CN115314894A - Beacon-based third party agent authentication method and system - Google Patents

Beacon-based third party agent authentication method and system Download PDF

Info

Publication number
CN115314894A
CN115314894A CN202210937503.6A CN202210937503A CN115314894A CN 115314894 A CN115314894 A CN 115314894A CN 202210937503 A CN202210937503 A CN 202210937503A CN 115314894 A CN115314894 A CN 115314894A
Authority
CN
China
Prior art keywords
authentication
control
equipment
broadcast packet
beacon
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210937503.6A
Other languages
Chinese (zh)
Inventor
马溢含
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Tuya Information Technology Co Ltd
Original Assignee
Hangzhou Tuya Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Tuya Information Technology Co Ltd filed Critical Hangzhou Tuya Information Technology Co Ltd
Priority to CN202210937503.6A priority Critical patent/CN115314894A/en
Publication of CN115314894A publication Critical patent/CN115314894A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services

Abstract

The application relates to a method and a system for third-party agent authentication based on Beacon, wherein the method is applied to controlled equipment and comprises the following steps: responding to a control instruction sent by control equipment, and sending a first Beacon broadcast packet to request for authenticating the control equipment; receiving a second Beacon broadcast packet from the agent authentication device, wherein the second Beacon broadcast packet comprises an authentication result of the cloud server to the control device; and determining whether to accept control of the control apparatus in response to the authentication result. According to the scheme, proxy authentication and authorization are performed through a third party based on the characteristics of the Beacon broadcast Beacon, the operation of an offline device distribution network and the process of accessing the cloud of a controlled device are not needed, and authorization and secret key issuing between the controlled device and the controlled device are assisted. Therefore, on one hand, the controlled equipment does not need to be provided with a cloud hardware device, and the cost is reduced; on the other hand, the link of connecting the network and the cloud to the controlled equipment is not needed, and the operation steps are simplified.

Description

Beacon-based third party agent authentication method and system
Technical Field
The application relates to the field of intelligent equipment control, in particular to a Beacon-based third-party agent authentication method and system.
Background
At present, for pairing control between two offline single-point devices, such as a control device and a controlled device, in order to ensure the security of a control process of the controlled device and avoid the risk of being controlled by an illegal terminal, the controlled device needs to be connected with a cloud to authenticate the control device and verify the validity of the identity of the control device, and a secret key used for encrypting transmission data in an interaction process is obtained under the condition that the identity is legal to ensure the security of data transmission in a communication process.
The precondition that the controlled device can be connected with the cloud end for verification is that the controlled device has finished a distribution link. For example, if a remote controller is used to control a bulb, the bulb needs to be successfully distributed, the cloud is connected to complete the identity verification of the remote controller and obtain a secret key, and then legal and safe data interaction between the remote controller and the bulb can be realized.
However, in the prior art, the authentication control device needs to be accessed to the cloud end through the distribution network by the controlled device, the controlled device must carry a hardware module with a network access function, a series of steps are completed to complete the distribution network and connect to the cloud end, the whole process needs a hardware facility capable of supporting the network access function, the device cost can be correspondingly increased, the step of the distribution network execution is completed, the manual operation requirement for a user is high, the use of the user is inconvenient, and poor user experience is brought.
Disclosure of Invention
In order to realize the authentication of the control equipment, and simultaneously not require the hardware configuration of the controlled equipment to have a network-accessing hardware module, and also not require the network-distributing operation of the controlled equipment, the application provides a third-party proxy authentication scheme based on Beacon.
According to a first aspect of the application, a method for third party proxy authentication based on Beacon is provided, and is applied to a controlled device, and the method includes:
responding to a control instruction sent by control equipment, and sending a first Beacon broadcast packet to request for authenticating the control equipment;
receiving a second Beacon broadcast packet from the agent authentication device, wherein the second Beacon broadcast packet comprises an authentication result of the cloud server to the control device; and
determining whether to accept control of the control apparatus in response to the authentication result.
According to a second aspect of the application, a third-party proxy authentication method based on Beacon is provided, and is applied to proxy authentication equipment, and the method comprises the following steps:
receiving a first Beacon broadcast packet sent by a controlled device, wherein the first Beacon broadcast packet comprises an agent authentication request for requesting authentication of the control device;
sending the proxy authentication request to a cloud server;
receiving an authentication result from the cloud server; and
and sending the authentication result to the controlled equipment through a second Beacon broadcast packet.
According to a third aspect of the application, a Beacon-based third-party proxy authentication system is provided, the system comprises a cloud server, a control device, a controlled device and a proxy authentication device,
the control device sends a pairing instruction and a control instruction to the controlled device;
the cloud server receives an agent authentication request from the agent authentication device, authenticates the identity of the control device and returns an authentication result;
the controlled device performing the method of the first aspect; and
the proxy authentication device performs the method according to the second aspect.
According to a fourth aspect of the present application, there is provided an electronic device comprising:
a processor and a memory. The memory stores computer instructions which, when executed by the processor, cause the processor to perform the method of the first and second aspects.
According to a fifth aspect of the present application, there is provided a non-transitory computer storage medium storing a computer program which, when executed by a plurality of processors, causes the processors to perform the method according to the first and second aspects.
According to the Beacon-based third-party proxy authentication scheme, proxy authentication and authorization are performed through a third party based on the characteristics of a Beacon broadcast Beacon, and the processes of off-line equipment distribution network operation and cloud access of controlled equipment, authorization between the auxiliary control equipment and the controlled equipment and key issuing are not needed. Therefore, on one hand, the controlled equipment does not need to be provided with cloud-connected hardware devices such as wifi modules, cat1 modules and the like, and the cost is reduced; on the other hand, the link of network distribution and cloud connection of the controlled equipment is not needed, operation steps are simplified, the use process of a user is simpler and more convenient, and user experience is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without exceeding the protection scope of the present application.
Fig. 1 is a schematic diagram of a system for third-party proxy authentication based on Beacon according to an embodiment of the present application.
Fig. 2 is a flowchart of a method for third party Beacon-based proxy authentication implemented by a controlled device according to an embodiment of the present application.
Fig. 3 is a flowchart of a method of Beacon-based third party proxy authentication implemented by a proxy authentication device according to an embodiment of the application.
Fig. 4 is a block diagram of an electronic device provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, of the embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The Bluetooth Beacon is a Bluetooth Beacon or a Bluetooth base station, is a broadcast protocol established on the basis of a low-power Bluetooth protocol, and also refers to a low-power Bluetooth slave device with the protocol, but the Beacon is not connected with any Bluetooth device. Surrounding scanners search the RSSI (Received Signal Strength Indicator) and broadcast packet of the Beacon to determine from which MAC address slave the Beacon comes.
The identity authentication of the control equipment is completed by means of a third party (such as a mobile phone APP as an agent party) mainly by means of the Beacon technology.
The general flow of the scheme of the application is as follows: when the control equipment initiates a control instruction to the controlled equipment, the controlled equipment sends an agent authentication request data packet outwards through a Beacon broadcast packet, a peripheral third party, such as a mobile phone APP, calls a cloud interface to complete authentication when scanning the agent authentication request data packet, acquires a key for data interaction through authentication, sends an agent authentication result and the key acquired after the authentication is successful through the Beacon broadcast packet, completes identification and authentication of the identity of the control equipment after the controlled equipment monitors the agent authentication result, acquires the key, and can perform normal offline data interaction with the control equipment.
