OR operation, and if the length is smaller than or equal to the set value, selecting bytes;
the byte selection comprises the following steps: setting a start bit in the device ID to select three consecutive bytes, or selecting three bytes in the device ID at least at two non-consecutive positions.
4. The system of claim 1, wherein in the server, the communication module further receives a configuration reply from the edge computing base station after issuing a configuration file to the edge computing base station.
5. The system of claim 1, wherein the communication module issues configuration files to the edge computing base stations, and the configuration files include configuration files issued by the communication module to each edge computing base station individually, and/or configuration files issued by the communication module to a plurality of edge computing base stations collectively.
6. The system of claim 1, wherein the configuration file comprises a network channel, a network setting, a packet name, a packet type, a callback function, a reply level, reply data, a real-time reply time, a report level, and status update information.
7. The edge-computing-based data access and processing system for the internet of things of claim 6, wherein the state update information comprises information generated when the state is changed by: scanning for a new device, being connected by a new device, receiving new data, receiving a command confirmation reply, receiving a disconnection, receiving a timeout event.
8. An Internet of things data access and processing method based on edge computing is characterized by comprising the following steps:
the server prestores the equipment ID of the intelligent hardware and a preset RSA secret key library; the RSA secret key library comprises m groups of public keys and private keys;
receiving encryption information of intelligent hardware; the encryption information is obtained by generating detection data for intelligent hardware, selecting a corresponding public key in an RSA public key base according to the equipment ID and a preset public key selection strategy, and encrypting the detection data through the public key; the RSA public key library consists of public keys in the RSA private key library, and the RSA public key library is prestored in the intelligent hardware;
matching a corresponding private key according to a preset private key selection strategy, and decrypting the encrypted information to obtain plaintext detection data;
analyzing and processing the detection data;
and issuing a configuration file to the edge computing base station; the server stores a configuration file;
receiving a configuration file modification instruction of an operation terminal, and generating a new configuration file according to the configuration file modification instruction;
issuing the new configuration file to the corresponding edge computing base station;
wherein the private key selection policy and the public key selection policy include:
acquiring an equipment ID;
selecting bytes to be operated from the equipment ID, and converting the bytes to be operated into decimal values to be operated;
Judging the value to be calculatedIf the number is even, then the new one is ready to be shippedCalculation of value=2; if the number is odd, the new value to be calculated is ordered=3*+1;
Judging the value to be calculatedIf the number is even, then the new value to be calculated is set=2; if the number is odd, the new value to be calculated is ordered=3*+1;
9. The internet of things data access and processing method based on edge computing as claimed in claim 8, further comprising:
the server acquires a login request of the intelligent hardware; the login request comprises a pre-allocated special identification code and an equipment ID; the server stores a preset special identification code;
verifying the login request, if the special identification code and the equipment ID in the login request are matched with the special identification code and the equipment ID stored in the server, the verification is passed, and a verification passing notice is generated;
and issuing the verification passing notice to the intelligent hardware.
10. An Internet of things data access and processing method based on edge computing is characterized by comprising the following steps:
the edge computing base station receives and runs a new configuration file; the new configuration file is generated by the server according to the configuration file modification instruction of the operation terminal and the originally stored configuration file;
the edge computing base station prestores the equipment ID of the intelligent hardware and an RSA private key library; the RSA private key library consists of private keys in an RSA private key library, the RSA private key library is prestored in the server, and the RSA private key library comprises m groups of public keys and private keys;
the edge computing base station receives the encryption information of the intelligent hardware; the encryption information is obtained by generating detection data for the intelligent hardware, selecting a corresponding public key in an RSA public key library according to the equipment ID and a preset public key selection strategy of the intelligent hardware, and encrypting the detection data through the public key; the RSA public key base consists of public keys in the RSA secret key base, and the RSA public key base is prestored in the intelligent hardware;
the edge computing base station uploads the encrypted information to a server; and/or the edge computing base station selects a strategy to match a corresponding private key according to a preset private key, decrypts the encrypted information to obtain detection data of a plaintext, and analyzes and processes the detection data;
wherein the private key selection policy and the public key selection policy include:
acquiring an equipment ID;
selecting bytes to be operated from the equipment ID, and converting the bytes to be operated into decimal values to be operated;
Judging the value to be calculatedIf it is an even number, then the new value to be calculated is ordered=2; if the number is odd, the new value to be calculated is set=3*+1;
Judging that the object is to be transportedCalculation of valueIf it is an even number, then the new value to be calculated is ordered=2; if the number is odd, the new value to be calculated is set=3*+1;
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211087398.8A CN115189881B (en) | 2022-09-07 | 2022-09-07 | Internet of things data access and processing system and method based on edge calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211087398.8A CN115189881B (en) | 2022-09-07 | 2022-09-07 | Internet of things data access and processing system and method based on edge calculation |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115189881A CN115189881A (en) | 2022-10-14 |
CN115189881B true CN115189881B (en) | 2022-11-29 |
Family
ID=83522760
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211087398.8A Active CN115189881B (en) | 2022-09-07 | 2022-09-07 | Internet of things data access and processing system and method based on edge calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115189881B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102169426A (en) * | 2011-04-25 | 2011-08-31 | 浙江大学 | Method for fast reduction modular operation for two-element field |
CN110505313A (en) * | 2019-09-25 | 2019-11-26 | 广东卓启投资有限责任公司 | A kind of super node choosing method, device and equipment |
CN110519039A (en) * | 2019-07-29 | 2019-11-29 | 北京多思安全芯片科技有限公司 | A kind of Homomorphic processing of data |
CN112015111A (en) * | 2019-05-30 | 2020-12-01 | 中国科学院沈阳自动化研究所 | Industrial control equipment safety protection system and method based on active immunity mechanism |
US11159546B1 (en) * | 2021-04-20 | 2021-10-26 | Centripetal Networks, Inc. | Methods and systems for efficient threat context-aware packet filtering for network protection |
CN114139197A (en) * | 2021-11-26 | 2022-03-04 | 中国人民大学 | Proxy security multi-party computing method, system, processing equipment and storage medium |
CN114969768A (en) * | 2021-02-26 | 2022-08-30 | 中移(苏州)软件技术有限公司 | Data processing method and device and storage medium |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10873454B2 (en) * | 2014-04-04 | 2020-12-22 | Zettaset, Inc. | Cloud storage encryption with variable block sizes |
NL2013520B1 (en) * | 2014-09-24 | 2016-09-29 | Koninklijke Philips Nv | Public-key encryption system. |
KR20180115768A (en) * | 2016-02-23 | 2018-10-23 | 엔체인 홀딩스 리미티드 | Encryption method and system for secure extraction of data from a block chain |
-
2022
- 2022-09-07 CN CN202211087398.8A patent/CN115189881B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102169426A (en) * | 2011-04-25 | 2011-08-31 | 浙江大学 | Method for fast reduction modular operation for two-element field |
CN112015111A (en) * | 2019-05-30 | 2020-12-01 | 中国科学院沈阳自动化研究所 | Industrial control equipment safety protection system and method based on active immunity mechanism |
CN110519039A (en) * | 2019-07-29 | 2019-11-29 | 北京多思安全芯片科技有限公司 | A kind of Homomorphic processing of data |
CN110505313A (en) * | 2019-09-25 | 2019-11-26 | 广东卓启投资有限责任公司 | A kind of super node choosing method, device and equipment |
CN114969768A (en) * | 2021-02-26 | 2022-08-30 | 中移(苏州)软件技术有限公司 | Data processing method and device and storage medium |
US11159546B1 (en) * | 2021-04-20 | 2021-10-26 | Centripetal Networks, Inc. | Methods and systems for efficient threat context-aware packet filtering for network protection |
CN114139197A (en) * | 2021-11-26 | 2022-03-04 | 中国人民大学 | Proxy security multi-party computing method, system, processing equipment and storage medium |
Non-Patent Citations (1)
Title |
---|
《普适计算环境中基于身份的密钥管理方案》;孙凌等;《计算机科学》;20130615;第40卷(第6期);正文1-5页 * |
Also Published As
Publication number | Publication date |
---|---|
CN115189881A (en) | 2022-10-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11229023B2 (en) | Secure communication in network access points | |
US20230061038A1 (en) | Hosted device provisioning protocol with servers and a networked initiator | |
CN109412937B (en) | Gateway, LoRa network system, gateway operation method and storage medium | |
Olawumi et al. | Three practical attacks against ZigBee security: Attack scenario definitions, practical experiments, countermeasures, and lessons learned | |
JP4812830B2 (en) | Low power transmit provisioning for wireless network devices | |
KR100983050B1 (en) | System, method and computer program product for authenticating a data agreement between network entities | |
TWI483601B (en) | A method for distributing encryption means | |
KR102062162B1 (en) | Security authentication method, configuration method and related devices | |
KR20180004119A (en) | Method and apparatus for providing profiles | |
CN113452660B (en) | Communication method of mesh network and cloud server, mesh network system and node device thereof | |
US20210144130A1 (en) | Method for securing communication without management of states | |
CN113347741A (en) | Online method and system of gateway equipment | |
KR20190134924A (en) | Hardware secure module | |
CN102045343B (en) | DC (Digital Certificate) based communication encrypting safety method, server and system | |
CN113613227B (en) | Data transmission method and device of Bluetooth equipment, storage medium and electronic device | |
CN115189881B (en) | Internet of things data access and processing system and method based on edge calculation | |
Iqbal et al. | Low-cost and secure communication system for SCADA system of remote microgrids | |
CN111490874A (en) | Distribution network safety protection method, system, device and storage medium | |
CN109951417B (en) | Identity authentication method, system and terminal equipment | |
EP1343342B1 (en) | Security protection for data communication | |
CN111835519A (en) | Covert communication method based on public block chain | |
US20230045486A1 (en) | Apparatus and Methods for Encrypted Communication | |
JP5602602B2 (en) | Communication apparatus, control method, and program | |
CN110012099A (en) | Information monitoring system and method | |
CN112187462B (en) | Data processing method and device, electronic equipment and computer readable medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |