Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L61/00—Network arrangements, protocols or services for addressing or naming
  • H04L61/45—Network directories; Name-to-address mapping
  • H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
  • H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]

Definitions

• the present invention relates to a method of exchanging data between a connected object and a central server. More particularly, the method relates to an exchange method using a Wi-Fi access point.
• the exchange comprises at least the sending of information by the object to the central server, without necessarily requiring feedback from the central server to said object.
• connected object is meant any information processing device comprising means of connection to a data communication network.
• a connected object is typically mobile, that is to say likely to connect to the communication network from various geographical positions. Although not strictly required by the invention, it makes sense in the context of mobile connected objects.
• Such a connected object can connect to the communication network according to any connection technology ranging from wired technologies such as Ethernet to all wireless technologies, that is to say using a radio connection technology such as Bluetooth, Zigbee, Wi-Fi, WiMAX or others.
• a radio connection technology such as Bluetooth, Zigbee, Wi-Fi, WiMAX or others.
• FIG. 1 illustrates a Wi-Fi connection between a connected object and a central server.
• a connected object 1.1 establishes a connection according to the Wi-Fi protocol with a Wi-Fi access point 1.2.
• the Wi-Fi access point is connected to the communication network 1.3 of an Internet service provider, also called operator, which operates the access point 1.2.
• the network 1.3 of the operator is itself connected to Internet 1.4, network to which 1.5 servers are also connected.
• the connections between the access point 1.2 and the network of the operator, as well as between the latter and the Internet can use any type of technology. These are typically high speed wired Ethernet or fiber optic connections.
• the Wi-Fi enabled connected object scans its radio environment and detects the access point. This results in an exchange phase at the MAC (Media Access Control) level to establish communication with the access point.
• the connected object receives once this first connection established, an IP (Internet Protocol in English) configuration, typically according to the DHCP protocol (Dynamic Host Configuration Protocol in English).
• IP Internet Protocol in English
• DHCP Dynamic Host Configuration Protocol in English
• This configuration contains an IP address, a subnet mask, the address of a gateway to allow the routing of IP packets, as well as the address of a name server, DNS (Domain Name Server) for the resolution of the names plus any additional parameters.
• DNS Domain Name Server
• the connected object then configures its IP interface with the received parameters. Therefore, it can communicate with any device connected to the network using any type of IP-based protocol, such as establishing a Web connection using the HTTP protocol (Hyper Text Transfer Protocol in English).
• connection at the MAC level between the connected object and the access point may be subject to different authentication modes.
• any Wi-Fi enabled information processing device is allowed to connect to the access point.
• a connected object can thus use an open access point without having to have any particular authentication information.
• the connection is subject to an authentication protocol, typically on the basis of a login name (login) and a password.
• the object must then have this login name and password to establish the connection with the access point.
• the communication between the connected object and the access point is then encrypted using this information.
• Several authentication and encryption protocols can be implemented possessing various levels of security. We can mention, for example, protocols such as WEP (Wired Equivalent Privacy in English), WPA (Wi-Fi Protected Access in English) or WPA2, a variant of the previous protocol. This mode of authentication therefore requires registration with the operator and obtaining a login name and password to be able to connect to the access point.
• the authentication is then managed by the operator typically using an authentication server such as a RADIUS server (Remote Authentication Dial-in User Service).
• RADIUS server Remote Authentication Dial-in User Service
• HTTP HyperText Transfer Protocol
• UAM Universal Access Method
• the connection at the MAC level is open, ie the connected object can always connect to the access point. But once connected, he can not access services on the Internet because the communication ports are blocked.
• a connected object wishing to exchange information with a central server is therefore obliged to implement a relatively heavy TCP / IP connection procedure with this server. Except for negotiating registration with operators providing Wi-Fi access, only open access points may be used. These open access points are rare because legal obligations of traceability tend to make them disappear in favor of secure access by authentication.
• the present invention aims to solve the aforementioned drawbacks.
• the information is exchanged between the connected object and the central server by means of a name resolution request (DNS) from a domain name server specific to the domain to which the central server belongs.
• DNS name resolution request
• This name server is adapted to interpret the useful information transmitted in the request and possibly respond by introducing the information in return in the response to the DNS query.
• the term "request” must be understood in a wider sense than conventionally known, insofar as it does not necessarily require a feedback of information. the share of the central server in response to the object being the origin of the request.
• the exchange of information via a DNS query according to the invention is possible with an access point opened or protected by an HTTP authentication. Only access points protected by encrypted authentication can be used unless you have the necessary authentication credentials.
• the invention relates to a method for exchanging specific information between a connected object and a central server comprising the following steps performed by said connected object having a Wi-Fi interface:
• the method further comprises:
• the method according to the invention advantageously makes it possible to connect mobile objects via Wi-Fi via the central server when they pass close to any hotspot. or access point of an Internet Service Provider (ISP), provided that the object remains in the radio coverage area of the hotspot for at least 100 ms after establishing the radio connection at the MAC level with that latest.
• ISP Internet Service Provider
• the method according to the invention advantageously makes it possible to connect objects in any region having hotspots of an ISP, that is to say in practice worldwide, without the need to have previously concluded agreements of the type roaming with these.
• the specific information sent by the object relates to a service related to the connected object and to a function of said object.
• the method further comprises a step of receiving a DNS response transmitted by said central server and containing information in response to the specific information transmitted in the DNS request.
• the object can send to the server specific information that is to say not related to the process of obtaining an IP address by the object from the central server according to the DNS protocol.
• the information in response is transmitted in the "RDATA" field of a resource record of the DNS response.
• the specific information is coded in the form of a sequence of labels concatenated to the dedicated subdomain.
• the specific information is distributed and transmitted via a plurality of DNS requests.
• the invention also relates to a method for exchanging specific information between a connected object and a central server comprising the following steps executed by said central server:
• said specific information relates to a service related to the connected object and to a function of said object.
• the method furthermore comprises:
• the central server transmits information specific to the object to allow an exchange with the object at the origin of the request.
• the information in response is transmitted in the "RDATA" field of a resource record of the DNS response.
• This feature is particularly advantageous in that the sending of the information in response is achieved without using conventional connection ports, which are closed in a link that has not yet resolved its membership in an Access Provider. Internet.
• the response information is sent through the port 53 serving the Domain Name Resolution Service (DNS), which remains open.
• DNS Domain Name Resolution Service
• the extracted specific information is coded in the form of a label sequence concatenated to the dedicated subdomain.
• This feature advantageously makes it possible to identify a frame as a hierarchical sequence of subdomains which will direct the frame (via the delegation of address) to the specific server for the specific processing. By managing this hierarchy, we can direct the frame to one or more specific servers executing different and appropriate treatments.
• the invention also relates to a connected object adapted for implementing the method according to the invention.
• the invention also relates to a computer program comprising instructions adapted to the implementation of each of the steps of the method according to the invention when said program is executed on a computer.
• the invention also relates to an information storage means, removable or not, partially or completely readable by a computer or a microprocessor comprising code instructions of a computer program for executing each of the steps of the method according to the invention. the invention.
• steps of the above method are determined by computer program instructions.
• the invention also relates to a computer program on an information medium, this program being capable of being implemented by a microprocessor, this program comprising instructions adapted to the implementation of the steps of the method such as than mentioned above.
• This program can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other form desirable shape.
• the invention also relates to a microprocessor-readable information medium, comprising instructions of a computer program as mentioned above.
• the information carrier may be any entity or device capable of storing the program.
• the medium may comprise storage means, such as a ROM, for example a microcircuit ROM, or a magnetic recording means, for example a hard disk, or a flash memory.
• the information medium may be a transmissible medium such as an electrical or optical signal, which may be conveyed via an electrical or optical cable, by radio or by other means.
• the program according to the invention may in particular be downloaded to a storage platform of an Internet type network.
• the information carrier may be an integrated circuit in which the program is incorporated, the circuit being adapted to execute or to be used in the execution of the method in question.
• the aforementioned information carrier and computer program have characteristics and advantages similar to the method they implement.
• Figure 1 illustrates a Wi-Fi connection between a connected object and a central server
• Figure 2 illustrates the hierarchy of domain names
• FIG. 3 illustrates an exemplary embodiment of the data exchange according to the invention between a connected object and a central server
• FIG. 4 is a schematic block diagram of an information processing device for implementing one or more embodiments of the invention.
• An Internet address is assigned to each network interface connecting an information processing device to the Internet regardless of the connection technology used.
• Two address formats coexist, IPv4-based addresses consisting of four bytes, for example "192.168.10.5" and IPv6-based addresses consisting of 16 bytes. These addresses are used by all IP-based protocols for machine-to-machine communication. However, they are not easily memorized and manipulated by a human. That's why humans refer to machines using domain names.
• DNS Domain Naine System
• a service called Domain Naine System (DNS) resolution allows you to translate a domain name into an IP address and conversely to translate an IP address into a domain name. This service is described in Request for Comment (RFC) Number 1035.
• DNS Domain Naine System
• Domain names are organized hierarchically and take the form of any number of subdomains separated by periods. For example, the domain “www.apple.com” breaks down hierarchically into “com” which is the main domain, “apple” which refers to the highest level subdomain and “www” which refers to the level subdomain inferior.
• This domain name designates a commercial service, domain "com”, belonging to the company Apple (registered trademark), sub-domain “apple”, and refers to the web service of this company, subdomain "www”.
• domain “ftp.dept-physics.universes.edu” refers to the file transfer service, sub-domain “ftp”, of the physics department, subdomain “dept-physics", of the University of Rennes, sub-domain “univ-rennes”, the latter being an educational entity, domain "edu”.
• DNS server provides the IP address corresponding to a domain. For example, when you type the domain "www.apple.com” in a web browser, it starts by making a DNS request to a DNS server that has the IP address in its configuration to obtain the IP address of the Apple web service. It is only then that it is able to send an HTTP request to the latter by using this IP address.
• Figure 2 illustrates the hierarchy of domain names.
• node 2.2 represents the “com” domain.
• the subdomains of the domain “com” appear as child nodes of the node “com” 2.2.
• the node 2.3 represents, for example, the subdomain "apple” and the child node 2.4, the subdomain "www”.
• All Internet domain names can be represented as a huge tree.
• the organization of the name resolution service, or DNS service reflects this hierarchical tree structure of domain names.
• root DNS servers to which requests for resolution of a domain name are addressed.
• DNS servers in charge of different subtrees of the tree of domain names.
• a request to resolve the domain name "www.apple.com” will be directed to a root DNS server corresponding to the root node 2.1.
• This root server will extract the top-level domain “com” and relay the request to a name server in charge of the domain "com” corresponding to the node 2.2 of the tree.
• this server will extract the top-level subdomain "apple” and will relay the request to the name server of the Apple company, corresponding to the node 2.3 of the tree.
• the latter in charge of the addresses of the computers of the company, can answer the request by giving the IP address corresponding to the subdomain "www".
• the response will then be transmitted via the different DNS servers until the origin of the request.
• a cache system is maintained on each DNS server to store the latest requests and their responses.
• the information thus stored in the cache DNS servers have a limited lifetime called TTL ⁇ Time To Live in English).
• This lifetime is set by the lower level DNS server.
• Apple's DNS server might set a lifetime of one day for name information for its subdomain.
• Wi-Fi access points implementing an HTTP authentication mode have their communication ports closed, their opening being subjected to the success of an authentication procedure via an authentication WEB page.
• the inventors have however noticed that the dedicated port address resolution service, specifically the port 53 dedicated to the DNS is open.
• the central server receiving the exchange with the connected object implements a DNS server dedicated to the communication with the connected objects.
• This server manages a specific subdomain, call the "service-oc" for connected objects service, and registers for this management with a third party DNS server to which it is attached.
• the central server is managed by an Internet service provider "fai”
• the sub-domain managed by the DNS server of the connected objects service could be the sub-domain "service-oc”.
• any DNS request for a sub-domain of the sub-domain "service-oc.fai.com” will be relayed by the DNS servers to be solved, in fine, by the dedicated DNS server implemented on the central server recipient of the exchange .
• Such a subdomain takes the form "XXX.service-oc.fai.com” where "XXX” can be a null string where any number of subdomain labels are separated by periods.
• the subdomain string "XXX” will therefore typically have the form:
• Label l.label2 labelN each label having not more than 63 characters and being limited to 7-bit ASCII characters, a complete domain name string not exceeding 255 characters.
• the amount of specific information to be transmitted exceeds the capacity of a domain name, it can be transmitted in the form of a plurality of DNS requests.
• the specific information is then distributed in all of these DNS requests as previously described.
• a connected object wishing to communicate specific information to the central server can therefore encode this information in a subdomain chain of the "label l.label2 labelN" type, concatenate this string containing the information to be transmitted to the sub-domain of the connected objects service.
• "Service-oc.fai.com” and send a DNS request requesting the resolution of the subdomain resulting from this concatenation.
• Specific information is understood as information not related to the standard operation of the name resolution service. This information is specific in the sense that it relates to the service related to the connected object and its function.
• the object may include one or more sensors capable of measuring physical or physicochemical quantities, such as acceleration, speed, temperature, atmospheric pressure, the concentration of chemical compounds such as fine particles in the atmosphere , optical power or brightness, fluid flow, power and voltage and / or electrical current, etc.
• sensors capable of measuring physical or physicochemical quantities, such as acceleration, speed, temperature, atmospheric pressure, the concentration of chemical compounds such as fine particles in the atmosphere , optical power or brightness, fluid flow, power and voltage and / or electrical current, etc.
• the object can also calculate one or more parameters from the quantities measured by the sensors, such as an indicator of the quality of the air and / or water, or a pollution indicator, etc.
• the object may have the function of reporting to a server the quantities measured by these sensors, or one or more of these parameters.
• the specific information may comprise measurements and / or parameters related to these measurements, i.e. calculated from values measured by the sensors associated with the object.
• the object may have the function of counting events, such as the number of times the object passes or leaves a particular location, the number of times an element connected to the object is in motion, the number of times the object is powered / unpowered.
• the sending of specific information can be done when exceeding a predetermined threshold, in a clocked manner or when unauthorized movement is detected.
• Other indicators may also be associated with this specific information, such as time and / or geographical location indicators.
• the object will determine the time and location of a shock whose amplitude threshold is defined.
• a service linked to the object may consist of sending in the form of concatenated labels any specific information that may include, for example:
• - data provided by the sensors such as temperature, vibration, acceleration, speed, strain gages, power, voltage and / or intensity electric, atmospheric pressure, flow of fluids, luminous or luminous intensity, opening or closing of doors or valves, composition and measurements of chemical pollution, and more generally all values of physical and / or physical quantities -chemical provided by technical sensors;
• radio environment data and in particular GSM data, such as data relating to operators of the ISM band ⁇ Industry, Science and Medical), Wi-Fi and MAC addresses, for example, with a view to geolocation by approximation with a database ;
• a geographical position provided by satellite eg GPS, Galileo, etc.
• other consumption-based geolocation means adapted to connected objects, such as LoRa or Sigfox technologies, or distance measurement systems using transponders "or hyperbolic localization;
• These messages can usefully include an identifier of the object and be time stamped and / or numbered.
• these messages may be transmitted by any radio access point or hotspot without the need for identification or authentication data (eg login and password), in order to achieve natively (ie excluding any agreement with a regional ISP) a worldwide connection.
• identification or authentication data eg login and password
• the dedicated DNS server implemented on the Exchange Recipient Central Server is a standard DNS server except that it is adapted to retrieve the subdomain string when it receives a resolution request for a subdomain. This string is then passed to the recipient service on the central server.
• the information can be transmitted for effective processing by a another server connected to the central server. It is then considered that the information exchange takes place between the connected object and the server hosting the dedicated DNS server independently of the processing of the information subsequently transmitted.
• a connected object can transmit information in the form of a DNS query to the central server.
• the messages exchanged according to the name resolution protocol as defined in the RFC 1035 standard contain resource records called RRs (for Resource Record in English). These RRs are contained in both DNS queries and responses to these queries. These RRs contain a data field (RDATA) and a field length (RDLENGTH) which make it possible to encode any useful complementary information in a DSN message.
• RDATA data field
• RDLENGTH field length
• a DNS message can have up to 3 RRs including an additional RR to transmit additional information.
• this information when a response information transmission is required from the central server to the connected object having made the request, this information may be encoded in this additional RR, for example.
• This information is then transmitted by returning the central server to the connected object in the form of a DNS response sent by the dedicated DNS server and adapted to the connected objects service.
• This response is relayed by the entire chain of DNS servers until it reaches the connected object.
• the lifetime of the response is set by the RR TTL field. This lifetime is advantageously set to 0 to prevent the different DNS servers to memorize the response in their cache. Indeed, a memorization in the cache of a Intermediate DNS server between the connected object and the central server results in a new request with the same subdomain name not reaching the central server and responding to the response stored in the cache.
• FIG. 3 illustrates an exemplary embodiment of the data exchange according to the invention between a connected object and a central server.
• the connected object scans its radio environment to detect an access point. When it finds an access point, it starts the connection process at the MAC level with the access point by sending a connection request in a step 3.2.
• This request typically contains a request for IP connection parameters according to the DHCP protocol.
• This connection attempt may succeed or fail.
• step 3.3 a test on the success of the connection is made. If the connection failed, the process ends with the final step 3.4. If successful, the connection is established. The success of the connection typically depends, as we have seen, on the authentication mode implemented by the access point.
• the connection at the MAC level succeeds.
• the connection request must contain a shared secret necessary to establish the encrypted connection between the connected object and the access point. In this case, except that the connected object knows this secret, the connection fails.
• the connected object When the connection is established, the connected object has received an IP configuration from the access point and configured its Wi-Fi interface using the received parameters. A IP-level dialogue can therefore be initiated between the connected object and the access point.
• an open access point access by any protocol to destinations beyond the access point is possible.
• the communication ports of the access point are closed to communications from the connected object waiting for successful authentication via a web page. Only the port 53 dedicated to the name resolution service is open.
• the connected object issues a DNS request, step 3.5, containing the information to be transmitted as seen above concatenated to the sub-domain corresponding to the connected objects service.
• This request is then relayed to the dedicated DNS server and adapted to the central server receiving the exchange.
• This server extracts the information transmitted for its use by the server.
• the dedicated DNS server receives information from an object and records the received frame in a database.
• This frame includes, for example, the identifier of the object, a time stamp (i.e. time stamp in English), location elements and sensor measurement elements embedded on the object.
• This database is shared with multiple application servers. Such servers are for example adapted to send notifications by email, in the case where certain measured quantities exceed predefined critical thresholds. This is particularly advantageous in the context of geofencing applications to prevent a third party that the object leaves a geographical surveillance area.
• this response is elaborated by the central server and then transmitted to the dedicated DNS server and adapted for transmission integrated in the response of the DNS server to the received request. It is emphasized that this response step is optional, depending on the application considered, it may not be necessary.
• the object In general, if no change in the behavior of the object is desired (eg change in the value of the critical thresholds or the rate of the items), the answer is not necessary.
• the object in order to make it possible to modify the behavior of the object, the object is adapted to systematically wait for a response during a previously set time window. This response to the DNS request is then relayed by the intermediate DNS servers to be finally received by the connected object in step 3.6.
• the exchange phase then ends with the final step 3.7.
• an exchange, possibly bidirectional, of information is implemented between a connected object and a central server. This exchange is fast because it does not require the establishment of a connection between the object and the server.
• the delay for sending the useful information is typically 50 to 100 ms against 2 to 3 s in the classic case using an HTTP request and the transmission of HTLM pages.
• the method according to the invention eliminates the sending by the object of an HTTP request whose duration is typically between 100 and 800 ms, the redirection of the request HTTP to the portal of the ISP (typically lasting 300 to 800 ms), the receipt by the object of the HTML pages necessary to enter the login and password of the user, sending the HTML page containing the login and password of the user with acceptance of the terms and conditions, if any, of the receipt of this page for identification of the user.
• the classical solution it is only after being identified / authenticated that the user can transmit his useful data.
• a connection waiting of the order 5 to 10 s is noted by the user before proceeding to the transmission of its useful data.
• a mobile phone ie moving object
• traveling at a speed of 25 m / s or 90 km / h rarely remains for several seconds in the radio coverage area of a Wi-Fi access point.
• the moving object since the moving object remains at least 100 ms in this coverage area, it can transmit specific information to the central server.
• FIG. 4 is a schematic block diagram of an information processing device 4.0 for implementing one or more embodiments of the invention.
• the information processing device 4.0 may be a peripheral such as a microcomputer, a workstation or a mobile telecommunication terminal.
• the device 4.0 comprises a communication bus connected to:
• a central processing unit 4.1 such as a microprocessor, denoted CPU
• a random access memory 4.2 denoted RAM
• the memory capacity thereof may be supplemented by an optional RAM connected to an extension port, for example;
• ROM read-only memory
• computer programs for implementing the embodiments of the invention
• a network interface 4.4 is normally connected to a communication network on which digital data to be processed are transmitted or received.
• the network interface 4.4 may be a single network interface, or composed of a set of different network interfaces (eg wired and wireless, interfaces or different types of wired or wireless interfaces). Data packets are sent on the network interface for transmission or are read from the network interface for reception under the control of the software application executed in the processor 4.1;
• a user interface 4.5 for receiving entries from a user or for displaying information to a user
• the executable code can be stored in a read-only memory 4.3, on the storage medium 4.6 or on a removable digital medium such as for example a disk.
• the executable code of the programs can be received by means of a communication network, via the network interface 4.4, in order to be stored in one of the storage means of the communication device 4.0, such as the storage medium 4.6, before being executed.
• the central processing unit 4.1 is adapted to control and direct the execution of the instructions or portions of software code of the program or programs according to one of the embodiments of the invention, instructions which are stored in one aforementioned storage means. After power-up, the CPU 4.1 is able to execute instructions stored in the main RAM 4.2, relating to a software application, after these instructions have been loaded from the ROM for example. Such software, when executed by the processor 4.1, causes the steps of the flowcharts shown in Figure 3 to be executed.
• the apparatus is a programmable apparatus that uses software to implement the invention.
• the present invention may be implemented in the hardware (for example, in the form of a specific integrated circuit or ASIC).

Landscapes

• Engineering & Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Mobile Radio Communication Systems (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=57045059

Family Applications (1)

Country Status (3)

Family Cites Families (3)

• 2016
  • 2016-05-25 FR FR1654688A patent/FR3052004B1/fr not_active Expired - Fee Related
• 2017
  • 2017-05-22 EP EP17729785.0A patent/EP3466038A1/de not_active Withdrawn
  • 2017-05-22 WO PCT/EP2017/062212 patent/WO2017202743A1/fr unknown

Also Published As

Similar Documents

Legal Events