Fig. 1 is a schematic diagram of a system for third-party proxy authentication based on Beacon according to an embodiment of the present application. As shown in fig. 1, the system includes a cloud server, a control device, a controlled device, and a proxy authentication device, where the control device may be any device with a control function, such as a controller, a remote controller, etc., and may be a device with only a control function or a device integrated with a control function. The controlled device may be any device controlled by the controlled device to perform a corresponding function, such as a smart home device. The proxy authentication device is any device capable of receiving and sending the broadcast packet through the Beacon, for example, the proxy authentication device may be a terminal such as a smart phone, a tablet electric energy, a smart watch, and the like, and the proxy authentication device has an application program APP supporting the Beacon protocol.
As shown in fig. 1, the system in which the cloud server, the control device, the controlled device, and the proxy authentication device cooperate with each other to complete the authentication process for the control device includes:
1. and the control equipment sends a pairing instruction to be locally paired with the controlled equipment.
In one embodiment, the control device indicates an attempt to establish a network connection with the controlled device via the pairing instruction.
2. The control device sends a control instruction to the controlled device to attempt control.
According to one embodiment, the control instruction includes control device identification information, which may include one or more of a MAC address, a device ID, and a UUID (Universally Unique Identifier) of the control device, for indicating the identity of the control device.
According to one embodiment, the control device sends a control instruction to the controlled device, the control instruction indicates that the controlled device is attempted to be controlled, and after the controlled device receives the control instruction, the legitimacy of the identity of the control device needs to be authenticated through the cloud server before determining whether the controlled device is controlled.
3. The proxy authentication device arbitrarily controls the controlled device and sends information indicating that the proxy authentication device can receive the Beacon broadcast packet to the controlled device.
In the application, the controlled device is not directly connected with the cloud server, and the legitimacy of the control device is not directly authenticated through the cloud server, but the authentication request is sent to the cloud server through the proxy authentication device. The controlled device sends the authentication request to the outside in a Beacon broadcast packet mode, and before sending the Beacon broadcast packet, it needs to ensure that the proxy authentication device can scan the Beacon broadcast packet.
The agent authentication equipment sends information indicating that the agent authentication equipment can receive the Beacon broadcast packet to the controlled equipment, the authentication condition of the controlled equipment is triggered, and the controlled equipment can send the Beacon broadcast packet to request agent authentication.
In one embodiment, the information indicating that the proxy authentication device can receive the Beacon broadcast packet may be information dedicated to indicating that the proxy authentication device can receive the Beacon broadcast packet, or may not be information dedicated to indicating that the proxy authentication device can receive the Beacon broadcast packet, and the controlled device can know that the current proxy authentication device can receive the Beacon broadcast packet through the information. In one embodiment, the information indicating that the proxy authentication device is capable of receiving the Beacon broadcast packet is a Beacon broadcast packet having a predetermined protocol format and belonging to bluetooth broadcast.
4. And the controlled equipment sends a first Beacon broadcast packet outwards to request proxy authentication of the control equipment.
In one embodiment, the first Beacon broadcast packet includes a proxy authentication request containing identification information of the control device.
5. The agent authentication device scans a first Beacon broadcast packet of the controlled device and sends an agent authentication request to the cloud server.
In one embodiment, the proxy authentication device already establishes network connection with the cloud server, the proxy authentication device supports the Beacon protocol, the bluetooth scans and monitors Beacon broadcast packets, and after receiving a first Beacon broadcast packet of the controlled device, the proxy authentication device calls the cloud interface to transmit a proxy authentication request to the cloud server.
6. And after the authentication and verification of the cloud server are finished, the authentication result is sent to the proxy authentication equipment.
In one embodiment, the cloud server authenticates the control device according to the proxy authentication request, and sends an authentication result to the proxy authentication device after authentication and verification are completed. Wherein the authentication result is either a result that the identity of the control device is legitimate or a result that the identity of the control device is not legitimate.
In the case that the identity of the control device is validated, the authentication result may further include a key used for data exchange between the controlled device and the control device. In an embodiment, the key may be a public-private key pair, or may be a symmetric key, which is not limited in this application.
7. And the proxy authentication equipment sends an authentication result to the controlled equipment through a second Beacon broadcast packet.
In one embodiment, after the proxy authentication device receives the authentication result, the authentication result is sent to the controlled device in a second Beacon broadcast packet mode.
The controlled device receives the authentication result and then decides whether to accept control of the control device.
In one embodiment, in the case that the authentication result proves that the identity of the control device is legal, the controlled device accepts the control of the control device, and further, the controlled device and the control device exchange data through a secret key. In another embodiment, in case the authentication result confirms that the identity of the controlling device is not legitimate, the controlled device ignores the control command, i.e. does not respond to the control command of the controlling device, or returns an indication to the controlling device that the identity of the controlling device is not legitimate.
According to the embodiment shown in fig. 1, proxy authentication and authorization are performed by a third party based on the characteristics of the Beacon broadcast Beacon, and the controlled device does not need to perform offline device distribution operation and cloud access, and assists in authorization and key issuing between the control device and the controlled device. Therefore, on one hand, the controlled equipment does not need to be provided with cloud-connected hardware devices such as wifi modules, cat1 modules and the like, and cost is reduced; on the other hand, the link of network distribution and cloud connection of the controlled equipment is not needed, the operation steps are simplified, and the user experience is improved.
On the basis of the system for third-party agent authentication based on Beacon shown in fig. 1, according to one aspect of the present application, a method for third-party agent authentication based on Beacon implemented by a controlled device is provided. Fig. 2 is a flowchart of a method for third party Beacon-based proxy authentication implemented by a controlled device according to an embodiment of the present application. As shown in fig. 2, the method includes the following steps.
Step S201, in response to the control instruction sent by the control device, sending a first Beacon broadcast packet to request to authenticate the control device.
According to one embodiment, the control device sends a control instruction to the controlled device, the control instruction indicates that the controlled device is attempted to be controlled, and after the controlled device receives the control instruction, the controlled device needs to authenticate the validity of the identity of the control device through the cloud server before determining whether the control device is controlled.
In the application, the controlled device is not directly connected with the cloud server, and the legitimacy of the control device is not directly authenticated through the cloud server, but the authentication request is sent to the cloud server through the proxy authentication device. The controlled device sends an authentication request to the outside in a Beacon broadcast packet mode.
In one embodiment, the first Beacon broadcast packet includes a proxy authentication request containing identification information of the control device.
In one embodiment, before the controlled device sends the authentication request out by means of the Beacon broadcast packet, it needs to ensure that the proxy authentication device can scan the Beacon broadcast packet. The proxy authentication equipment sends information indicating that the proxy authentication equipment can receive the Beacon broadcast packet to the controlled equipment, the authentication condition of the controlled equipment is triggered, and the controlled equipment can send the Beacon broadcast packet to request proxy authentication.
Thus, step S201 includes: and under the condition of receiving the information which is sent by the proxy authentication equipment and indicates that the proxy authentication equipment can receive the Beacon broadcast packet, sending a first Beacon broadcast packet to request for authenticating the control equipment.
According to the information which is sent by the agent authentication equipment and indicates that the agent authentication equipment can receive the Beacon broadcast packet, when the agent authentication equipment can receive the Beacon broadcast packet, the first Beacon broadcast packet is sent, and the problem that the agent authentication of the control equipment cannot be realized because the sent first Beacon broadcast packet is not received can be prevented.
Step S202, a second Beacon broadcast packet from the proxy authentication device is received, wherein the Beacon broadcast packet comprises an authentication result of the control device, and the cloud server is right.
The agent authentication device sends the agent authentication request to the cloud server to receive the authentication result, and then sends the authentication result outwards in a Beacon broadcast packet mode, the controlled device receives the Beacon broadcast packet from the agent authentication device, and the Beacon broadcast packet comprises the authentication result of the cloud server.
Step S203, in response to the authentication result, determines whether to accept control of the control apparatus.
The authentication result proves that the identity of the control equipment is legal or illegal. In one embodiment, in the case that the authentication result proves that the identity of the control device is legitimate, the controlled device accepts the control of the control device, and further, the controlled device and the control device exchange data through a key. In another embodiment, in case the authentication result confirms that the identity of the controlling device is not legitimate, the controlled device ignores the control command, i.e. does not respond to the control command of the controlling device, or returns an indication to the controlling device that the identity of the controlling device is not legitimate.
Thus, step S203 includes sub-step S2031 and sub-step S2032:
substep S2031, in case that the authentication result confirms that the identity of the control device is legal, accept the control of the control device;
in sub-step S2031, in case that the authentication result confirms that the identity of the control apparatus is not legal, the control instruction is ignored.
According to the steps shown in fig. 2, based on the characteristics of the Beacon broadcast Beacon, proxy authentication and authorization are performed by a third party, and authorization and key issuing between the control device and the controlled device can be assisted without requiring that the controlled device has a cloud-connected hardware device or performing off-line device distribution network operation and cloud access on the controlled device. Therefore, the controlled equipment does not need to be provided with a cloud hardware device, so that the equipment cost can be reduced; in addition, the network distribution of the controlled equipment is not needed, so that the operation steps are simplified, and the user experience is improved.
In one embodiment, the identification information of the control device is from a control command sent by the control device, and the identification information may include one or more of a MAC address, a device ID, and a UUID of the control device to indicate the identity of the control device.
Thus, the method shown in fig. 2 further comprises: step S204, responding to the control instruction sent by the control equipment, and acquiring the identification information of the control equipment.
In one embodiment, in the case that the identity of the control device is validated, the authentication result may further include a key used for data exchange between the controlled device and the control device.
Thus, the method shown in fig. 2 further comprises: and step S205, in the case that the authentication result proves that the identity of the control equipment is legal, exchanging data with the control equipment through a key included in the authentication result.
Under the condition that the identity of the control equipment is verified to be legal, the authentication result comprises the secret key, and the controlled equipment and the control equipment perform subsequent data exchange through the secret key, so that the safety in the data exchange process can be ensured.
On the basis of the system for third-party proxy authentication based on Beacon shown in FIG. 1, according to another aspect of the application, a method for third-party proxy authentication based on Beacon implemented by proxy authentication equipment is provided. Fig. 3 is a flowchart of a method of Beacon-based third party proxy authentication implemented by a proxy authentication device according to an embodiment of the application. As shown in fig. 3, the method includes the following steps.
Step S301, receiving a first Beacon broadcast packet sent by the controlled device, where the first Beacon broadcast packet includes an agent authentication request requesting authentication of the control device.
In the application, the controlled device is not directly connected with the cloud server, and the legitimacy of the control device is not directly authenticated through the cloud server, but the authentication request is sent to the cloud server through the proxy authentication device. The controlled device sends an authentication request to the outside in a Beacon broadcast packet mode. In one embodiment, the first Beacon broadcast packet includes a proxy authentication request containing identification information of the control device. Agent authentication equipment supports the Beacon protocol, and bluetooth scanning monitors Beacon broadcast package, including first Beacon broadcast package.
Step S302, sending an agent authentication request to a cloud server.
In one embodiment, the proxy authentication device already establishes a network connection with the cloud server, and after receiving the first Beacon broadcast packet of the controlled device, calls the cloud interface to transmit a proxy authentication request to the cloud server.
Step S303, receiving an authentication result from the cloud server.
In one embodiment, the cloud server authenticates the control device according to the proxy authentication request, and sends an authentication result to the proxy authentication device after authentication and verification are completed. Wherein the authentication result is either a result that the identity of the control device is legitimate or a result that the identity of the control device is not legitimate.
In the case that the identity of the control device is confirmed to be legal, the authentication result may further include a key used for data exchange between the controlled device and the control device.
And step S304, sending the authentication result to the controlled equipment through a second Beacon broadcast packet.
In one embodiment, after the proxy authentication device receives the authentication result, the authentication result is sent to the controlled device in a second Beacon broadcast packet mode.
According to the above steps shown in fig. 3, based on the characteristics of the Beacon broadcast Beacon, proxy authentication and authorization are performed by proxy authentication equipment in a Beacon broadcast receiving and sending manner, and authorization and key issuing between the control equipment and the controlled equipment can be assisted without requiring that the controlled equipment has a cloud-connected hardware device or performing an offline equipment distribution network operation and a cloud access process on the controlled equipment. Therefore, the controlled equipment is not required to be provided with a cloud hardware device, so that the equipment cost can be reduced; in addition, the network distribution of the controlled equipment is not needed, so that the operation steps are simplified, and the user experience is improved.
In one embodiment, before the controlled device sends the authentication request to the outside by way of the Beacon broadcast packet, it needs to ensure that the proxy authentication device can scan the Beacon broadcast packet. The proxy authentication equipment sends information indicating that the proxy authentication equipment can receive the Beacon broadcast packet to the controlled equipment, the authentication condition of the controlled equipment is triggered, and the controlled equipment can send the Beacon broadcast packet to request proxy authentication.
Thus, the method shown in fig. 3 further comprises: step S305, before receiving the first Beacon broadcast packet sent by the controlled device, sends information indicating that the proxy authentication device can receive the Beacon broadcast packet to the controlled device.
Therefore, the proxy authentication device sends information indicating that the proxy authentication device can receive the Beacon broadcast packet, and the controlled device sends the first Beacon broadcast packet only when determining that the proxy authentication device can receive the Beacon broadcast packet, so that the problem that proxy authentication of the control device cannot be realized because the first Beacon broadcast packet sent by the controlled device is not received can be solved.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
Referring to fig. 4, fig. 4 provides an electronic device including a processor and a memory. The memory stores computer instructions which, when executed by the processor, cause the processor to execute the computer instructions to implement the method and refinement scheme as shown in figures 2 and 3.
It should be understood that the above-described device embodiments are merely exemplary, and that the devices disclosed herein may be implemented in other ways. For example, the division of the units/modules in the above embodiments is only one logical function division, and there may be another division manner in actual implementation. For example, multiple units, modules, or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented.
In addition, unless otherwise specified, each functional unit/module in each embodiment of the present invention may be integrated into one unit/module, each unit/module may exist alone physically, or two or more units/modules may be integrated together. The integrated unit/module may be implemented in the form of hardware, or may also be implemented in the form of a software program module.
If the integrated unit/module is implemented in hardware, the hardware may be digital circuits, analog circuits, etc. Physical implementations of hardware structures include, but are not limited to, transistors, memristors, and the like. The processor or chip may be any suitable hardware processor, such as a CPU, GPU, FPGA, DSP, ASIC, etc., unless otherwise specified. Unless otherwise specified, the on-chip cache, the off-chip Memory, and the Memory may be any suitable magnetic storage medium or magneto-optical storage medium, such as Resistive Random Access Memory (RRAM), dynamic Random Access Memory (DRAM), static Random Access Memory (SRAM), enhanced Dynamic Random Access Memory (EDRAM), high-Bandwidth Memory (High-Bandwidth Memory), hybrid Memory cubic HMC (Hybrid Memory Cube), and so on.
The integrated units/modules, if implemented in the form of software program modules and sold or used as a stand-alone product, may be stored in a computer readable memory. Based on such understanding, the technical solution of the present invention, which is essentially or partly contributed by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a memory and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the method according to the embodiments of the present disclosure. And the aforementioned memory comprises: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
Embodiments of the present application also provide a non-transitory computer storage medium storing a computer program that, when executed by a plurality of processors, causes the processors to perform the method and refinement scheme as shown in fig. 2 and 3.
According to the scheme of third-party agent authentication based on Beacon, based on the characteristics of Beacon broadcast beacons, agent authentication and authorization are carried out through a third party, the processes of off-line equipment distribution network operation and cloud access of controlled equipment are not needed, and authorization and secret key issuing between the controlled equipment and the controlled equipment are assisted. Therefore, on one hand, the controlled equipment does not need to be provided with cloud-connected hardware devices such as wifi modules, cat1 modules and the like, and cost is reduced; on the other hand, the link of network distribution and cloud connection of the controlled equipment is not needed, operation steps are simplified, the use process of a user is simpler and more convenient, and user experience is improved.
The foregoing detailed description of the embodiments of the present application has been presented to illustrate the principles and implementations of the present application, and the description of the embodiments is only intended to facilitate the understanding of the methods and their core concepts of the present application. Meanwhile, a person skilled in the art should, according to the idea of the present application, change or modify the embodiments and applications of the present application based on the scope of the present application. In view of the above, the description should not be taken as limiting the application.

Claims (10)

1. A third party agent authentication method based on Beacon is applied to controlled equipment and is characterized by comprising the following steps:
responding to a control instruction sent by control equipment, and sending a first Beacon broadcast packet to request for authenticating the control equipment;
receiving a second Beacon broadcast packet from proxy authentication equipment, wherein the second Beacon broadcast packet comprises an authentication result of a cloud server to the control equipment; and
in response to the authentication result, it is determined whether to accept control of the control apparatus.
2. The method of claim 1, further comprising:
responding to a control instruction sent by the control equipment, acquiring identification information of the control equipment, wherein the identification information comprises one or more of an MAC address, an equipment ID and a UUID of the control equipment, and the first Beacon broadcast packet comprises the identification information of the control equipment.
3. The method of claim 1, wherein said sending a first Beacon broadcast packet to request authentication of the control device comprises:
and sending the first Beacon broadcast packet to request for authentication of the control equipment under the condition that the information which is sent by the proxy authentication equipment and indicates that the proxy authentication equipment can receive the Beacon broadcast packet is received.
4. The method of any of claims 1 to 3, wherein said determining whether to accept control of the control device in response to the authentication result comprises:
accepting control of the control device in a case where the authentication result confirms that the identity of the control device is legitimate;
and under the condition that the authentication result proves that the identity of the control equipment is illegal, ignoring the control instruction.
5. The method of claim 4, further comprising:
and under the condition that the authentication result proves that the identity of the control equipment is legal, performing data exchange with the control equipment through a key included in the authentication result.
6. A third party proxy authentication method based on Beacon is applied to proxy authentication equipment and is characterized by comprising the following steps:
receiving a first Beacon broadcast packet sent by a controlled device, wherein the first Beacon broadcast packet comprises an agent authentication request for requesting authentication of the control device;
sending the proxy authentication request to a cloud server;
receiving an authentication result from the cloud server; and
and sending the authentication result to the controlled equipment through a second Beacon broadcast packet.
7. The method of claim 6, further comprising:
before receiving the first Beacon broadcast packet sent by the controlled device, sending information indicating that the proxy authentication device can receive the Beacon broadcast packet to the controlled device.
8. The method according to claim 6 or 7, wherein in case that the authentication result proves that the identity of the control device is legitimate, the authentication result includes a key used for data exchange of the controlled device and the control device.
9. The utility model provides a third party agent authentication system based on Beacon, the system includes high in the clouds server, controlgear, controlled device and agent authentication equipment, its characterized in that:
the control device sends a pairing instruction and a control instruction to the controlled device;
the cloud server receives an agent authentication request from the agent authentication device, authenticates the identity of the control device and returns an authentication result;
the controlled device performing the method of any one of claims 1 to 5; and
the proxy authentication device performs the method of any of claims 6 to 8.
10. A non-transitory computer storage medium storing a computer program that, when executed by a plurality of processors, causes the processors to perform the method of any one of claims 1-8.
CN202210937503.6A 2022-08-05 2022-08-05 Beacon-based third party agent authentication method and system Pending CN115314894A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210937503.6A CN115314894A (en) 2022-08-05 2022-08-05 Beacon-based third party agent authentication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210937503.6A CN115314894A (en) 2022-08-05 2022-08-05 Beacon-based third party agent authentication method and system

Publications (1)

Publication Number Publication Date
CN115314894A true CN115314894A (en) 2022-11-08

Family

ID=83861315

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210937503.6A Pending CN115314894A (en) 2022-08-05 2022-08-05 Beacon-based third party agent authentication method and system

Country Status (1)

Country Link
CN (1) CN115314894A (en)

Similar Documents

Publication Publication Date Title
CN111669276B (en) Network verification method, device and system
CN102348209B (en) Method and device for wireless network access and authentication
JP5281128B2 (en) WI-FI access method, access point, and WI-FI access system
US9345057B2 (en) Method and terminal for establishing a communication connection
CN111465014B (en) Security authentication method, configuration method and related equipment
WO2017058925A1 (en) Method for controlling access to an in-vehicle wireless network
CN108471610B (en) Bluetooth connection control system
US20200228981A1 (en) Authentication method and device
CN106851632A (en) A kind of smart machine accesses the method and device of WLAN
JP6602475B2 (en) Method, device and system for authenticating to mobile network, and server for authenticating device to mobile network
CN108667699B (en) Method and device for interconnecting terminal equipment and gateway equipment
KR20140130501A (en) Shared network access via a peer-to-peer link
CN105338529A (en) Wireless network connecting method and system
KR20130001655A (en) Apparatus and method for providing service to different service terminal
CN113920616B (en) Method for safely connecting vehicle with Bluetooth key, bluetooth module and Bluetooth key
CN106658488B (en) Intelligent household appliance and method and device for safely accessing intelligent household appliance
CN109561413B (en) Bluetooth authentication and authorization method and system of BLE equipment
US20230156466A1 (en) Bluetooth Networking Method for Electronic Device and Related Device
CN115314894A (en) Beacon-based third party agent authentication method and system
CN115767554A (en) Low-power-consumption Bluetooth binding method and system based on signal intensity
CN111741463B (en) Communication connection method, related equipment and storage medium
CN113507708A (en) Screen projection method and screen projection system
CN114978556A (en) Slice authentication method, device and system
KR102575571B1 (en) Home network controlling method using multi channels, and home network system thereof
CN117155690A (en) Communication method, electronic device, and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination