CN115866597A - Method and device for sending password information, storage medium and electronic device - Google Patents
Method and device for sending password information, storage medium and electronic device Download PDFInfo
- Publication number
- CN115866597A CN115866597A CN202111123104.8A CN202111123104A CN115866597A CN 115866597 A CN115866597 A CN 115866597A CN 202111123104 A CN202111123104 A CN 202111123104A CN 115866597 A CN115866597 A CN 115866597A
- Authority
- CN
- China
- Prior art keywords
- equipment
- networked
- distribution network
- certificate
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method and a device for sending password information, a storage medium and an electronic device, wherein the method comprises the following steps: under the condition that the first distribution network equipment determines that the first distance between the equipment to be networked and the first distribution network equipment is smaller than the preset distance through the proximity sensing network, receiving a first equipment certificate of the equipment to be networked, which is sent by the first distribution network equipment; authenticating the equipment to be accessed to the network according to the first equipment certificate, and determining second distribution network equipment bound with the account information under the condition that the equipment to be accessed to the network passes the authentication, wherein the account information is bound with the first distribution network equipment; under the condition that the second distribution network equipment determines that the second distance between the second distribution network equipment and the equipment to be networked is smaller than the preset distance through the proximity sensing network, receiving a second equipment certificate of the equipment to be networked, which is sent by the second distribution network equipment; and under the condition that the first equipment certificate is consistent with the second equipment certificate, indicating the first network distribution equipment to send password information to the equipment to be networked.
Description
Technical Field
The present invention relates to the field of communications, and in particular, to a method and an apparatus for sending password information, a storage medium, and an electronic apparatus.
Background
Along with the increasing of intelligent equipment, user-oriented intelligent household products are more and more common, and convenience brought to users is obvious.
In the related technology, the reason is that the attribution of the equipment to be networked is not easy to determine, and under the condition that no user participates, the equipment to be networked can be accessed into the wireless network in other families at a high probability.
In the related art, an effective solution is not provided for the problem that in the process that the distribution network equipment is a distribution network of the equipment to be networked, the distribution network equipment may be the equipment to be networked which does not belong to the same family as the distribution network equipment.
Disclosure of Invention
The embodiment of the invention provides a method and a device for sending password information, a storage medium and an electronic device, which are used for at least solving the problems that in the related art, in the process that a distribution network device is a network to be connected, the distribution network device is likely to be the network to be connected of the same family as the distribution network device, and the like.
According to an embodiment of the present invention, a method for sending password information is provided, including: under the condition that a first distribution network device determines that a first distance between a device to be networked and the first distribution network device is smaller than a preset distance through a proximity sensing network, receiving a first device certificate of the device to be networked, which is sent by the first distribution network device; authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment; receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network; and under the condition that the first equipment certificate is determined to be consistent with the second equipment certificate, indicating the first distribution network equipment to send password information to the equipment to be networked.
In an exemplary embodiment, the receiving the second device certificate of the device to be networked, which is sent by the second network distribution device, includes:
sending a first control instruction to the second distribution network device, wherein the first control instruction is used for instructing the second distribution network device to determine a second distance between the second distribution network device and the device to be networked and a size relationship between the second distance and a preset distance through a proximity sensing network;
and receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distance is smaller than the preset distance as determined by the second distribution network device.
In an exemplary embodiment, authenticating the device to be networked according to the first device certificate includes: decrypting the first equipment certificate through a target public key to obtain an equipment public key and an equipment signature of the equipment to be networked, wherein the target public key is a public key of an issuing organization of the first equipment certificate; decrypting the device signature according to the device public key to acquire the device information of the device to be networked; and authenticating the equipment to be accessed according to the equipment information.
In an exemplary embodiment, after authenticating the device to be networked according to the first device certificate, the method further includes: sending an authentication request to the device to be networked, wherein the authentication request comprises: a platform certificate of the cloud platform; and receiving a response result of passing the authentication sent by the equipment to be accessed under the condition that the equipment to be accessed successfully decrypts the platform certificate according to the target public key.
In one exemplary embodiment, after determining that the first device certificate is consistent with the second device certificate, the method further comprises: sending a second control instruction to a first network distribution device, wherein the second control instruction is used for indicating the first network distribution device to send password information to the device to be networked; and receiving response information which is sent successfully and sent by the first distribution network equipment under the condition that the first distribution network equipment sends the password information to the equipment to be accessed.
In an exemplary embodiment, after receiving the response information of successful transmission sent by the first distribution network device, the method further includes: determining whether online information of the equipment to be networked is received within preset time; and under the condition that the online information of the equipment to be networked is determined not to be received within the preset time, sending a third control instruction to the second network distribution equipment, wherein the third control instruction is used for indicating the second network distribution equipment to send the password information to the equipment to be networked again.
In an exemplary embodiment, after authenticating the device to be networked according to the first device certificate, the method further includes: determining that the device to be accessed is illegal under the condition that the authentication of the first device certificate on the device to be accessed is not passed; and sending a fourth control instruction to the first distribution network device, wherein the fourth control instruction is used for indicating that the first distribution network device forbids sending password information to the device to be networked.
According to another embodiment of the present invention, there is also provided a transmission apparatus of password information, including: the first receiving module is used for receiving a first device certificate of the equipment to be networked, which is sent by the first distribution network equipment, under the condition that the first distribution network equipment determines that a first distance between the equipment to be networked and the first distribution network equipment is smaller than a preset distance through a proximity sensing network; the determining module is used for authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment; the second receiving module is used for receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines through a proximity sensing network that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance; and the indicating module is used for indicating the first network distribution equipment to send password information to the equipment to be networked under the condition that the first equipment certificate is consistent with the second equipment certificate.
According to still another aspect of the embodiments of the present invention, there is also provided a computer-readable storage medium, in which a computer program is stored, wherein the computer program is configured to execute the above-mentioned method for sending the password information when running.
According to another aspect of the embodiments of the present invention, there is provided an electronic apparatus, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the sending method of the password information through the computer program.
In the embodiment of the invention, under the condition that a first distribution network device determines that a first distance between a device to be networked and the first distribution network device is smaller than a preset distance through a proximity sensing network, a first device certificate of the device to be networked, which is sent by the first distribution network device, is received; authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment; receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network; under the condition that the first equipment certificate is determined to be consistent with the second equipment certificate, indicating the first distribution network equipment to send password information to the equipment to be networked; the first distance between the first network distribution device and the device to be networked is determined through the proximity sensing network, the second distance between the second network distribution device and the device to be networked is indicated to send password information to the device to be networked under the condition that the first distance and the second distance are both smaller than the preset distance, by adopting the technical scheme, the problems that the network distribution device is likely to be a device to be networked which does not belong to the same family as the network distribution device to be in network distribution and the like in the process of the network distribution device to be the device to be networked, and the accuracy of the network distribution device to be the device to be networked is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
fig. 1 is a block diagram of a hardware configuration of a computer terminal of a method for transmitting password information according to an embodiment of the present invention;
fig. 2 is a flowchart of a method of transmitting password information according to an embodiment of the present invention;
FIG. 3 is a flow diagram of a method of transmitting cryptographic information in accordance with an alternative embodiment of the present invention;
fig. 4 is a block diagram (one) of a transmitting apparatus of password information according to an embodiment of the present invention;
fig. 5 is a block diagram of a transmitting apparatus of cryptographic information according to an embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The method provided by the embodiment of the application can be executed in a mobile terminal, a computer terminal or a similar operation device. Taking an example of the present invention running on a computer terminal, fig. 1 is a block diagram of a hardware structure of a computer terminal for transmitting password information according to an embodiment of the present invention. As shown in fig. 1, the computer terminal may include one or more (only one shown in fig. 1) processors 102 (the processors 102 may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA) and a memory 104 for storing data, and in an exemplary embodiment, may also include a transmission device 106 for communication functions and an input-output device 108. It will be understood by those skilled in the art that the structure shown in fig. 1 is only an illustration and is not intended to limit the structure of the computer terminal. For example, a computer terminal may also include more or fewer components than shown in FIG. 1, or have a different configuration with equivalent functionality to that shown in FIG. 1 or more functionality than that shown in FIG. 1.
The memory 104 may be used to store a computer program, for example, a software program and a module of application software, such as a computer program corresponding to the method for sending the cryptographic information in the embodiment of the present invention, and the processor 102 executes various functional applications and data processing by running the computer program stored in the memory 104, so as to implement the method described above. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to a computer terminal over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 106 is used for receiving or transmitting data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the computer terminal. In one example, the transmission device 106 includes a Network adapter (NIC), which can be connected to other Network devices through a base station so as to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
In this embodiment, a method for sending password information is provided, which is applied to the computer terminal, and is specifically applied to a cloud platform, and fig. 2 is a flowchart of the method for sending password information according to the embodiment of the present invention, where the flowchart includes the following steps:
step S202, receiving a first device certificate of a device to be networked, which is sent by a first distribution network device, under the condition that the first distribution network device determines through a proximity sensing network that a first distance between the device to be networked and the first distribution network device is smaller than a preset distance;
step S204, authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment;
step S206, receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network;
step S208, when it is determined that the first device certificate is consistent with the second device certificate, instruct the first network distribution device to send password information to the device to be networked.
Through the steps, under the condition that the first distribution network equipment determines that the first distance between the equipment to be networked and the first distribution network equipment is smaller than the preset distance through the proximity sensing network, receiving a first equipment certificate of the equipment to be networked, which is sent by the first distribution network equipment; authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment; receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network; under the condition that the first equipment certificate is determined to be consistent with the second equipment certificate, indicating the first distribution network equipment to send password information to the equipment to be networked; the first distance between the first network distribution device and the device to be networked is determined through the proximity sensing network, the second distance between the second network distribution device and the device to be networked is indicated to send password information to the device to be networked under the condition that the first distance and the second distance are both smaller than the preset distance, by adopting the technical scheme, the problems that the network distribution device is likely to be a device to be networked which does not belong to the same family as the network distribution device to be in network distribution and the like in the process of the network distribution device to be the device to be networked, and the accuracy of the network distribution device to be the device to be networked is improved.
The password information in step S208 includes: a service set identification and a password; and under the condition that the first distance between the first network distribution equipment and the equipment to be networked is determined, the second distance between the second network distribution equipment and the equipment to be networked is smaller than the preset distance, and the cloud platform determines that the received first equipment certificate is consistent with the second equipment certificate, the first network distribution equipment is instructed to send a service set identifier and a password to the equipment to be networked, and the equipment to be networked performs networking according to the service set identifier and the password.
In an exemplary embodiment, the receiving the second device certificate of the device to be networked, which is sent by the second network distribution device, includes: sending a first control instruction to the second distribution network device, wherein the first control instruction is used for instructing the second distribution network device to determine a second distance between the second distribution network device and the device to be networked and a size relationship between the second distance and a preset distance through a proximity sensing network; and receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that the size relationship indicates that the second distance is smaller than the preset distance.
Specifically, the device to be networked broadcasts a distribution network request, wherein the distribution network request carries a first device certificate of the device to be networked, and the first distribution network device determines a first distance between the first distribution network device and the device to be networked through a proximity sensing network under the condition that the first distribution network device successfully receives the distribution network request sent by the device to be networked, wherein the proximity sensing network is a network based on a WiFI Neighbor aware Networking protocol and comprises the capability of determining the distance; the method comprises the steps that a first device certificate of a device to be networked is sent to a cloud platform under the condition that the first distance is determined to be smaller than a preset distance by a first distribution network device, account information bound by the first distribution network device and a second distribution network device bound by the account information are determined under the condition that the cloud platform determines that the device to be networked is a legal device according to the first device certificate, and a first control instruction is sent to the second distribution network device, so that the second distribution network device determines a second distance between the second distribution network device and the device to be networked through a proximity sensing network according to the first control instruction; and receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the distance between the first device certificate and the second device certificate is smaller than the preset distance.
In an exemplary embodiment, authenticating the device to be networked according to the first device certificate includes: decrypting the first equipment certificate through a target public key to obtain an equipment public key and an equipment signature of the equipment to be networked, wherein the target public key is a public key of an issuing organization of the first equipment certificate; decrypting the device signature according to the device public key to acquire the device information of the device to be networked; and authenticating the equipment to be accessed according to the equipment information.
That is to say, a target public key is obtained, the first device certificate is decrypted through the target public key, a device signature in the first device certificate is decrypted through the device public key in the first device certificate, and under the condition that device information of the device to be accessed to the network is obtained; and authenticating the equipment to be accessed according to the equipment information, and then completing one-time authentication of the equipment to be accessed by the cloud platform.
In an exemplary embodiment, after authenticating the device to be networked according to the first device certificate, an authentication request is sent to the device to be networked, where the authentication request includes: a platform certificate of the cloud platform; and receiving a response result of passing the authentication sent by the equipment to be accessed under the condition that the equipment to be accessed successfully decrypts the platform certificate according to the target public key.
It should be noted that the cloud platform and the device to be networked need to perform mutual authentication, so as to ensure the validity of the device to be networked and ensure that the device to be networked is not connected to an illegal cloud platform; the method comprises the steps that under the condition that a network to be accessed receives an authentication request sent by a cloud platform, a platform certificate of the cloud platform is obtained to determine whether an issuing mechanism of the platform certificate of the cloud platform is the same as an issuing mechanism of the platform certificate of a device to be accessed, under the condition that the platform certificate of the cloud platform is the same as the issuing mechanism of the platform certificate of the device to be accessed, a target public key of the issuing mechanism is used for successfully decrypting the platform certificate, and under the condition that the device to be accessed successfully decrypts the platform certificate according to the target public key, the cloud platform is determined to pass authentication, so that the reliability of the cloud platform and the device is guaranteed, and the communication safety is improved.
In an exemplary embodiment, after determining that the first device certificate is consistent with the second device certificate, sending a second control instruction to the first distribution network device, where the second control instruction is used to instruct the first distribution network device to send password information to the device to be networked; and receiving successfully-sent response information sent by the first distribution network equipment under the condition that the first distribution network equipment sends password information to the equipment to be accessed.
And under the condition that the equipment information in the first equipment certificate and the second equipment certificate is determined to be consistent, the fact that the first distribution network equipment and the second distribution network equipment receive distribution network requests from the same equipment to be accessed is indicated, and after the first equipment certificate and the second equipment certificate are determined to be consistent, the first distribution network equipment is controlled to send password information to the equipment to be accessed, and response information of successful sending or failed sending sent by the first distribution network equipment is received.
In an exemplary embodiment, after receiving response information sent by the first distribution network device and successfully sent, determining whether online information of the device to be networked is received within a preset time; and under the condition that the online information of the equipment to be accessed is not received within the preset time, sending a third control instruction to the second distribution network equipment, wherein the third control instruction is used for indicating the second distribution network equipment to send the password information to the equipment to be accessed again.
That is to say, under the condition that the online information of the device to be networked is not received within the preset time, it is determined that the device to be networked does not access the network hotspot corresponding to the password information, and therefore, the second distribution network device is controlled to continue to send the password information to the second distribution network device again.
Optionally, determining whether online information of the device to be networked is received within a preset time; and under the condition that the online information of the equipment to be accessed is not received within the preset time, sending a third control instruction to the first distribution network equipment, wherein the third control instruction is used for indicating the first distribution network equipment to send the password information to the equipment to be accessed again.
In an exemplary embodiment, after the device to be networked is authenticated according to the first device certificate, if the authentication of the device to be networked by the first device certificate is not passed, it is determined that the device to be networked is an illegal device; and sending a fourth control instruction to the first distribution network device, wherein the fourth control instruction is used for indicating that the first distribution network device forbids sending password information to the device to be networked.
That is to say, in the process of authenticating the device to be networked, the cloud platform prohibits the first network distribution device from sending the password information to the device to be networked under the condition that the authentication of the device to be networked is not passed, wherein under the condition that the authentication of the device to be networked is not passed, fifth control information can be sent to all the network distribution devices under the account information corresponding to the first network distribution device, so as to control all the network distribution devices under the account information to prohibit the password information from being sent to the device to be networked.
In order to better understand the process of the method for sending the password information, the following describes a flow of the method for sending the password information with reference to an optional embodiment, but the flow is not limited to the technical solution of the embodiment of the present invention.
In this embodiment, a method for sending password information is provided, and fig. 3 is a schematic diagram of a method for sending password information according to an embodiment of the present invention, as shown in fig. 3, the following steps are specifically provided:
as shown in fig. 3, fig. 3 is a schematic diagram of a network access method of a device to be networked according to an alternative embodiment of the present invention, which is specifically as follows:
step S301: a device to be connected to a network (which is equivalent to the device to be connected to the network in the embodiment) sends a network distribution request to a first network distribution device;
step S302: the first distribution network equipment determines a first distance from the equipment to be distributed through a proximity sensing network;
step S303: under the condition that the first distance is smaller than a preset threshold value, the first distribution network equipment reports equipment information of the equipment to be distributed to the cloud platform;
step S304: the cloud platform acquires a device certificate of the device to be distributed, and bidirectional authentication is performed on the device certificate and the device to be distributed, so that the legality of the device to be distributed is ensured, and meanwhile, the device to be distributed is not connected to an illegal cloud platform;
step S305: the second distribution network equipment determines a second distance from the equipment to be distributed;
the position of the network equipment to be distributed is secondarily judged through more than two network equipment to be distributed, so that the positioning accuracy of the network equipment to be distributed can be improved, and the connection of equipment outside a set range is avoided.
