WO2016127313A1 - Home cloud service management method and device - Google Patents

Home cloud service management method and device Download PDF

Info

Publication number
WO2016127313A1
WO2016127313A1 PCT/CN2015/072657 CN2015072657W WO2016127313A1 WO 2016127313 A1 WO2016127313 A1 WO 2016127313A1 CN 2015072657 W CN2015072657 W CN 2015072657W WO 2016127313 A1 WO2016127313 A1 WO 2016127313A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
control
device end
user
download
Prior art date
Application number
PCT/CN2015/072657
Other languages
French (fr)
Chinese (zh)
Inventor
邓兵野
徐思林
阳胜军
杨政
Original Assignee
深圳好视网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳好视网络科技有限公司 filed Critical 深圳好视网络科技有限公司
Priority to PCT/CN2015/072657 priority Critical patent/WO2016127313A1/en
Publication of WO2016127313A1 publication Critical patent/WO2016127313A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing

Definitions

  • the invention belongs to the field of cloud storage technologies, and in particular, to a home cloud service management method and device.
  • Existing home data is often stored on a network U disk or a network hard disk.
  • the prior art home cloud storage system cannot effectively manage and control the storage system, and the security performance cannot be guaranteed.
  • the purpose of the embodiments of the present invention is to provide a home cloud service management system, which aims to solve the problem that the prior art home cloud storage system cannot effectively manage and control the storage system, and the security performance cannot be guaranteed.
  • a first aspect of the embodiments of the present invention provides a method for managing a home cloud service, where the method includes:
  • the control end generates a session key, encrypts the session key by using a known public key, generates a ciphertext, and sends the ciphertext to the server, so that the server uses a private key to encrypt the secret key. Decrypting the text to obtain the session key;
  • the control end sends an authentication request encrypted by the session key to the server, where the authentication request includes a user account and password information, so that the server decrypts the encrypted authentication request by using the obtained session key.
  • the user is authenticated according to the account and password information obtained by decryption.
  • a second aspect of the embodiments of the present invention provides a home cloud service management apparatus, where the apparatus includes:
  • An authentication unit configured to send a user authentication request to the server, so that the server authenticates the user according to the user authentication request;
  • a receiving unit configured to receive an authentication result returned by the server, and receive, after the authentication result is successful, the device end identifier information returned by the server;
  • An operation unit configured to send, by using a server, an access, control, or management instruction to the device end having the device end identification information, so that the device end performs corresponding access and control according to the access, control, or management instruction. Or management operations;
  • the authentication unit includes:
  • a key agreement module generating a session key, encrypting the session key with a known public key, generating a ciphertext, and transmitting the ciphertext to the server, so that the server uses a private key Decrypting the ciphertext to obtain the session key;
  • An authentication module configured to send, to the server, an authentication request encrypted by the session key, where the authentication request includes a user account and password information, so that the server decrypts the encrypted authentication request by using the obtained session key And authenticate the user according to the account and password information obtained by decryption.
  • control end performs login authentication and authority control through the server, and after the authentication is passed, the server sends an access, control, or management instruction to the device end having the device end identification information, so that the device end Corresponding access, control or management operations are performed in response to access, control or management instructions of the control terminal.
  • the user can manage and control the remote private device at any time and perform corresponding operations. For example, the user can download the resource of interest as desired, and the operation is simple, convenient, and private. In addition, through the proprietary private device at home. The storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
  • FIG. 1 is a schematic structural diagram of a home cloud service management system according to Embodiment 1 of the present invention.
  • FIG. 2 is a structural diagram of a home cloud service management system according to Embodiment 1 of the present invention.
  • FIG. 3 is a schematic structural diagram of a server in a home cloud service management system according to Embodiment 1 of the present invention.
  • FIG. 4 is a flowchart of an implementation of a method for managing a home cloud service according to Embodiment 2 of the present invention.
  • FIG. 5 is a flowchart of an implementation of a method for managing a home cloud service according to Embodiment 3 of the present invention.
  • FIG. 6 is a flowchart of an implementation of a home cloud service management method according to Embodiment 4 of the present invention.
  • FIG. 7 is a flowchart of an implementation of a home cloud service management method according to Embodiment 5 of the present invention.
  • FIG. 8 is a structural diagram of a home cloud service management apparatus according to Embodiment 6 of the present invention.
  • FIG. 9 is a structural diagram of a home cloud service management apparatus according to Embodiment 7 of the present invention.
  • FIG. 10 is a structural diagram of a home cloud service management apparatus according to Embodiment 8 of the present invention.
  • the embodiment of the present invention provides a home cloud service management system, where the control end performs login authentication and authority control through a server, and after the authentication is passed, sends, by the server, access, control, or management to the device end having the device end identification information.
  • the user can manage and control the remote private device at any time and perform corresponding operations. For example, the user can download the resource of interest as desired, and the operation is simple, convenient, and private.
  • the storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
  • FIG. 1 is a schematic structural diagram of a home cloud service management system according to the embodiment, where the system includes: a control terminal, a server, and a device end, wherein the control terminal performs login authentication through a service server in any place where the Internet can be accessed. And then communicate with the device side to control functions such as downloading and file management on the device side; the server is deployed in the Internet to provide functions such as login authentication and permission control; and the device is configured to set up a private device at home in the home.
  • the device end stands by for a long time, and after each startup, automatically finds a server deployed in the Internet to perform an online action.
  • FIG. 2 is a structural diagram of a home cloud service management system according to Embodiment 1 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown, wherein the system includes : control terminal 21, server 22 and device terminal 23, wherein:
  • the control end 21 is configured to send a user authentication request to the server, so that the server authenticates the user, and receives an authentication result returned by the server, and when the authentication result is successful, the receiving server returns
  • the device end identifies information, and sends an access, control, or management instruction to the device end having the device end identification information through a server to access, control, or manage the device end.
  • the control terminal can be three types: an android platform, an iOS platform, and a windows system platform.
  • control terminal may be a portable mobile device, for example, a mobile phone, an iPad, or the like.
  • the server 22 is configured to receive a user authentication request sent by the control terminal, and perform authentication on the user according to the user authentication request. After the authentication result is successful, according to the pre-stored user information and the device end. Identifying the correspondence between the information, searching for the device end identification information corresponding to the user, and sending the device end identification information to the control end currently used by the user, and forwarding the access between the control end and the device end , control or management instructions;
  • the device end 23 is configured to perform corresponding access, control or management operations in response to the access, control or management instructions of the control terminal.
  • the access operation may include, for example, viewing, browsing, etc.
  • the control operations may include, for example, suspending, starting downloading, starting uploading, restoring factory settings, etc.
  • the management may include, for example, managing system files and managing device terminals. File information, etc.
  • the server includes an address server, a load server, and a service server.
  • FIG. 3 a schematic structural diagram of the server is shown.
  • the server includes two load servers and six service servers, where The data of various servers in the process of use can be set according to the actual situation, specifically:
  • An address server 31 configured to query a load server for the device end and the control end;
  • the load server 32 is configured to monitor the running status of the service server, and return the service server address to the device end and the control end according to the predetermined policy;
  • Service server 33 used to perform authentication of the console, permission control, and data transfer.
  • dividing the server according to functions can effectively decompose the pressure of a single service and provide the efficiency of the server system.
  • control end performs login authentication and authority control through the server, and after the authentication is passed, the server sends an access, control, or management instruction to the device end having the device end identification information, so that the device end Corresponding access, control or management operations are performed in response to access, control or management instructions of the control terminal.
  • the user can manage and control the remote private device at any time and perform corresponding operations. For example, the user can download the resource of interest as desired, and the operation is simple, convenient, and private. In addition, through the proprietary private device at home. The storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
  • FIG. 4 is a flowchart of an implementation of a home cloud service management method according to Embodiment 2 of the present invention, which is described in detail as follows:
  • the control end sends a user authentication request to the server.
  • the server authenticates the user according to the user authentication request, and sends an authentication result to the control terminal.
  • the server stores the user information and the device identifier according to the pre-stored information. Corresponding relationship of the information, searching for the device end identification information corresponding to the user, and sending the device end identification information to the control end;
  • the control terminal may find the corresponding device end to control it.
  • control end receives the authentication result returned by the server, and after the authentication result is successful, receives the device end identification information returned by the server, and sends the device with the device end identification information through the server. Send access, control or management instructions;
  • S404 The device end responds to the access, control, or management instruction of the control end, and performs corresponding access, control, or management operations.
  • the authentication, interaction, and the like operations between the control terminal, the server, and the device end enable the device to respond to the access, control, or management commands of the control terminal, and perform corresponding access, control, or management operations, so that the user can Manage and control the remote private device and perform corresponding operations.
  • the private data is carried out through the private device at the home. Storage can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
  • FIG. 5 is a flowchart of the implementation of the home cloud service management method provided by the third embodiment of the present invention, which is described in detail as follows:
  • S502 Receive an authentication result returned by the server, and when the authentication result is that the authentication succeeds, receive the device end identifier information returned by the server;
  • control end sends a user authentication request to the server, so that the server authenticates the user according to the user authentication request, receives the authentication result returned by the server, and when the authentication result is authentication After successful, receiving the device end identification information returned by the server, and sending, by the server, an access, control or management instruction to the device end having the device end identification information, so that the device end according to the access, control or management instruction Perform corresponding access, control or management operations, so that users can manage and control the remote private device at any time and perform corresponding operations.
  • the operation is simple, convenient, and private.
  • the storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
  • FIG. 6 is a flowchart of implementing the home cloud service management method according to Embodiment 4 of the present invention, which is described in detail as follows:
  • the device end is bound to a unique user, but each user can operate the device end through different types of control terminals, for example, a mobile phone, an ipad, a PC, and the like.
  • the S601 specifically includes:
  • the control end searches for a device end identifier corresponding to the device end in the local area network
  • control terminal sends a binding state query instruction to the server, and obtains a binding state corresponding to the device end identifier returned by the server. If the binding is performed, the binding cannot be continued. If there is no binding, step C is performed.
  • the user information is bound to the device identifier information of the device end, and the bound user information and the device end identifier information are stored on the server.
  • the control end generates a session key, and encrypts the session key by using a known public key, generates a ciphertext, and sends the ciphertext to the server, so that the server uses a private key. Decrypting the ciphertext to obtain the session key;
  • the key is generated by the control end, and the key is sent to the server by using the public key and the private key, so that key negotiation between the control end and the server is implemented.
  • the control end sends an authentication request encrypted by the session key to a server, where the authentication request includes a user account and password information, so that the server performs the encrypted authentication request by using the obtained session key.
  • the information such as the account and password of the authentication process is encrypted by the key to ensure the security of the system.
  • the prompt information that the authentication is unsuccessful is sent to the user.
  • S605. Send, by the server, an access, control, or management instruction to the device end that has the device end identification information, so that the device end performs a corresponding access, control, or management operation according to the access, control, or management instruction.
  • the S605 is specifically:
  • the control end acquires detailed information of the resource from the resource server management background, including a resource name, a size, and a download address;
  • the control terminal sends a download instruction to the device end by using the server, where the download command includes detailed information of the resource information that the user selects to download, so that the device end passes the detailed information of the download instruction and the resource information.
  • a download service provided by the resource server adding a download task, and downloading resources from the resource server.
  • control end can download resource information from the device end, implement resource sharing with the device end, and the downloading process is very convenient.
  • the resource server stores a large amount of resources, including video, audio, and the like, and may update in real time or periodically update the resources stored by itself.
  • the resources of the resource server may be integrated in the background of the resource server.
  • the resources may be classified according to the category, name, and size of the resources, and a list may be formed to facilitate user resource searching.
  • the device controls the device to download the resource from the resource server according to the information of the resource.
  • the device end may perform corresponding access, control or management operations according to the access, control or management instructions of the control terminal, so that the user can manage and control the remote private device end and perform corresponding operations at any time.
  • the operation is simple, convenient, and private.
  • the private data stored in the private device at the home can ensure the security of the user data, and the authentication and login and permission control through the server can further ensure the security of the system.
  • FIG. 7 is a flowchart of implementing the home cloud service management method according to Embodiment 5 of the present invention, which is described in detail as follows:
  • the receiving and forwarding control end sends an access, control, or management instruction to the device end that has the device end identification information, so that the control terminal accesses, controls, or manages the device end.
  • the server is authenticated by the server, and the corresponding control command is forwarded to perform operations such as accessing, controlling, and managing the control terminal, so that the user can manage and control the remote private device end and perform corresponding operations at any time.
  • the operation is simple, convenient, and private.
  • the private data stored in the private device at home can ensure the security of the user data, and the authentication and login and permission control through the server can further ensure the security of the system.
  • FIG. 8 is a structural diagram of a home cloud service management apparatus according to Embodiment 6 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown.
  • the apparatus includes: an authentication unit 81 and a receiving unit 82. And an operation unit 83.
  • the authentication unit 81 is configured to send a user authentication request to the server, so that the server authenticates the user according to the user authentication request.
  • the receiving unit 82 is configured to receive the authentication result returned by the server, and when the authentication result is successful, the device end identifier information returned by the server is received;
  • An operation unit 83 configured to send, by using a server, an access, control, or management instruction to the device end that has the device end identification information, so that the device end performs corresponding access according to the access, control, or management instruction, Control or manage operations.
  • the operation unit 83 is specifically configured to acquire detailed information of the resource from the resource server management background, including a resource name, a size, a download address, and send a download instruction to the device.
  • the downloading instruction includes the detailed information of the resource information that the user selects to download, so that the device end adds the downloading task according to the downloading instruction provided by the resource server according to the downloading instruction and the detailed information of the resource information, and The resource server downloads resources.
  • the home cloud service management device provided by the embodiment of the present invention corresponds to the third embodiment of the foregoing home cloud service management method. For details, refer to the description of the third embodiment, and details are not described herein again.
  • FIG. 9 is a structural diagram of a home cloud service management apparatus according to Embodiment 7 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown.
  • the apparatus includes: a binding unit 91, an authentication unit. 92. Receiving unit 93 and operating unit 94.
  • the device further includes:
  • the binding unit 91 is configured to bind the user information with the device identification information of the device, and store the bound user information and the device identifier information on the server.
  • the binding unit 91 specifically includes:
  • a search module 911 configured to search, by the control terminal, a device end identifier corresponding to the device end in the local area network;
  • the querying module 912 is configured to query the server whether the device end identifier information is bound
  • the binding module 913 is configured to bind the user information to the device identification information of the device end, and store the bound user information and the device end identification information when the device end identification information is not bound. On the server.
  • the authentication unit 92 includes:
  • the key agreement module 921 generates a session key, encrypts the session key with a known public key, generates a ciphertext, and sends the ciphertext to the server to make the server private.
  • the key decrypts the ciphertext to obtain the session key;
  • the authentication module 922 is configured to send, by the server, an authentication request encrypted by the session key, where the authentication request includes a user account and password information, so that the server performs the encrypted authentication request by using the obtained session key. Decrypt, and authenticate the user according to the account and password information obtained by decryption.
  • the home cloud service management device provided by the embodiment of the present invention corresponds to the fourth embodiment of the foregoing home cloud service management method.
  • FIG. 10 is a structural diagram of a home cloud service management apparatus according to Embodiment 8 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown.
  • the apparatus includes: an authentication unit 101, and a search unit 102.
  • the authentication unit 101 is configured to receive a user authentication request sent by the control terminal, and perform authentication on the user according to the user authentication request.
  • the searching unit 102 is configured to search for device end identification information corresponding to the user according to the correspondence between the pre-stored user information and the device end identification information after the authentication result is successful.
  • the sending unit 103 sends the device end identification information to the control end currently used by the user;
  • the operating unit 104 is configured to receive and forward the control terminal to send an access, control, or management instruction to the device end having the device end identification information, so that the control terminal accesses, controls, or manages the device end.
  • the home cloud service management device provided by the embodiment of the present invention corresponds to the fifth embodiment of the foregoing home cloud service management method.
  • each unit included is only divided according to functional logic, but is not limited to the above division, as long as the corresponding function can be implemented;
  • the specific names are also for convenience of distinguishing from each other and are not intended to limit the scope of the present invention.

Abstract

The present invention belongs to the technical field of cloud storage. Provided are a home cloud service management method and device, the system comprising: a control end sends a user authentication request to a server, so that the server authenticates a user according to the user authentication request; an authentication result returned by the server is received, and when the authentication result is that authentication has been successful, device end identification information returned by the server is received; an access, control or management command is sent via the server to a device end having the device end identification information, so that the device end executes a corresponding access, control or management operation according to the access, control or management command. A user may manage and monitor a remote private device end and execute corresponding operations at any time. The process is simple and convenient, and privacy is strong.

Description

一种家庭云服务管理方法及装置  Home cloud service management method and device 技术领域Technical field
本发明属于云存储技术领域,尤其涉及一种家庭云服务管理方法及装置。 The invention belongs to the field of cloud storage technologies, and in particular, to a home cloud service management method and device.
背景技术Background technique
在宽带普及以及数据爆炸时代,许多用户的家中会产生大量的家庭数据、个人数据。但大量的家庭数据存储管理、数据的备份和恢复、跨互联网的数据同步、数据的便捷分享等问题是我们不得不面对的问题,也是用户当前需求强烈的地方。 In the era of broadband penetration and data explosion, many users' homes generate a large amount of household data and personal data. However, a large number of problems such as home data storage management, data backup and recovery, data synchronization across the Internet, and convenient sharing of data are issues that we have to face, and also where users' current needs are strong.
现有的家庭数据往往通过网络U盘或者网络硬盘进行存储,也有一些位于家中的家庭数据存储系统,用户可以把私人的资料或文件上传这些存储设备中,但对于目前的家庭云存储方式,还仅限于简单的存储功能,而对于私有的家庭云系统的管理、控制则涉及的较少,安全性能也无法得到保证。Existing home data is often stored on a network U disk or a network hard disk. There are also home data storage systems in the home. Users can upload private data or files to these storage devices, but for current home cloud storage methods, It is limited to simple storage functions, but the management and control of the private home cloud system are less involved, and the security performance cannot be guaranteed.
现有技术家庭云存储系统无法对存储系统进行有效的管理和控制,安全性能也无法得到保证。The prior art home cloud storage system cannot effectively manage and control the storage system, and the security performance cannot be guaranteed.
技术问题technical problem
本发明实施例的目的在于提供一种家庭云服务管理系统,旨在解决现有技术家庭云存储系统无法对存储系统进行有效的管理和控制,安全性能也无法得到保证。 The purpose of the embodiments of the present invention is to provide a home cloud service management system, which aims to solve the problem that the prior art home cloud storage system cannot effectively manage and control the storage system, and the security performance cannot be guaranteed.
技术解决方案Technical solution
本发明实施例是这样实现的:The embodiment of the invention is implemented as follows:
本发明实施例的第一方面提供了一种家庭云服务管理方法,所述方法包括: A first aspect of the embodiments of the present invention provides a method for managing a home cloud service, where the method includes:
向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证;Sending a user authentication request to the server, so that the server authenticates the user according to the user authentication request;
接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息;Receiving the authentication result returned by the server, and receiving the device end identifier information returned by the server after the authentication result is successful;
通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作;Sending, by the server, an access, control or management instruction to the device end having the device end identification information, so that the device end performs a corresponding access, control or management operation according to the access, control or management instruction;
所述向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证包括:Sending a user authentication request to the server, so that the server performs authentication on the user according to the user authentication request, including:
所述控制端生成会话密钥,并利用已知的公钥对所述会话密钥进行加密,生成密文,将所述密文发送给所述服务器,以使所述服务器用私钥对密文进行解密,获取所述会话密钥;The control end generates a session key, encrypts the session key by using a known public key, generates a ciphertext, and sends the ciphertext to the server, so that the server uses a private key to encrypt the secret key. Decrypting the text to obtain the session key;
所述控制端向服务器发送经过所述会话密钥加密的认证请求,所述认证请求包括用户账号和密码信息,以使所述服务器利用获取的会话密钥对所述加密的认证请求进行解密,并根据解密获取的账号和密码信息,对用户进行认证。The control end sends an authentication request encrypted by the session key to the server, where the authentication request includes a user account and password information, so that the server decrypts the encrypted authentication request by using the obtained session key. The user is authenticated according to the account and password information obtained by decryption.
本发明实施例的第二方面提供了一种家庭云服务管理装置,所述装置包括:A second aspect of the embodiments of the present invention provides a home cloud service management apparatus, where the apparatus includes:
认证单元,用于向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证;An authentication unit, configured to send a user authentication request to the server, so that the server authenticates the user according to the user authentication request;
接收单元,用于接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息;a receiving unit, configured to receive an authentication result returned by the server, and receive, after the authentication result is successful, the device end identifier information returned by the server;
操作单元,用于通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作;An operation unit, configured to send, by using a server, an access, control, or management instruction to the device end having the device end identification information, so that the device end performs corresponding access and control according to the access, control, or management instruction. Or management operations;
所述认证单元包括:The authentication unit includes:
密钥协商模块,生成会话密钥,并利用已知的公钥对所述会话密钥进行加密,生成密文,且将所述密文发送给所述服务器,以使所述服务器用私钥对密文进行解密,获取所述会话密钥;a key agreement module, generating a session key, encrypting the session key with a known public key, generating a ciphertext, and transmitting the ciphertext to the server, so that the server uses a private key Decrypting the ciphertext to obtain the session key;
认证模块,用于向服务器发送经过所述会话密钥加密的认证请求,所述认证请求包括用户账号和密码信息,以使所述服务器利用获取的会话密钥对所述加密的认证请求进行解密,并根据解密获取的账号和密码信息,对用户进行认证。An authentication module, configured to send, to the server, an authentication request encrypted by the session key, where the authentication request includes a user account and password information, so that the server decrypts the encrypted authentication request by using the obtained session key And authenticate the user according to the account and password information obtained by decryption.
有益效果Beneficial effect
本实施例中,控制端通过服务器进行登录认证和权限控制,在认证通过后,通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端响应所述控制端的访问、控制或管理指令,执行相应的访问、控制或管理操作。用户可以随时对远程私有设备端进行管理和控制以及执行相应的操作,例如,可以随心所欲的下载感兴趣的资源,操作简单、方便、私密性强,另外,通过家中专有的私有设备端对私有数据进行存储可以确保用户资料的安全性,同时通过服务器进行认证登录和权限控制可以进一步保证系统的安全性。In this embodiment, the control end performs login authentication and authority control through the server, and after the authentication is passed, the server sends an access, control, or management instruction to the device end having the device end identification information, so that the device end Corresponding access, control or management operations are performed in response to access, control or management instructions of the control terminal. The user can manage and control the remote private device at any time and perform corresponding operations. For example, the user can download the resource of interest as desired, and the operation is simple, convenient, and private. In addition, through the proprietary private device at home. The storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
附图说明DRAWINGS
为了更清楚地说明本发明实施例的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention, Those skilled in the art can also obtain other drawings based on these drawings without paying any creative work.
图1是本发明实施例一提供的家庭云服务管理系统的结构示意图;1 is a schematic structural diagram of a home cloud service management system according to Embodiment 1 of the present invention;
图2是本发明实施例一提供的家庭云服务管理系统的结构图;2 is a structural diagram of a home cloud service management system according to Embodiment 1 of the present invention;
图3是本发明实施例一提供的家庭云服务管理系统中服务器的结构示意图;3 is a schematic structural diagram of a server in a home cloud service management system according to Embodiment 1 of the present invention;
图4是本发明实施例二提供的家庭云服务管理方法的实现的流程图;4 is a flowchart of an implementation of a method for managing a home cloud service according to Embodiment 2 of the present invention;
图5是本发明实施例三提供的家庭云服务管理方法的实现的流程图;FIG. 5 is a flowchart of an implementation of a method for managing a home cloud service according to Embodiment 3 of the present invention; FIG.
图6是本发明实施例四提供的家庭云服务管理方法的实现的流程图;6 is a flowchart of an implementation of a home cloud service management method according to Embodiment 4 of the present invention;
图7是本发明实施例五提供的家庭云服务管理方法的实现的流程图;7 is a flowchart of an implementation of a home cloud service management method according to Embodiment 5 of the present invention;
图8是本发明实施例六提供的家庭云服务管理装置的结构图;8 is a structural diagram of a home cloud service management apparatus according to Embodiment 6 of the present invention;
图9是本发明实施例七提供的家庭云服务管理装置的结构图;9 is a structural diagram of a home cloud service management apparatus according to Embodiment 7 of the present invention;
图10是本发明实施例八提供的家庭云服务管理装置的结构图。FIG. 10 is a structural diagram of a home cloud service management apparatus according to Embodiment 8 of the present invention.
本发明的实施方式Embodiments of the invention
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
本发明实施例提供了一种家庭云服务管理系统控制端通过服务器进行登录认证和权限控制,在认证通过后,通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端响应所述控制端的访问、控制或管理指令,执行相应的访问、控制或管理操作。使得用户可以随时对远程私有设备端进行管理和控制以及执行相应的操作,例如,可以随心所欲的下载感兴趣的资源,操作简单、方便、私密性强,另外,通过家中专有的私有设备端对私有数据进行存储可以确保用户资料的安全性,同时通过服务器进行认证登录和权限控制可以进一步保证系统的安全性。The embodiment of the present invention provides a home cloud service management system, where the control end performs login authentication and authority control through a server, and after the authentication is passed, sends, by the server, access, control, or management to the device end having the device end identification information. An instruction to cause the device to perform a corresponding access, control or management operation in response to an access, control or management instruction of the control terminal. The user can manage and control the remote private device at any time and perform corresponding operations. For example, the user can download the resource of interest as desired, and the operation is simple, convenient, and private. In addition, through the private device end of the home. The storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
以下结合具体实施例对本发明的实现进行详细描述:The implementation of the present invention is described in detail below with reference to specific embodiments:
实施例一Embodiment 1
图1是本实施例家庭云服务管理系统的结构图示意图,所述系统包括:控制端、服务器和设备端,其中,所述控制端在任何可以访问到互联网的地方,通过业务服务器进行登录认证,然后与设备端进行通信,控制设备端的下载和文件管理等功能;所述服务端部署在互联网中,提供登录认证和权限控制等功能;所述设备端为设置在家中的家庭私有的设备端,所述设备端长时间待机,每次启动后,自动寻找部署在互联网中的服务器,进行上线动作。在系统运行过程中,控制端软件访问资源服务器后台,获得资源应用信息和详细的资源信息,通知家中的私有设备端进行下载,并实时的监控下载进度和下载状态;同时控制端也能查看设备端上所有资源和文件的信息并进行管理,查询设备端的设备基本信息等。以下通过实施例进行说明,图2示出了本发明实施例一提供的家庭云服务管理系统的结构图,为了便于说明,仅示出了与本发明实施例相关的部分,其中所述系统包括:控制端21、服务器22和设备端23,其中:1 is a schematic structural diagram of a home cloud service management system according to the embodiment, where the system includes: a control terminal, a server, and a device end, wherein the control terminal performs login authentication through a service server in any place where the Internet can be accessed. And then communicate with the device side to control functions such as downloading and file management on the device side; the server is deployed in the Internet to provide functions such as login authentication and permission control; and the device is configured to set up a private device at home in the home. The device end stands by for a long time, and after each startup, automatically finds a server deployed in the Internet to perform an online action. During the running of the system, the control software accesses the background of the resource server, obtains resource application information and detailed resource information, notifies the private device at the home to download, and monitors the download progress and download status in real time; at the same time, the control terminal can also view the device. All the resources and files on the device are managed and the basic information of the device on the device is queried. The following is a description of an embodiment of the present invention. FIG. 2 is a structural diagram of a home cloud service management system according to Embodiment 1 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown, wherein the system includes : control terminal 21, server 22 and device terminal 23, wherein:
控制端21,用于向服务器发送用户认证请求,以使所述服务器对所述用户进行认证,并接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息,并通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以对所述设备端进行访问、控制或管理。The control end 21 is configured to send a user authentication request to the server, so that the server authenticates the user, and receives an authentication result returned by the server, and when the authentication result is successful, the receiving server returns The device end identifies information, and sends an access, control, or management instruction to the device end having the device end identification information through a server to access, control, or manage the device end.
其中,所述控制端可以为android平台、iOS平台和windows系统平台三种。The control terminal can be three types: an android platform, an iOS platform, and a windows system platform.
本实施例中,所述控制端可以为便携的移动设备,例如,可以为手机、ipad等。In this embodiment, the control terminal may be a portable mobile device, for example, a mobile phone, an iPad, or the like.
服务器22,用于接收所述控制端发送的用户认证请求,并根据所述用户认证请求,对所述用户进行认证,当所述认证结果为认证成功后,根据预先存储的用户信息与设备端标识信息的对应关系,查找所述用户对应的设备端标识信息,并发送所述设备端标识信息至所述用户当前使用的控制端,以及转发所述控制端和所述设备端之间的访问、控制或管理指令;The server 22 is configured to receive a user authentication request sent by the control terminal, and perform authentication on the user according to the user authentication request. After the authentication result is successful, according to the pre-stored user information and the device end. Identifying the correspondence between the information, searching for the device end identification information corresponding to the user, and sending the device end identification information to the control end currently used by the user, and forwarding the access between the control end and the device end , control or management instructions;
设备端23,用于响应所述控制端的访问、控制或管理指令,执行相应的访问、控制或管理操作。The device end 23 is configured to perform corresponding access, control or management operations in response to the access, control or management instructions of the control terminal.
本实施例中,所述访问操作可以包括例如查看、浏览等、所述控制操作可以包括例如暂停、开始下载、开始上传、恢复出厂设置等,所述管理可以包括例如管理系统文件、管理设备端文件信息等。In this embodiment, the access operation may include, for example, viewing, browsing, etc., and the control operations may include, for example, suspending, starting downloading, starting uploading, restoring factory settings, etc., and the management may include, for example, managing system files and managing device terminals. File information, etc.
可选的,所述服务器包括寻址服务器、负载服务器和业务服务器,请参阅图3示出了所述服务器的结构示意图,所述服务器包括2个负载服务器和6个业务服务器,其中,在实际使用过程中各种服务器的数据可以根据实际情况进行设定,具体的:Optionally, the server includes an address server, a load server, and a service server. Referring to FIG. 3, a schematic structural diagram of the server is shown. The server includes two load servers and six service servers, where The data of various servers in the process of use can be set according to the actual situation, specifically:
寻址服务器31,用于为设备端和控制端查询负载服务器;An address server 31, configured to query a load server for the device end and the control end;
负载服务器32:用于监控业务服务器的运行状态,根据预定策略返回业务服务器地址给设备端和控制端;The load server 32 is configured to monitor the running status of the service server, and return the service server address to the device end and the control end according to the predetermined policy;
业务服务器33:用于执行控制端的认证、权限控制、以及数据中转。Service server 33: used to perform authentication of the console, permission control, and data transfer.
本实施例中,将服务器按功能进行划分,可以有效的分解单一服务的压力,同时提供服务器系统的效率。In this embodiment, dividing the server according to functions can effectively decompose the pressure of a single service and provide the efficiency of the server system.
本实施例中,控制端通过服务器进行登录认证和权限控制,在认证通过后,通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端响应所述控制端的访问、控制或管理指令,执行相应的访问、控制或管理操作。用户可以随时对远程私有设备端进行管理和控制以及执行相应的操作,例如,可以随心所欲的下载感兴趣的资源,操作简单、方便、私密性强,另外,通过家中专有的私有设备端对私有数据进行存储可以确保用户资料的安全性,同时通过服务器进行认证登录和权限控制可以进一步保证系统的安全性。In this embodiment, the control end performs login authentication and authority control through the server, and after the authentication is passed, the server sends an access, control, or management instruction to the device end having the device end identification information, so that the device end Corresponding access, control or management operations are performed in response to access, control or management instructions of the control terminal. The user can manage and control the remote private device at any time and perform corresponding operations. For example, the user can download the resource of interest as desired, and the operation is simple, convenient, and private. In addition, through the proprietary private device at home. The storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
实施例二Embodiment 2
图4是本发明实施例二提供的家庭云服务管理方法的实现的流程图,详述如下:4 is a flowchart of an implementation of a home cloud service management method according to Embodiment 2 of the present invention, which is described in detail as follows:
S401,控制端向服务器发送用户认证请求;S401. The control end sends a user authentication request to the server.
S402,所述服务器根据所述用户认证请求,对所述用户进行认证,并向所述控制端发送认证结果,且当所述认证结果为认证成功时,根据预先存储的用户信息与设备端标识信息的对应关系,查找所述用户对应的设备端标识信息,并将所述设备端标识信息发送到控制端;S402. The server authenticates the user according to the user authentication request, and sends an authentication result to the control terminal. When the authentication result is successful, the server stores the user information and the device identifier according to the pre-stored information. Corresponding relationship of the information, searching for the device end identification information corresponding to the user, and sending the device end identification information to the control end;
本实施例中,通过所述设备端标识信息,控制端可以找到所述对应的设备端,以对其进行控制。In this embodiment, by using the device end identification information, the control terminal may find the corresponding device end to control it.
S403,所述控制端接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息,并通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令;S403, the control end receives the authentication result returned by the server, and after the authentication result is successful, receives the device end identification information returned by the server, and sends the device with the device end identification information through the server. Send access, control or management instructions;
S404,设备端响应控制端的访问、控制或管理指令,执行相应的访问、控制或管理操作。S404: The device end responds to the access, control, or management instruction of the control end, and performs corresponding access, control, or management operations.
本实施例中,通过控制端、服务器和设备端之间的认证、交互等操作,实使得设备端响应控制端的访问、控制或管理指令,执行相应的访问、控制或管理操作,使得用户可以随时对远程私有设备端进行管理和控制以及执行相应的操作,例如,可以随心所欲的下载感兴趣的资源,操作简单、方便、私密性强,另外,通过家中专有的私有设备端对私有数据进行存储可以确保用户资料的安全性,同时通过服务器进行认证登录和权限控制可以进一步保证系统的安全性。In this embodiment, the authentication, interaction, and the like operations between the control terminal, the server, and the device end enable the device to respond to the access, control, or management commands of the control terminal, and perform corresponding access, control, or management operations, so that the user can Manage and control the remote private device and perform corresponding operations. For example, you can download the resources of interest as you like, and the operation is simple, convenient, and private. In addition, the private data is carried out through the private device at the home. Storage can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
实施例三Embodiment 3
本实施例的执行主体为家庭云服务管理系统中控制端,图5是本发明实施例三提供的家庭云服务管理方法的实现的流程图,详述如下:The execution body of the embodiment is the control end of the home cloud service management system. FIG. 5 is a flowchart of the implementation of the home cloud service management method provided by the third embodiment of the present invention, which is described in detail as follows:
S501,向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证;S501. Send a user authentication request to the server, so that the server authenticates the user according to the user authentication request.
S502,接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息;S502: Receive an authentication result returned by the server, and when the authentication result is that the authentication succeeds, receive the device end identifier information returned by the server;
S503,通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作。S503. Send, by the server, an access, control, or management instruction to the device end that has the device end identification information, so that the device end performs a corresponding access, control, or management operation according to the access, control, or management instruction. .
本实施例中,控制端向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证,接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息,通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作,使得用户可以随时对远程私有设备端进行管理和控制以及执行相应的操作,操作简单、方便、私密性强,另外,通过家中专有的私有设备端对私有数据进行存储可以确保用户资料的安全性,同时通过服务器进行认证登录和权限控制可以进一步保证系统的安全性。In this embodiment, the control end sends a user authentication request to the server, so that the server authenticates the user according to the user authentication request, receives the authentication result returned by the server, and when the authentication result is authentication After successful, receiving the device end identification information returned by the server, and sending, by the server, an access, control or management instruction to the device end having the device end identification information, so that the device end according to the access, control or management instruction Perform corresponding access, control or management operations, so that users can manage and control the remote private device at any time and perform corresponding operations. The operation is simple, convenient, and private. In addition, through the proprietary private device at home. The storage of private data can ensure the security of user data, and the authentication and login and permission control through the server can further ensure the security of the system.
实施例四Embodiment 4
本实施例的执行主体为家庭云服务管理系统中控制端,图6是本发明实施例四提供的家庭云服务管理方法的实现的流程图,详述如下:The execution body of the embodiment is the control end of the home cloud service management system. FIG. 6 is a flowchart of implementing the home cloud service management method according to Embodiment 4 of the present invention, which is described in detail as follows:
S601,将用户信息与设备端的设备标识信息进行绑定,并将绑定的用户信息与设备端标识信息存储在服务器上;S601, binding the user information with the device identification information of the device, and storing the bound user information and the device identifier information on the server;
其中,所述设备端与唯一用户进行绑定,但是每个用户可以通过不同类型的控制端对所述设备端进行操作,例如,手机、ipad,PC机等.The device end is bound to a unique user, but each user can operate the device end through different types of control terminals, for example, a mobile phone, an ipad, a PC, and the like.
所述S601具体包括:The S601 specifically includes:
A.所述控制端在局域网内搜索设备端对应的设备端标识;A. The control end searches for a device end identifier corresponding to the device end in the local area network;
B.向服务器查询所述设备端标识信息是否已绑定;B. Querying, by the server, whether the device end identifier information is bound;
具体为所述控制端向服务器发送绑定状态查询指令,获取服务器返回的所述设备端标识对应的绑定状态,如果已经绑定则无法继续绑定,如果没有绑定,则执行步骤C。Specifically, the control terminal sends a binding state query instruction to the server, and obtains a binding state corresponding to the device end identifier returned by the server. If the binding is performed, the binding cannot be continued. If there is no binding, step C is performed.
C.当所述设备端标识信息没有绑定时,则将所述用户信息与所述设备端的设备标识信息进行绑定,并将绑定的用户信息与设备端标识信息存储在服务器上。C. When the device end identifier information is not bound, the user information is bound to the device identifier information of the device end, and the bound user information and the device end identifier information are stored on the server.
S602,所述控制端生成会话密钥,并利用已知的公钥对所述会话密钥进行加密,生成密文,将所述密文发送给所述服务器,以使所述服务器用私钥对密文进行解密,获取所述会话密钥;S602. The control end generates a session key, and encrypts the session key by using a known public key, generates a ciphertext, and sends the ciphertext to the server, so that the server uses a private key. Decrypting the ciphertext to obtain the session key;
本实施例中,通过控制端生成密钥,并利用公钥、以及私钥将密钥发送给服务器,实现了控制端与服务器之间的密钥协商。In this embodiment, the key is generated by the control end, and the key is sent to the server by using the public key and the private key, so that key negotiation between the control end and the server is implemented.
S603,所述控制端向服务器发送经过所述会话密钥加密的认证请求,所述认证请求包括用户账号和密码信息,以使所述服务器利用获取的会话密钥对所述加密的认证请求进行解密,并根据解密获取的账号和密码信息,对用户进行认证;S603. The control end sends an authentication request encrypted by the session key to a server, where the authentication request includes a user account and password information, so that the server performs the encrypted authentication request by using the obtained session key. Decrypt, and authenticate the user according to the account and password information obtained by decryption;
本实施例中,通过密钥对认证过程的账户和密码等信息进行加密,保证了系统的安全性。In this embodiment, the information such as the account and password of the authentication process is encrypted by the key to ensure the security of the system.
S604,接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息;S604. Receive an authentication result returned by the server, and when the authentication result is successful, receive the device end identifier information returned by the server.
本实施例中,当认证未成功时,则向用户发送认证未成功的提示信息。In this embodiment, when the authentication is not successful, the prompt information that the authentication is unsuccessful is sent to the user.
S605,通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作。S605. Send, by the server, an access, control, or management instruction to the device end that has the device end identification information, so that the device end performs a corresponding access, control, or management operation according to the access, control, or management instruction. .
当所述控制指令为下载指令时,所述S605具体为:When the control instruction is a download instruction, the S605 is specifically:
a. 所述控制端从资源服务器管理后台获取资源的详细信息,包括资源名称、大小、下载地址;a. The control end acquires detailed information of the resource from the resource server management background, including a resource name, a size, and a download address;
b. 所述控制端通过服务器向设备端发送下载指令,所述下载指令包括用户选择要下载的资源信息的详细信息,以使所述设备端根据所述下载指令以及所述资源信息的详细信息,通过资源服务器提供的下载服务,添加下载任务,并从所述资源服务器下载资源。b. The control terminal sends a download instruction to the device end by using the server, where the download command includes detailed information of the resource information that the user selects to download, so that the device end passes the detailed information of the download instruction and the resource information. A download service provided by the resource server, adding a download task, and downloading resources from the resource server.
本实施例中控制端可以从设备端下载资源信息,实现了与设备端之间的资源共享,且下载过程十分方便。In this embodiment, the control end can download resource information from the device end, implement resource sharing with the device end, and the downloading process is very convenient.
其中,所述资源服务器存储了大量的资源,包括视频、音频等,其可以实时更新也可以定时对自身存储的资源进行更新。The resource server stores a large amount of resources, including video, audio, and the like, and may update in real time or periodically update the resources stored by itself.
其中,可以在资源服务器后台预先将所述资源服务器的资源进行整合,例如,可以根据资源的类别、名称、大小等对资源进行分类,形成列表以方便用户的资源查找,当用户根据所述资源服务器后台确定所述下载的资源的信息后,控制所述设备端根据所述资源的信息,从所述资源服务器下载所述资源。The resources of the resource server may be integrated in the background of the resource server. For example, the resources may be classified according to the category, name, and size of the resources, and a list may be formed to facilitate user resource searching. After the server determines the information of the downloaded resource, the device controls the device to download the resource from the resource server according to the information of the resource.
本发明实施例中,所述设备端根据控制端的访问、控制或管理指令,可以执行相应的访问、控制或管理操作,使得用户可以随时对远程私有设备端进行管理和控制以及执行相应的操作,操作简单、方便、私密性强,另外,通过家中专有的私有设备端对私有数据进行存储可以确保用户资料的安全性,同时通过服务器进行认证登录和权限控制可以进一步保证系统的安全性。In the embodiment of the present invention, the device end may perform corresponding access, control or management operations according to the access, control or management instructions of the control terminal, so that the user can manage and control the remote private device end and perform corresponding operations at any time. The operation is simple, convenient, and private. In addition, the private data stored in the private device at the home can ensure the security of the user data, and the authentication and login and permission control through the server can further ensure the security of the system.
实施例五Embodiment 5
本发明实施例的执行主体是家庭云服务管理中服务器,图7是本发明实施例五提供的家庭云服务管理方法的实现的流程图,详述如下:The execution entity of the embodiment of the present invention is a server in the home cloud service management. FIG. 7 is a flowchart of implementing the home cloud service management method according to Embodiment 5 of the present invention, which is described in detail as follows:
S701,接收所述控制端发送的用户认证请求,并根据所述用户认证请求,对所述用户进行认证;S701. Receive a user authentication request sent by the control terminal, and perform authentication on the user according to the user authentication request.
S702,当所述认证结果为认证成功后,根据预先存储的用户信息与设备端标识信息的对应关系,查找所述用户对应的设备端标识信息;S702, after the authentication result is that the authentication is successful, searching for the device end identification information corresponding to the user according to the correspondence between the pre-stored user information and the device end identification information;
S703,发送所述设备端标识信息至所述用户当前使用的控制端;S703. Send the device end identifier information to a control end currently used by the user.
S704,接收并转发控制端向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述控制端对所述设备端进行访问、控制或管理。S704. The receiving and forwarding control end sends an access, control, or management instruction to the device end that has the device end identification information, so that the control terminal accesses, controls, or manages the device end.
本实施例使通过服务器对控制端进行认证,并转发相应的控制指令,以对控制端进行访问、控制和管理等操作,使得用户可以随时对远程私有设备端进行管理和控制以及执行相应的操作,操作简单、方便、私密性强,另外,通过家中专有的私有设备端对私有数据进行存储可以确保用户资料的安全性,同时通过服务器进行认证登录和权限控制可以进一步保证系统的安全性In this embodiment, the server is authenticated by the server, and the corresponding control command is forwarded to perform operations such as accessing, controlling, and managing the control terminal, so that the user can manage and control the remote private device end and perform corresponding operations at any time. The operation is simple, convenient, and private. In addition, the private data stored in the private device at home can ensure the security of the user data, and the authentication and login and permission control through the server can further ensure the security of the system.
实施例六Embodiment 6
图8示出了本发明实施例六提供的家庭云服务管理装置的结构图,为了便于说明,仅示出了与本发明实施例相关的部分,所述装置包括:认证单元81、接收单元82以及操作单元83。FIG. 8 is a structural diagram of a home cloud service management apparatus according to Embodiment 6 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown. The apparatus includes: an authentication unit 81 and a receiving unit 82. And an operation unit 83.
认证单元81,用于向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证;The authentication unit 81 is configured to send a user authentication request to the server, so that the server authenticates the user according to the user authentication request.
接收单元82,用于接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息;The receiving unit 82 is configured to receive the authentication result returned by the server, and when the authentication result is successful, the device end identifier information returned by the server is received;
操作单元83,用于通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作。An operation unit 83, configured to send, by using a server, an access, control, or management instruction to the device end that has the device end identification information, so that the device end performs corresponding access according to the access, control, or management instruction, Control or manage operations.
可选的,当所述控制指令为下载指令时,所述操作单元83具体用于从资源服务器管理后台获取资源的详细信息,包括资源名称、大小、下载地址,并向设备端发送下载指令,所述下载指令包括用户选择要下载的资源信息的详细信息,以使所述设备端根据所述下载指令以及所述资源信息的详细信息,通过资源服务器提供的下载服务,添加下载任务,并从所述资源服务器下载资源。Optionally, when the control instruction is a download instruction, the operation unit 83 is specifically configured to acquire detailed information of the resource from the resource server management background, including a resource name, a size, a download address, and send a download instruction to the device. The downloading instruction includes the detailed information of the resource information that the user selects to download, so that the device end adds the downloading task according to the downloading instruction provided by the resource server according to the downloading instruction and the detailed information of the resource information, and The resource server downloads resources.
本发明实施例提供的家庭云服务管理装置与前述家庭云服务管理方法的实施例三对应,详情参见上述实施例三的描述,在此不再赘述。The home cloud service management device provided by the embodiment of the present invention corresponds to the third embodiment of the foregoing home cloud service management method. For details, refer to the description of the third embodiment, and details are not described herein again.
实施例七Example 7
图9示出了本发明实施例七提供的家庭云服务管理装置的结构图,为了便于说明,仅示出了与本发明实施例相关的部分,所述装置包括:绑定单元91、认证单元92、接收单元93以及操作单元94。FIG. 9 is a structural diagram of a home cloud service management apparatus according to Embodiment 7 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown. The apparatus includes: a binding unit 91, an authentication unit. 92. Receiving unit 93 and operating unit 94.
本发明实施例与实施例六的区别在于:The difference between the embodiment of the present invention and the sixth embodiment is:
可选的,所述装置还包括:Optionally, the device further includes:
绑定单元91,用于将用户信息与设备端的设备标识信息进行绑定,并将绑定的用户信息与设备端标识信息存储在服务器上。The binding unit 91 is configured to bind the user information with the device identification information of the device, and store the bound user information and the device identifier information on the server.
可选的,所述绑定单元91具体包括:Optionally, the binding unit 91 specifically includes:
搜索模块911,用于所述控制端在局域网内搜索设备端对应的设备端标识;a search module 911, configured to search, by the control terminal, a device end identifier corresponding to the device end in the local area network;
查询模块912,用于向服务器查询所述设备端标识信息是否已绑定;The querying module 912 is configured to query the server whether the device end identifier information is bound;
绑定模块913,用于当所述设备端标识信息没有绑定时,则将所述用户信息与所述设备端的设备标识信息进行绑定,并将绑定的用户信息与设备端标识信息存储在服务器上。The binding module 913 is configured to bind the user information to the device identification information of the device end, and store the bound user information and the device end identification information when the device end identification information is not bound. On the server.
可选的,所述认证单元92包括:Optionally, the authentication unit 92 includes:
密钥协商模块921,生成会话密钥,并利用已知的公钥对所述会话密钥进行加密,生成密文,且将所述密文发送给所述服务器,以使所述服务器用私钥对密文进行解密,获取所述会话密钥;The key agreement module 921 generates a session key, encrypts the session key with a known public key, generates a ciphertext, and sends the ciphertext to the server to make the server private. The key decrypts the ciphertext to obtain the session key;
认证模块922,用于向服务器发送经过所述会话密钥加密的认证请求,所述认证请求包括用户账号和密码信息,以使所述服务器利用获取的会话密钥对所述加密的认证请求进行解密,并根据解密获取的账号和密码信息,对用户进行认证。The authentication module 922 is configured to send, by the server, an authentication request encrypted by the session key, where the authentication request includes a user account and password information, so that the server performs the encrypted authentication request by using the obtained session key. Decrypt, and authenticate the user according to the account and password information obtained by decryption.
本发明实施例提供的家庭云服务管理装置与前述家庭云服务管理方法的实施例四对应,详情参见上述实施例四的描述,在此不再赘述。The home cloud service management device provided by the embodiment of the present invention corresponds to the fourth embodiment of the foregoing home cloud service management method. For details, refer to the description of the fourth embodiment, and details are not described herein again.
实施例八Example eight
图10示出了本发明实施例八提供的家庭云服务管理装置的结构图,为了便于说明,仅示出了与本发明实施例相关的部分,所述装置包括:认证单元101、查找单元102、发送单元103和操作单元104。FIG. 10 is a structural diagram of a home cloud service management apparatus according to Embodiment 8 of the present invention. For convenience of description, only parts related to the embodiment of the present invention are shown. The apparatus includes: an authentication unit 101, and a search unit 102. The transmitting unit 103 and the operating unit 104.
认证单元101,用于接收所述控制端发送的用户认证请求,并根据所述用户认证请求,对所述用户进行认证;The authentication unit 101 is configured to receive a user authentication request sent by the control terminal, and perform authentication on the user according to the user authentication request.
查找单元102,用于当所述认证结果为认证成功后,根据预先存储的用户信息与设备端标识信息的对应关系,查找所述用户对应的设备端标识信息;The searching unit 102 is configured to search for device end identification information corresponding to the user according to the correspondence between the pre-stored user information and the device end identification information after the authentication result is successful.
发送单元103,发送所述设备端标识信息至所述用户当前使用的控制端;The sending unit 103 sends the device end identification information to the control end currently used by the user;
操作单元104,用于接收并转发控制端向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述控制端对所述设备端进行访问、控制或管理。The operating unit 104 is configured to receive and forward the control terminal to send an access, control, or management instruction to the device end having the device end identification information, so that the control terminal accesses, controls, or manages the device end.
本发明实施例提供的家庭云服务管理装置与前述家庭云服务管理方法的实施例五对应,详情参见上述实施例五的描述,在此不再赘述。The home cloud service management device provided by the embodiment of the present invention corresponds to the fifth embodiment of the foregoing home cloud service management method. For details, refer to the description of the fifth embodiment, and details are not described herein again.
值得注意的是,上述装置和系统实施例中,所包括的各个单元只是按照功能逻辑进行划分的,但并不局限于上述的划分,只要能够实现相应的功能即可;另外,各功能单元的具体名称也只是为了便于相互区分,并不用于限制本发明的保护范围。It should be noted that, in the foregoing apparatus and system embodiment, each unit included is only divided according to functional logic, but is not limited to the above division, as long as the corresponding function can be implemented; The specific names are also for convenience of distinguishing from each other and are not intended to limit the scope of the present invention.
另外,本领域普通技术人员可以理解实现上述各实施例方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,相应的程序可以存储于一计算机可读取存储介质中,所述的存储介质,如ROM/RAM、磁盘或光盘等。In addition, those skilled in the art can understand that all or part of the steps of implementing the above embodiments may be completed by a program to instruct related hardware, and the corresponding program may be stored in a computer readable storage medium. Storage medium, such as ROM/RAM, disk or CD.
以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the protection of the present invention. Within the scope.

Claims (4)

  1. 一种家庭云服务管理方法,其特征在于,所述方法包括:  A method for managing a home cloud service, the method comprising:
    向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证;Sending a user authentication request to the server, so that the server authenticates the user according to the user authentication request;
    接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息;Receiving the authentication result returned by the server, and receiving the device end identifier information returned by the server after the authentication result is successful;
    通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作;Sending, by the server, an access, control or management instruction to the device end having the device end identification information, so that the device end performs a corresponding access, control or management operation according to the access, control or management instruction;
    所述向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证包括:Sending a user authentication request to the server, so that the server performs authentication on the user according to the user authentication request, including:
    所述控制端生成会话密钥,并利用已知的公钥对所述会话密钥进行加密,生成密文,将所述密文发送给所述服务器,以使所述服务器用私钥对密文进行解密,获取所述会话密钥;The control end generates a session key, encrypts the session key by using a known public key, generates a ciphertext, and sends the ciphertext to the server, so that the server uses a private key to encrypt the secret key. Decrypting the text to obtain the session key;
    所述控制端向服务器发送经过所述会话密钥加密的认证请求,所述认证请求包括用户账号和密码信息,以使所述服务器利用获取的会话密钥对所述加密的认证请求进行解密,并根据解密获取的账号和密码信息,对用户进行认证。The control end sends an authentication request encrypted by the session key to the server, where the authentication request includes a user account and password information, so that the server decrypts the encrypted authentication request by using the obtained session key. The user is authenticated according to the account and password information obtained by decryption.
  2. 如权利要求1所述的方法,其特征在于,当所述控制指令为下载指令时,所述通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作具体为:The method according to claim 1, wherein when the control instruction is a download instruction, the server sends an access, control or management instruction to the device side having the device end identification information, so that The device end performs corresponding access, control or management operations according to the access, control or management instructions:
    所述控制端从资源服务器管理后台获取资源的详细信息,包括资源名称、大小、下载地址;The control end acquires detailed information of the resource from the resource server management background, including a resource name, a size, and a download address;
    所述控制端通过服务器向设备端发送下载指令,所述下载指令包括用户选择要下载的资源信息的详细信息,以使所述设备端根据所述下载指令以及所述资源信息的详细信息,通过资源服务器提供的下载服务,添加下载任务,并从所述资源服务器下载资源。The control terminal sends a download instruction to the device end by using the server, where the download command includes detailed information of the resource information that the user selects to download, so that the device end passes the detailed information of the download instruction and the resource information. A download service provided by the resource server, adding a download task, and downloading resources from the resource server.
  3. 一种家庭云服务管理装置,其特征在于,所述装置包括:A home cloud service management device, characterized in that the device comprises:
    认证单元,用于向服务器发送用户认证请求,以使所述服务器根据所述用户认证请求,对所述用户进行认证;An authentication unit, configured to send a user authentication request to the server, so that the server authenticates the user according to the user authentication request;
    接收单元,用于接收所述服务器返回的认证结果,且当所述认证结果为认证成功后,接收服务器返回的设备端标识信息;a receiving unit, configured to receive an authentication result returned by the server, and receive, after the authentication result is successful, the device end identifier information returned by the server;
    操作单元,用于通过服务器向所述具有所述设备端标识信息的设备端发送访问、控制或管理指令,以使所述设备端根据所述访问、控制或管理指令,执行相应的访问、控制或管理操作;An operation unit, configured to send, by using a server, an access, control, or management instruction to the device end having the device end identification information, so that the device end performs corresponding access and control according to the access, control, or management instruction. Or management operations;
    所述认证单元包括:The authentication unit includes:
    密钥协商模块,生成会话密钥,并利用已知的公钥对所述会话密钥进行加密,生成密文,且将所述密文发送给所述服务器,以使所述服务器用私钥对密文进行解密,获取所述会话密钥;a key agreement module, generating a session key, encrypting the session key with a known public key, generating a ciphertext, and transmitting the ciphertext to the server, so that the server uses a private key Decrypting the ciphertext to obtain the session key;
    认证模块,用于向服务器发送经过所述会话密钥加密的认证请求,所述认证请求包括用户账号和密码信息,以使所述服务器利用获取的会话密钥对所述加密的认证请求进行解密,并根据解密获取的账号和密码信息,对用户进行认证。An authentication module, configured to send, to the server, an authentication request encrypted by the session key, where the authentication request includes a user account and password information, so that the server decrypts the encrypted authentication request by using the obtained session key And authenticate the user according to the account and password information obtained by decryption.
  4. 如权利要求3所述的装置,其特征在于,当所述控制指令为下载指令时,所述操作单元具体用于从资源服务器管理后台获取资源的详细信息,包括资源名称、大小、下载地址,并向设备端发送下载指令,所述下载指令包括用户选择要下载的资源信息的详细信息,以使所述设备端根据所述下载指令以及所述资源信息的详细信息,通过资源服务器提供的下载服务,添加下载任务,并从所述资源服务器下载资源。The device according to claim 3, wherein when the control instruction is a download instruction, the operation unit is specifically configured to acquire detailed information of the resource from the resource server management background, including a resource name, a size, and a download address. And sending a download instruction to the device end, where the download instruction includes detailed information of the resource information that the user selects to download, so that the device end downloads through the resource server according to the download instruction and the detailed information of the resource information. Service, add download tasks, and download resources from the resource server.
PCT/CN2015/072657 2015-02-10 2015-02-10 Home cloud service management method and device WO2016127313A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/072657 WO2016127313A1 (en) 2015-02-10 2015-02-10 Home cloud service management method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/072657 WO2016127313A1 (en) 2015-02-10 2015-02-10 Home cloud service management method and device

Publications (1)

Publication Number Publication Date
WO2016127313A1 true WO2016127313A1 (en) 2016-08-18

Family

ID=56615041

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/072657 WO2016127313A1 (en) 2015-02-10 2015-02-10 Home cloud service management method and device

Country Status (1)

Country Link
WO (1) WO2016127313A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106886886A (en) * 2017-03-30 2017-06-23 北京企航金服科技有限公司 Integrated capital management front device, fund management system and fund management method
CN112422340A (en) * 2020-11-18 2021-02-26 北京魔带互联科技有限公司 System and method for managing cloud service cluster

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120158190A1 (en) * 2010-12-21 2012-06-21 Microsoft Corporation Home heating server
CN103049383A (en) * 2012-12-31 2013-04-17 博彦科技(上海)有限公司 Development and testing cloud system
CN103731756A (en) * 2014-01-02 2014-04-16 中国科学院信息工程研究所 Smart home remote security access control implementation method based on smart cloud television gateway
WO2014074738A1 (en) * 2012-11-07 2014-05-15 Intertrust Technologies Corporation Personalized data management systems and methods
CN104125251A (en) * 2013-04-26 2014-10-29 华茂云天科技(北京)有限公司 Virtualization technology-based cloud computing security terminal

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120158190A1 (en) * 2010-12-21 2012-06-21 Microsoft Corporation Home heating server
WO2014074738A1 (en) * 2012-11-07 2014-05-15 Intertrust Technologies Corporation Personalized data management systems and methods
CN103049383A (en) * 2012-12-31 2013-04-17 博彦科技(上海)有限公司 Development and testing cloud system
CN104125251A (en) * 2013-04-26 2014-10-29 华茂云天科技(北京)有限公司 Virtualization technology-based cloud computing security terminal
CN103731756A (en) * 2014-01-02 2014-04-16 中国科学院信息工程研究所 Smart home remote security access control implementation method based on smart cloud television gateway

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106886886A (en) * 2017-03-30 2017-06-23 北京企航金服科技有限公司 Integrated capital management front device, fund management system and fund management method
CN112422340A (en) * 2020-11-18 2021-02-26 北京魔带互联科技有限公司 System and method for managing cloud service cluster
CN112422340B (en) * 2020-11-18 2023-05-23 北京魔带互联科技有限公司 Method for managing cloud service cluster

Similar Documents

Publication Publication Date Title
WO2013170653A1 (en) Unlocking system and method for screen lock
WO2020147383A1 (en) Process examination and approval method, device and system employing blockchain system, and non-volatile storage medium
US8245036B2 (en) Method and system for establishing a trusted and decentralized peer-to-peer network
US9356994B2 (en) Method of operating a computing device, computing device and computer program
WO2019127973A1 (en) Authority authentication method, system and device for mirror repository, and storage medium
WO2014063455A1 (en) Instant messaging method and system
US10503918B2 (en) Process to access a data storage device of a cloud computer system
WO2011153714A1 (en) Method, device and system for supporting multiple international mobile subscriber identities (imsis)
WO2020224246A1 (en) Block chain-based data management method and apparatus, device and storage medium
CN101296086B (en) Method, system and device for access authentication
US20080301435A1 (en) Peer-to-peer security authentication protocol
WO2019132272A1 (en) Id as blockchain based service
WO2015074424A1 (en) System and method for controlling mutual access of smart devices
KR20040075293A (en) Apparatus and method simplifying an encrypted network
US10050944B2 (en) Process to access a data storage device of a cloud computer system with the help of a modified Domain Name System (DNS)
JP2000115153A (en) Security method and security device
WO2014185594A1 (en) Single sign-on system and method in vdi environment
TW201629805A (en) System, method and database proxy server for separating operations of read and write
CN102739689A (en) File data transmission device and method used for cloud storage system
WO2018072261A1 (en) Information encryption method and device, information decryption method and device, and terminal
WO2015199271A1 (en) Method and system for sharing files over p2p
CN102986162A (en) License dynamic management method, device and system based on TCM or TPM
WO2019182377A1 (en) Method, electronic device, and computer-readable recording medium for generating address information used for transaction of blockchain-based cryptocurrency
WO2017016272A1 (en) Method, apparatus and system for processing virtual resource data
WO2016127313A1 (en) Home cloud service management method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15881475

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205N DATED 21/12/2017)

122 Ep: pct application non-entry in european phase

Ref document number: 15881475

Country of ref document: EP

Kind code of ref document: A1