Step S306: under the condition that the first distance and the second distance are both smaller than a preset threshold value, the second distribution network equipment sends an equipment certificate of the equipment to the cloud platform;
step S307: the cloud platform instructs the first network distribution device to send password information, such as SSID/password information, to the device to be networked;
step S308: the first distribution network equipment sends password information to the equipment to be distributed;
step S309: and the equipment to be distributed is connected with the wireless network hotspot through the password information.
By the embodiment, under the condition that the first distribution network equipment determines that the first distance between the equipment to be networked and the first distribution network equipment is smaller than the preset distance through the proximity sensing network, the first equipment certificate of the equipment to be networked, which is sent by the first distribution network equipment, is received; authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment; receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network; under the condition that the first equipment certificate is determined to be consistent with the second equipment certificate, indicating the first distribution network equipment to send password information to the equipment to be networked; the first distance between the first network distribution equipment and the equipment to be networked is determined through the proximity sensing network, the second distance between the second network distribution equipment and the equipment to be networked is indicated to send password information to the equipment to be networked under the condition that the first distance and the second distance are both smaller than the preset distance.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
In this embodiment, a sending apparatus for password information is provided, which is applied to the above-mentioned computer terminal, and is specifically applied to a cloud platform, and fig. 4 is a block diagram (one) of a structure of a sending apparatus for password information according to an embodiment of the present invention; as shown in fig. 4, includes:
the first receiving module 42 is configured to receive a first device certificate of the to-be-networked device sent by the first distribution network device when the first distribution network device determines, through the proximity sensing network, that a first distance between the to-be-networked device and the first distribution network device is smaller than a preset distance;
a determining module 44, configured to authenticate the device to be networked according to the first device certificate, and determine, in a case that the authentication of the device to be networked is passed, a second distribution network device bound to account information, where the account information is bound to the first distribution network device;
a second receiving module 46, configured to receive a second device certificate of the to-be-networked device sent by the second distribution network device when the second distribution network device determines, through a proximity sensing network, that a second distance between the second distribution network device and the to-be-networked device is smaller than the preset distance;
an instructing module 48, configured to instruct the first network distribution device to send password information to the device to be networked if it is determined that the first device certificate is consistent with the second device certificate.
By the above apparatus, the first receiving module 42 receives a first device certificate of the device to be networked, which is sent by the first distribution network device, when the first distribution network device determines, through the proximity sensing network, that the first distance between the device to be networked and the first distribution network device is smaller than the preset distance; the determining module 44 is configured to authenticate the device to be networked according to the first device certificate, and determine, when the authentication of the device to be networked is passed, a second distribution network device bound to account information, where the account information is bound to the first distribution network device; a second receiving module 46, configured to receive a second device certificate of the device to be networked, where the second distribution network device determines, through a proximity sensing network, that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance, where the second distribution network device sends the second device certificate of the device to be networked; an indicating module 48, configured to instruct the first network distribution device to send password information to the device to be networked, if it is determined that the first device certificate is consistent with the second device certificate; the first distance between the first network distribution device and the device to be networked is determined through the proximity sensing network, the second distance between the second network distribution device and the device to be networked is indicated to send password information to the device to be networked under the condition that the first distance and the second distance are both smaller than the preset distance, by adopting the technical scheme, the problems that the network distribution device is likely to be a device to be networked which does not belong to the same family as the network distribution device to be in network distribution and the like in the process of the network distribution device to be the device to be networked, and the accuracy of the network distribution device to be the device to be networked is improved.
The password information includes: a service set identification and a password; and under the condition that the first distance between the first network distribution equipment and the equipment to be networked is determined, the second distance between the second network distribution equipment and the equipment to be networked is smaller than the preset distance, and the cloud platform determines that the received first equipment certificate is consistent with the second equipment certificate, the first network distribution equipment is instructed to send a service set identifier and a password to the equipment to be networked, and the equipment to be networked performs networking according to the service set identifier and the password.
In an exemplary embodiment, the second receiving module is further configured to send a first control instruction to the second distribution network device, where the first control instruction is used to instruct the second distribution network device to determine, through a proximity-aware network, a second distance between the second distribution network device and the device to be networked, and a size relationship between the second distance and a preset distance; and receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distance is smaller than the preset distance as determined by the second distribution network device.
Specifically, the device to be networked broadcasts a distribution network request, wherein the distribution network request carries a first device certificate of the device to be networked, and the first distribution network device determines a first distance between the first distribution network device and the device to be networked through a proximity sensing network under the condition that the first distribution network device successfully receives the distribution network request sent by the device to be networked, wherein the proximity sensing network is a network based on a WiFI Neighbor aware Networking protocol and comprises the capability of determining the distance; the method comprises the steps that a first device certificate of a device to be networked is sent to a cloud platform under the condition that the first distance is determined to be smaller than a preset distance by a first distribution network device, account information bound by the first distribution network device and a second distribution network device bound by the account information are determined under the condition that the cloud platform determines that the device to be networked is a legal device according to the first device certificate, and a first control instruction is sent to the second distribution network device, so that the second distribution network device determines a second distance between the second distribution network device and the device to be networked through a proximity sensing network according to the first control instruction; and receiving a second device certificate of the device to be networked, which is sent by the second network distribution device, under the condition that the distance between the first network distribution device and the second network distribution device is smaller than the preset distance.
In an exemplary embodiment, fig. 5 is a block diagram of a structure of a transmitting apparatus of password information according to an embodiment of the present invention (ii); as shown in fig. 5, the above apparatus further includes: the authentication module 52 is further configured to decrypt the first device certificate through a target public key to obtain a device public key and a device signature of the device to be networked, where the target public key is a public key of an issuing authority of the first device certificate; decrypting the device signature according to the device public key to acquire the device information of the device to be networked; and authenticating the equipment to be accessed according to the equipment information.
That is to say, a target public key is obtained, the first device certificate is decrypted through the target public key, the device signature in the first device certificate is decrypted through the device public key in the first device certificate, and under the condition that the device information of the device to be accessed is obtained; and authenticating the equipment to be accessed according to the equipment information, and then completing one-time authentication of the equipment to be accessed by the cloud platform.
In an exemplary embodiment, the first receiving module is further configured to send an authentication request to the device to be networked, where the authentication request includes: a platform certificate of the cloud platform; and receiving a response result of passing the authentication sent by the equipment to be accessed under the condition that the equipment to be accessed successfully decrypts the platform certificate according to the target public key.
It should be noted that the cloud platform and the device to be networked need to perform bidirectional authentication, so as to ensure the validity of the device to be networked and simultaneously ensure that the device to be networked is not connected to an illegal cloud platform; the method comprises the steps that under the condition that a network to be accessed receives an authentication request sent by a cloud platform, a platform certificate of the cloud platform is obtained to determine whether an issuing mechanism of the platform certificate of the cloud platform is the same as an issuing mechanism of the platform certificate of a device to be accessed, under the condition that the platform certificate of the cloud platform is the same as the issuing mechanism of the platform certificate of the device to be accessed, a target public key of the issuing mechanism is used for successfully decrypting the platform certificate, and under the condition that the device to be accessed successfully decrypts the platform certificate according to the target public key, the cloud platform is determined to pass authentication, so that the reliability of the cloud platform and the device is guaranteed, and the communication safety is improved.
In an exemplary embodiment, the first receiving module is further configured to send a second control instruction to the first distribution network device, where the second control instruction is used to instruct the first distribution network device to send password information to the device to be networked; and receiving successfully-sent response information sent by the first distribution network equipment under the condition that the first distribution network equipment sends password information to the equipment to be accessed.
And under the condition that the equipment information in the first equipment certificate and the second equipment certificate is determined to be consistent, the fact that the first distribution network equipment and the second distribution network equipment receive distribution network requests from the same equipment to be accessed is indicated, and after the first equipment certificate and the second equipment certificate are determined to be consistent, the first distribution network equipment is controlled to send password information to the equipment to be accessed, and response information of successful sending or failed sending sent by the first distribution network equipment is received.
In an exemplary embodiment, the indicating module is further configured to determine whether online information of the device to be networked is received within a preset time; and under the condition that the online information of the equipment to be accessed is not received within the preset time, sending a third control instruction to the second distribution network equipment, wherein the third control instruction is used for indicating the second distribution network equipment to send the password information to the equipment to be accessed again.
That is to say, under the condition that the online information of the device to be networked is not received within the preset time, it is determined that the device to be networked does not access the network hotspot corresponding to the password information, and therefore, the second distribution network device is controlled to continue to send the password information to the second distribution network device again.
Optionally, the indicating module is further configured to determine whether online information of the device to be networked is received within a preset time; and under the condition that the online information of the equipment to be accessed is not received within the preset time, sending a third control instruction to the first distribution network equipment, wherein the third control instruction is used for indicating the first distribution network equipment to send the password information to the equipment to be accessed again.
In an exemplary embodiment, the indicating module is further configured to determine that the device to be networked is an illegal device when the authentication of the first device certificate on the device to be networked is not passed; and sending a fourth control instruction to the first distribution network device, wherein the fourth control instruction is used for indicating that the first distribution network device forbids sending password information to the device to be networked.
That is to say, in the process of authenticating the device to be networked, the cloud platform prohibits the first network distribution device from sending the password information to the device to be networked under the condition that the authentication of the device to be networked is not passed, wherein under the condition that the authentication of the device to be networked is not passed, fifth control information may also be sent to all the network distribution devices under the account information corresponding to the first network distribution device, so as to control all the network distribution devices under the account information to prohibit the sending of the password information to the device to be networked.
An embodiment of the present invention further provides a storage medium including a stored program, where the program executes the method of any one of the above.
Alternatively, in the present embodiment, the storage medium may be configured to store program codes for performing the following steps:
s1, receiving a first device certificate of a device to be networked, which is sent by a first distribution network device, under the condition that the first distribution network device determines that a first distance between the device to be networked and the first distribution network device is smaller than a preset distance through a proximity sensing network;
s2, authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment;
s3, receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network;
and S4, under the condition that the first equipment certificate is consistent with the second equipment certificate, indicating the first distribution network equipment to send password information to the equipment to be networked.
Embodiments of the present invention also provide an electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
s1, receiving a first device certificate of a device to be networked, which is sent by a first distribution network device, under the condition that the first distribution network device determines that a first distance between the device to be networked and the first distribution network device is smaller than a preset distance through a proximity sensing network;
s2, authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment;
s3, receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network;
and S4, under the condition that the first equipment certificate is consistent with the second equipment certificate, indicating the first distribution network equipment to send password information to the equipment to be networked.
Optionally, in this embodiment, the storage medium may include, but is not limited to: various media capable of storing program codes, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the principle of the present invention shall be included in the protection scope of the present invention.
Claims (10)
1. A method for sending password information is applied to a cloud platform, and is characterized by comprising the following steps:
the method comprises the steps that under the condition that first distribution network equipment determines that a first distance between equipment to be networked and the first distribution network equipment is smaller than a preset distance through a proximity sensing network, a first equipment certificate of the equipment to be networked, which is sent by the first distribution network equipment, is received;
authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment;
receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that a second distance between the second distribution network device and the device to be networked is smaller than the preset distance through a proximity sensing network;
and under the condition that the first equipment certificate is determined to be consistent with the second equipment certificate, indicating the first distribution network equipment to send password information to the equipment to be networked.
2. The method for sending the password information according to claim 1, wherein receiving the second device certificate of the device to be networked sent by the second network distribution device comprises:
sending a first control instruction to the second distribution network device, wherein the first control instruction is used for instructing the second distribution network device to determine a second distance between the second distribution network device and the device to be networked and a size relationship between the second distance and a preset distance through a proximity sensing network;
and receiving a second device certificate of the device to be networked, which is sent by the second distribution network device, under the condition that the second distribution network device determines that the size relationship indicates that the second distance is smaller than the preset distance.
3. The method for sending the password information according to claim 1, wherein authenticating the device to be networked according to the first device certificate includes:
decrypting the first equipment certificate through a target public key to obtain an equipment public key and an equipment signature of the equipment to be networked, wherein the target public key is a public key of an issuing organization of the first equipment certificate;
decrypting the device signature according to the device public key to acquire the device information of the device to be networked;
and authenticating the equipment to be accessed according to the equipment information.
4. The method according to claim 3, wherein after authenticating the device to be networked according to the first device certificate, the method further includes:
sending an authentication request to the device to be networked, wherein the authentication request comprises: a platform certificate of the cloud platform;
and receiving a response result of passing the authentication sent by the equipment to be accessed under the condition that the equipment to be accessed successfully decrypts the platform certificate according to the target public key.
5. The method of transmitting cryptographic information of claim 1, wherein after determining that the first device certificate is consistent with the second device certificate, the method further comprises:
sending a second control instruction to a first network distribution device, wherein the second control instruction is used for indicating the first network distribution device to send password information to the device to be networked;
and receiving successfully-sent response information sent by the first distribution network equipment under the condition that the first distribution network equipment sends password information to the equipment to be accessed.
6. The method according to claim 5, wherein after receiving the response message of successful transmission sent by the first network distribution device, the method further comprises:
determining whether online information of the equipment to be networked is received within preset time;
and under the condition that the online information of the equipment to be accessed is not received within the preset time, sending a third control instruction to the second distribution network equipment, wherein the third control instruction is used for indicating the second distribution network equipment to send the password information to the equipment to be accessed again.
7. The method according to claim 1, wherein after authenticating the device to be networked according to the first device certificate, the method further includes:
determining that the device to be accessed is illegal under the condition that the authentication of the first device certificate on the device to be accessed is not passed;
and sending a fourth control instruction to the first distribution network device, wherein the fourth control instruction is used for indicating that the first distribution network device forbids sending of password information to the device to be networked.
8. An apparatus for transmitting password information, comprising:
the first receiving module is used for receiving a first device certificate of the equipment to be networked, which is sent by the first distribution network equipment, under the condition that the first distribution network equipment determines that the first distance between the equipment to be networked and the first distribution network equipment is smaller than the preset distance through the proximity sensing network;
the determining module is used for authenticating the equipment to be accessed according to the first equipment certificate, and determining second distribution network equipment bound with account information under the condition that the equipment to be accessed is authenticated, wherein the account information is bound with the first distribution network equipment;
a second receiving module, configured to receive a second device certificate of the device to be networked, where the second network distribution device determines, through a proximity awareness network, that a second distance between the second network distribution device and the device to be networked is smaller than the preset distance, where the second network distribution device is sent by the second network distribution device;
and the indicating module is used for indicating the first network distribution device to send password information to the device to be networked under the condition that the first device certificate is consistent with the second device certificate.
9. A computer-readable storage medium, comprising a stored program, wherein the program is operable to perform the method of any one of claims 1 to 7.
10. An electronic device comprising a memory and a processor, characterized in that the memory has stored therein a computer program, the processor being arranged to execute the method of any of claims 1 to 7 by means of the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111123104.8A CN115866597A (en) | 2021-09-24 | 2021-09-24 | Method and device for sending password information, storage medium and electronic device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111123104.8A CN115866597A (en) | 2021-09-24 | 2021-09-24 | Method and device for sending password information, storage medium and electronic device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115866597A true CN115866597A (en) | 2023-03-28 |
Family
ID=85652596
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111123104.8A Pending CN115866597A (en) | 2021-09-24 | 2021-09-24 | Method and device for sending password information, storage medium and electronic device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115866597A (en) |
-
2021
- 2021-09-24 CN CN202111123104.8A patent/CN115866597A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3800909B1 (en) | Remote management method, and device | |
| CN110602691B (en) | Mobile communication method and device based on block chain network | |
| CN106332085B (en) | Configuration method of WIFI network of Internet of things, Internet of things terminal and routing terminal | |
| CN108476223B (en) | Method and apparatus for SIM-based authentication of non-SIM devices | |
| KR101743195B1 (en) | Method and apparatus for providing information, program and recording medium | |
| CN111865872B (en) | Method and equipment for realizing terminal security policy in network slice | |
| CN113423105B (en) | Network connection method and device | |
| CN102104869A (en) | Secure subscriber identity module service | |
| CN110545252B (en) | Authentication and information protection method, terminal, control function entity and application server | |
| CN112822756B (en) | Communication method, system, base station and terminal | |
| CN110708164B (en) | Control method and device for Internet of things equipment, storage medium and electronic device | |
| WO2018107718A1 (en) | Method and device for assigning number to intelligent card over air | |
| CN112913263A (en) | Method and apparatus for handling remote profile management exceptions | |
| CN112040484A (en) | Password updating method and device, storage medium and electronic device | |
| US11832348B2 (en) | Data downloading method, data management method, and terminal | |
| CN107548054B (en) | Master-slave equipment switching method of eSIM card, slave equipment and eSIM card management server | |
| EP3852414A1 (en) | Data processing method and data processing device thereof | |
| CN113595992B (en) | Secure binding method and system, storage medium and electronic device | |
| CN107710673B (en) | User identity authentication method and device | |
| CN104883682A (en) | WIFI hotspot connecting and selecting method, communication terminal and system | |
| CN116347656A (en) | Bluetooth encryption connection method and device and electronic equipment | |
| CN114338132B (en) | Secret-free login method, client application, operator server and electronic equipment | |
| CN115866597A (en) | Method and device for sending password information, storage medium and electronic device | |
| CN113709849A (en) | Network access method and device of equipment to be accessed to network, storage medium and electronic device | |
| CN111770488B (en) | EHPLMN updating method, related equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |