WO2016184183A1 - Wireless communication base station, data transmission and reception method, terminal and storage medium - Google Patents

Wireless communication base station, data transmission and reception method, terminal and storage medium Download PDF

Info

Publication number
WO2016184183A1
WO2016184183A1 PCT/CN2016/073851 CN2016073851W WO2016184183A1 WO 2016184183 A1 WO2016184183 A1 WO 2016184183A1 CN 2016073851 W CN2016073851 W CN 2016073851W WO 2016184183 A1 WO2016184183 A1 WO 2016184183A1
Authority
WO
WIPO (PCT)
Prior art keywords
serial port
data
port data
base station
module
Prior art date
Application number
PCT/CN2016/073851
Other languages
French (fr)
Chinese (zh)
Inventor
管连才
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016184183A1 publication Critical patent/WO2016184183A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Definitions

  • the present invention relates to the field of communications, and in particular, to a wireless communication base station, a data transmitting method thereof, a terminal, a data receiving method thereof, and a computer storage medium.
  • LTE Long Term Evolution
  • femtocell is a client device that will eventually be placed in the user's home. Operators cannot control the user's disassembly or modification operations, which increases the risk of attack on the Femtocell device itself.
  • the Femtocell base station has a reserved transmission serial port.
  • the serial port exists as a lower-layer port of the single-board hardware.
  • the data transmitted by the serial port is directly transmitted in plaintext without being encrypted.
  • the data transmitted from the serial port of the base station is related to the internal information of the base station. It can even log in to the kernel Linux system of the base station through the serial port. If it is illegally collected and utilized, there will be a huge security hole. For example, after using a display terminal such as a personal computer (PC) to connect to the serial port, the serial port can directly obtain the data, and input some common commands, that is, the internal information of the base station can be obtained and modified, and the security risk is great.
  • PC personal computer
  • the embodiment of the present invention is to provide a wireless communication base station, a data transmission method thereof, a terminal, and a data receiving method thereof, which at least partially solve the security problem in the transmission process of the serial port data between the wireless communication base station and the terminal existing in the prior art. defect.
  • Embodiments of the present invention provide a method for transmitting data of a wireless communication base station, including: buffering serial port data that meets a preset transmission condition, and serial port data is data that is sent by a central processing unit and is to be transmitted through a serial port; The serial port data is encrypted; the encrypted serial port data is transmitted through the serial port.
  • buffering the serial port data includes dividing the serial port data into blocks and buffering the blocks.
  • the method for dividing the serial port data includes any one of the following methods: dividing the serial port data at regular intervals; and dividing the serial port data at a certain data length. .
  • encrypting the serial port data includes: obtaining an encryption key, and encrypting the serial port data block of the block cache by using the encryption key.
  • the encryption key is a public key of an asymmetric encryption algorithm.
  • the buffering of the serial port that meets the preset transmission condition includes: determining whether the serial port data meets a preset transmission condition, and buffering the serial port data block that satisfies the preset transmission condition.
  • the default transmission condition is as follows: the central processing unit has serial port data transmission, and the serial line is connected and both ends are powered.
  • the invention provides a method for receiving data of a terminal, comprising: receiving encrypted serial port data, wherein the serial port data is data sent by a central processing unit and transmitted through a serial port; and decrypting the encrypted serial port data.
  • decrypting the encrypted serial port data includes: obtaining a decryption key, and when receiving the block-encrypted serial port data, decrypting the key pair serial port data The block is decrypted; after the serial data block is decrypted, the serial port data decrypted by the block is also merged.
  • the decryption key is a private key of an asymmetric encryption algorithm.
  • the invention provides a wireless communication base station, comprising: a cache module configured to cache serial port data that meets a preset transmission condition, wherein the serial port data is data sent by the central processing unit through the serial port; the encryption module is configured to The cached serial port data is encrypted; the sending module is configured to transmit the encrypted serial port data through the serial port.
  • the encryption module includes a first key acquisition submodule and an encryption submodule, the first key acquisition submodule is configured to acquire an encryption key, and the encryption submodule is configured to be cached by the cache module.
  • the serial data block is encrypted by the encryption key.
  • the cache module includes a determining submodule and a buffer submodule, and the determining submodule is configured to determine whether the serial port data meets a preset transmission condition, and the buffer submodule is configured to satisfy a preset transmission condition.
  • the serial port data is buffered.
  • the default transmission condition is as follows: the central processing unit has serial port data transmission, and the serial line is connected and both ends are powered.
  • the present invention provides a terminal, comprising: a receiving module configured to receive encrypted serial port data; and a decryption module configured to decrypt the encrypted serial port data.
  • the decryption module includes a second key acquisition submodule and a decryption submodule, the second key acquisition submodule is configured to acquire a decryption key, and the decryption submodule is configured to receive the score when the receiving module receives
  • the terminal further includes a processing module, and the processing module is configured to merge the serialized data after the block decryption.
  • the embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute at least one of the wireless communication base station data transmission methods.
  • Wireless communication base station and data transmission method thereof, terminal and data thereof provided by embodiments of the present invention The receiving method and the computer storage medium encrypt the serial port data of the communication base station before the transmission, and the terminal decrypts the encrypted serial port data, thereby achieving the safer and more stable effect of the serial port data transmission of the communication base station, and improving the serial port.
  • the security of data transmission avoids the risk of loopholes caused by the exposure of the base station serial port.
  • FIG. 1 is a schematic flowchart of a method for transmitting data of a wireless communication base station according to Embodiment 1 of the present invention
  • FIG. 2 is a schematic flowchart of a data receiving method of a wireless communication base station according to Embodiment 2 of the present invention
  • FIG. 3 is a schematic structural diagram of a wireless communication base station according to Embodiment 3 of the present invention.
  • FIG. 4 is a schematic structural diagram of a cache module according to Embodiment 3 of the present invention.
  • FIG. 5 is a schematic structural diagram of an encryption module according to Embodiment 3 of the present invention.
  • FIG. 6 is a schematic structural diagram of a terminal according to Embodiment 4 of the present invention.
  • FIG. 7 is a schematic structural diagram of another terminal according to Embodiment 4 of the present invention.
  • FIG. 1 A first figure
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • This embodiment provides a method for transmitting data of a wireless communication base station. Referring to FIG. 1, the following steps are specifically included:
  • Step S101 Cache serial port data that meets a preset transmission condition, where the serial port data is data that is sent by the central processing unit and is to be transmitted through the serial port;
  • the serial port data is the data sent by the central processing unit and transmitted through the serial port; the preset transmission condition is: the central processing unit has a serial port.
  • the data is transmitted, and the serial cable is connected and both ends are powered on.
  • the real-time monitoring of the central processing unit (CPU) of the base station sends out serial port data. If the CPU of the base station is sent out, the serial port data is sent out, and the serial port data line of the base station is connected and two When the terminal is powered on, it is considered that the serial port data sent by the CPU of the base station is transmitted through the serial port. At this time, the serial port data is buffered.
  • the serial port data can be divided into blocks and then cached.
  • the specific segmentation method can divide the serial port data according to the time interval at a certain time interval. Preferably, the cache space is occupied.
  • the encryption processing of large or a large number of serial port data affects the efficiency, and the serial port data can be segmented once every second, or the serial port data can be segmented according to the data length every certain data length.
  • the serial port data is cached, the corresponding serial port data block is cached.
  • the serial port data is divided into blocks per second, and the cache is temporarily cached. It should be understood that the manner of segmentation is not limited to the above two methods of segmentation.
  • Step S102 encrypt the cached serial port data
  • the serial port data After buffering the serial port data to be transmitted, the serial port data is encrypted, corresponding to the buffer mode of the serial port data, and the serial port data block of the block cache is encrypted when the serial port data is encrypted, and may be at regular intervals.
  • the serial port data of the block buffer is encrypted, and the serial port data that can be cached at intervals of a certain data length is encrypted.
  • Encrypting the serial port data includes obtaining an encryption key, and encrypting the serial data block of the block cache by using the encryption key.
  • the encryption method may be performed by using an asymmetric encryption algorithm, and the obtained encryption key is the public key of the asymmetric encryption algorithm; this embodiment combines the characteristics of the serial port data rate to be small, and the maximum transmission rate is about 100 KBps, and the preferred use is
  • a more secure asymmetric encryption algorithm, RSA algorithm, through public key encryption, private key decryption, is more secure and more difficult to crack than symmetric encryption algorithm; in addition, due to the small amount of data in serial port data, asymmetric encryption algorithm and adoption are adopted.
  • the public key of the asymmetric algorithm RSA is obtained and stored, and the serial data is encrypted by using the public key. When encrypting, the cached data can be encrypted every second. After the encryption is completed, the encrypted serial port data is transmitted through the serial port. Should be reasonable The solution is that the encryption method is not limited to the above encryption method.
  • the public key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, the public key is used to encrypt the serial port data, and the private key is used for decrypting and encrypting. After the serial port data.
  • the encryption key may be manually replaced periodically, or a timer may be set to automatically update the time.
  • Step S103 transmitting the encrypted serial port data through the serial port
  • the encrypted serial port data is transmitted through the serial port, and is specifically transmitted out through the serial port line.
  • the data transmission method of the wireless communication base station in this embodiment is used to fundamentally ensure the security of the serial port data of the base station during transmission.
  • the serial port data is encrypted by the public key value before being transmitted out, even if the hacker can obtain the serial port of the base station. Data, but because there is no private key value that can be decrypted, it is not possible to obtain any relevant information inside the base station.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • This embodiment provides a terminal data receiving method. Referring to FIG. 2, the following steps are specifically included:
  • Step S201 Receive encrypted serial port data, where the serial port data is data sent by the central processing unit and transmitted through the serial port;
  • the serial port data received by the encryption is specifically the serial port data encrypted by the block that is transmitted through the serial port.
  • Step S202 Decrypt the encrypted serial port data
  • Decrypting the encrypted serial port data includes obtaining a decryption key required for decryption, decrypting the serial port data by decrypting the key block, and the decryption key corresponds to the encryption key; corresponding to the first embodiment, the implementation
  • the preferred method uses the asymmetric encryption algorithm RSA algorithm for decryption, specifically obtaining the private key of the asymmetric algorithm RSA and storing it, and then encrypting the encrypted serial port through the private key pair.
  • the data is chunked for decryption. After the serial port data is decrypted, the serial port data after the block decryption is merged, and the combined serial port data is displayed on the terminal.
  • the private key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, the public key is used to encrypt the serial port data, and the private key is used for decrypting and encrypting. After the serial port data.
  • the encryption key needs to be updated periodically as the encryption key is periodically updated.
  • the decryption key can be manually replaced periodically, or a timer can be set. Automatic timing update.
  • the terminal data receiving method in this embodiment fundamentally ensures the security of the serial port data of the base station in the process of transmitting to the terminal, and the serial port data is encrypted by the public key value before the transmission, even if the hacker can obtain the serial port of the base station. Data, but because there is no private key value that can be decrypted, it is not possible to obtain any relevant information inside the base station.
  • Embodiment 3 is a diagrammatic representation of Embodiment 3
  • the embodiment provides a wireless communication base station.
  • the following specifically includes the following modules: a cache module 301, an encryption module 302, and a sending module 303.
  • the cache module 301 is configured to cache the serial port data that meets the preset transmission condition.
  • the serial port data is sent by the central processing unit and transmitted through the serial port.
  • the preset transmission condition is: the central processing unit has serial port data outgoing.
  • the serial port is connected and the two ends are powered on.
  • the cache module 301 further includes a determining submodule 3011 and a buffer submodule 3012.
  • the determining submodule 3011 is configured to determine whether the serial port data meets the preset transmission.
  • the cache sub-module 3012 is configured to buffer serial port data that satisfies the preset transmission condition. For example, the determining sub-module 3011 monitors in real time whether the central processing unit of the base station sends out serial port data.
  • the serial port data is sent out, and the serial port data line of the base station is connected and both ends are connected. If the power is generated, the serial port data sent by the CPU of the base station board is transmitted through the serial port.
  • the association judgment sub-module 3011 and the buffer sub-module 3012 notify the buffer sub-module 3012 to buffer the serial port data when the judgment sub-module 3011 detects that the serial port data sent by the CPU of the base station is to be transmitted through the serial port.
  • the serial port data can be divided into blocks and then cached.
  • the specific segmentation method can divide the serial port data according to the time interval at a certain time interval. Preferably, the cache space is occupied.
  • the encryption processing of large or a large number of serial port data affects the efficiency, and the serial port data can be segmented once every second, or the serial port data can be segmented according to the data length every certain data length.
  • the cache sub-module 3012 caches the split serial data block.
  • the serial data block is divided into blocks per second, and the cache is a temporary cache. It should be understood that the manner of segmentation is not limited to the above two methods of segmentation.
  • the encryption module 302 is configured to encrypt the buffered serial port data block, corresponding to the buffer mode of the serial port data, and encrypt the serial port data block of the block cache when encrypting the serial port data, and may be divided at regular intervals.
  • the serial port data of the block buffer is encrypted, and the serial port data that can be cached at intervals of a certain data length is encrypted.
  • the encryption module 302 includes a first key acquisition submodule 3021 and an encryption submodule 3022.
  • the first key acquisition submodule 3021 is configured to acquire an encryption key
  • the encryption submodule 3022 is configured to obtain by using the first key.
  • the encryption key obtained by the sub-module 3021 encrypts the serial port data block; the cached serial port data block is encrypted. Specifically, the cache sub-module 3012 blocks the serial port data to be transmitted, and then notifies the encryption sub-module 3022.
  • the serial port data is encrypted in blocks.
  • the encryption sub-module 3022 is configured to encrypt the serial port data by using an asymmetric encryption algorithm, and encrypting the serial port data by using an encryption key, which is the public key of the asymmetric encryption algorithm; In combination with the characteristics of small serial port data rate, the maximum transmission rate is about 100 KBps. It is better to use a more secure asymmetric encryption algorithm.
  • the RSA algorithm is more secure and harder than the symmetric encryption algorithm by public key encryption and private key decryption. Crack; in addition, due to serial port data itself
  • the first key acquisition sub-module 3021 acquires and stores the public key used for encryption in the asymmetric encryption algorithm RSA
  • the encryption sub-module 3022 uses the public key to encrypt the serial port data, and the preferred pair is cached per second when encrypting.
  • the serial port data is encrypted in blocks, and after the encryption is completed, the encrypted serial port data is transmitted through the serial port. It should be understood that the encryption method is not limited to the above encryption method.
  • the public key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, importing the public key into the encryption module, and importing the private key into the decryption module.
  • the key is used to encrypt the serial port data
  • the private key is used to decrypt the encrypted serial port data.
  • the public key in the encryption module and the private key in the decryption module are initialized.
  • the encryption key may be manually replaced periodically, or a timer may be set to automatically update the time.
  • the sending module 303 is configured to transmit the encrypted serial port data through the serial port, and specifically, the sending module 303 transmits the encrypted serial port data to the outside through the serial port line.
  • the wireless communication base station in this embodiment fundamentally ensures the security of the serial port data of the base station in the transmission process, and the serial port data is encrypted by the public key value before the transmission, even if the hacker can obtain the serial port data of the base station, because There is no private key value that can be decrypted, nor can it obtain any information related to the internal base station.
  • the cache module of the embodiment of the present invention may correspond to a storage medium in the base station, where the storage medium may be various storage media such as a RAM or a flash.
  • the encryption module may correspond to a central processing unit, a microprocessor or a programmable array or a digital signal processor or the like within the base station.
  • the encryption module may also correspond to a processing circuit, which may include an application specific integrated circuit.
  • the sending module may be fixed to a communication interface in the base station, for example, an air interface in the base station.
  • Embodiment 4 is a diagrammatic representation of Embodiment 4:
  • This embodiment provides a terminal. Referring to FIG. 6, specifically, the receiving module 601 and the decrypting module 602 are included.
  • the receiving module 601 is configured to receive the encrypted serial port data, where the serial port data is data sent by the central processing unit and transmitted through the serial port; specifically, the encrypted serial port data transmitted through the serial port is received.
  • the decryption module 602 is configured to decrypt the encrypted serial port data.
  • the decryption module 602 includes a second key acquisition submodule 6021 and a decryption submodule 6022.
  • the second key acquisition submodule 6021 is configured to be encrypted.
  • the decryption key required for decryption is obtained before the decryption of the serial port data, and the decryption key corresponds to the encryption key.
  • the present embodiment preferably uses the asymmetric encryption algorithm RSA for decryption, specifically
  • the second key acquisition sub-module 6021 obtains the private key of the asymmetric encryption algorithm RSA and stores it, and then the decryption sub-module 6022 decrypts the block-encrypted serial data block by the private key.
  • the terminal provided in this embodiment further includes a processing module 603, where the processing module 603 is configured to merge the serialized data after the block decryption, and then merge the serial port data to be displayed on the terminal.
  • the private key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, the public key is used to encrypt the serial port data, and the private key is used for decrypting and encrypting. After the serial port data.
  • the encryption key needs to be updated periodically as the encryption key is periodically updated.
  • the decryption key can be manually replaced periodically, or a timer can be set. Automatic timing update.
  • the terminal in this embodiment is used to fundamentally ensure that the serial port data of the base station is transmitted to the terminal.
  • Security the serial port data has been encrypted by the public key value before transmission, even if the hacker can obtain the serial port data of the base station, but because there is no private key value that can be decrypted, it can not acquire any relevant information inside the base station.
  • the receiving module here may correspond to a communication interface of the terminal, for example, a receiving antenna corresponding to the terminal.
  • the decryption module can correspond to a processor or processing circuitry within the terminal.
  • the processing circuitry herein can include an application specific integrated circuit; the processor can be a variety of processors, such as a central processing unit or a microprocessor within the terminal.
  • An embodiment of the present invention provides a computer storage medium, where the computer storage medium stores computer executable instructions, and the computer executable instructions are used in at least one of the foregoing wireless communication base station data transmission methods, for example, the figure may be executed. 1 and / or the method shown in Figure 2.
  • the computer storage medium in this embodiment may be any type of storage such as an optical disk, a hard disk or a magnetic disk, and may be a non-transitory storage medium.

Abstract

Disclosed in the present invention are a wireless communication base station and a data transmission method thereof, a terminal and a data reception method thereof, caching serial data satisfying a preset transmission condition, the serial data being transmitted by central processing unit (CPU) and output through a serial port; encrypting the cached serial data, and outputting the encrypted serial data through the serial port. An embodiment of the present invention also provides a computer storage medium.

Description

无线通信基站、数据发送、接收方法、终端和存储介质Wireless communication base station, data transmission and reception method, terminal, and storage medium 技术领域Technical field
本发明涉及通信领域,尤其涉及一种无线通信基站及其数据发送方法、终端及其数据接收方法和计算机存储介质。The present invention relates to the field of communications, and in particular, to a wireless communication base station, a data transmitting method thereof, a terminal, a data receiving method thereof, and a computer storage medium.
背景技术Background technique
随着无线通信技术的高速发展,及大量的智能手机终端的出现带给人们对于移动高速互联网的需求,长期演进技术(Long Term Evolution,LTE)作为第四代移动通讯技术因其更快速的移动宽带连接速度越来越受到全球运营商和移动客户的欢迎和应用普及。移动宽带连接无处不在,随之而来的是基站的安全性受到了更多的威胁,在无线通信基站领域,尤其对于飞蜂窝(Femtocell)这样的家庭级基站产品。与传统运营商设备不同的是,Femtocell是一个客户端设备,最终会放置在用户的家中,运营商无法控制用户对其拆解或者改装等操作,这就加大了Femtocell设备本身的被攻击风险。With the rapid development of wireless communication technology and the emergence of a large number of smart phone terminals, the demand for mobile high-speed Internet, Long Term Evolution (LTE) as the fourth generation of mobile communication technology because of its faster movement Broadband connection speeds are increasingly popular and popular with operators and mobile customers worldwide. Mobile broadband connections are ubiquitous, and the security of base stations is threatened more, in the field of wireless communication base stations, especially for home-grade base station products such as femtocells. Unlike traditional carrier equipment, Femtocell is a client device that will eventually be placed in the user's home. Operators cannot control the user's disassembly or modification operations, which increases the risk of attack on the Femtocell device itself. .
Femtocell基站是有保留传输串口的,串口作为一种单板硬件更底层的端口而存在,同时串口传输的数据是直接明文传输的,没有经过加密处理。基站串口传出数据是跟基站内部相关信息相关的,甚至可以通过串口登陆基站的内核Linux系统,如果被非法采集利用,就会存在极大的安全漏洞。例如,使用一个显示终端例如个人计算机(personal computer,PC)连接串口后,就能直接得到此串口传输数据,输入一些常用命令,即可以获取及修改基站内部信息等,安全性风险很大。 The Femtocell base station has a reserved transmission serial port. The serial port exists as a lower-layer port of the single-board hardware. At the same time, the data transmitted by the serial port is directly transmitted in plaintext without being encrypted. The data transmitted from the serial port of the base station is related to the internal information of the base station. It can even log in to the kernel Linux system of the base station through the serial port. If it is illegally collected and utilized, there will be a huge security hole. For example, after using a display terminal such as a personal computer (PC) to connect to the serial port, the serial port can directly obtain the data, and input some common commands, that is, the internal information of the base station can be obtained and modified, and the security risk is great.
发明内容Summary of the invention
本发明实施例期望提供一种无线通信基站及其数据发送方法、终端及其数据接收方法,至少部分解决现有技术中存在的串口数据在无线通信基站与终端之间传输过程中的安全问题和缺陷。The embodiment of the present invention is to provide a wireless communication base station, a data transmission method thereof, a terminal, and a data receiving method thereof, which at least partially solve the security problem in the transmission process of the serial port data between the wireless communication base station and the terminal existing in the prior art. defect.
本发明实施例提供一种无线通信基站数据发送方法,包括:对满足预设的传输条件的串口数据进行缓存,串口数据为由中央处理器发出且要经串口传出的数据;对缓存后的串口数据进行加密;将加密后的串口数据经串口传出。Embodiments of the present invention provide a method for transmitting data of a wireless communication base station, including: buffering serial port data that meets a preset transmission condition, and serial port data is data that is sent by a central processing unit and is to be transmitted through a serial port; The serial port data is encrypted; the encrypted serial port data is transmitted through the serial port.
在本发明的一种实施例中,对串口数据进行缓存包括将串口数据切分后分块进行缓存。In an embodiment of the present invention, buffering the serial port data includes dividing the serial port data into blocks and buffering the blocks.
在本发明的一种实施例中,切分串口数据的方法包括以下方式中的任意一种:每隔一定的时间间隔对串口数据进行切分;每隔一定的数据长度对串口数据进行切分。In an embodiment of the present invention, the method for dividing the serial port data includes any one of the following methods: dividing the serial port data at regular intervals; and dividing the serial port data at a certain data length. .
在本发明的一种实施例中,对串口数据进行加密包括:获取加密密钥,并通过加密密钥对分块缓存的串口数据分块进行加密。In an embodiment of the present invention, encrypting the serial port data includes: obtaining an encryption key, and encrypting the serial port data block of the block cache by using the encryption key.
在本发明的一种实施例中,加密密钥为非对称加密算法的公钥。In one embodiment of the invention, the encryption key is a public key of an asymmetric encryption algorithm.
在本发明的一种实施例中,对满足预设的传输条件的串口进行缓存包括:判断串口数据是否满足预设的传输条件,对满足所述预设的传输条件的串口数据分块进行缓存;预设的传输条件为:中央处理器有串口数据传出,同时串口线已连接且两端已上电。In an embodiment of the present invention, the buffering of the serial port that meets the preset transmission condition includes: determining whether the serial port data meets a preset transmission condition, and buffering the serial port data block that satisfies the preset transmission condition. The default transmission condition is as follows: the central processing unit has serial port data transmission, and the serial line is connected and both ends are powered.
本发明提供一种终端数据接收方法,包括:接收加密后的串口数据,串口数据为由中央处理器发出且要经串口传出的数据;对加密后的串口数据进行解密。The invention provides a method for receiving data of a terminal, comprising: receiving encrypted serial port data, wherein the serial port data is data sent by a central processing unit and transmitted through a serial port; and decrypting the encrypted serial port data.
在本发明的一种实施例中,对加密后的串口数据进行解密包括:获取解密密钥,当接收到分块加密后的串口数据时,通过解密密钥对串口数据 分块进行解密;对串口数据分块进行解密后,还包括将分块解密后的串口数据进行合并。In an embodiment of the present invention, decrypting the encrypted serial port data includes: obtaining a decryption key, and when receiving the block-encrypted serial port data, decrypting the key pair serial port data The block is decrypted; after the serial data block is decrypted, the serial port data decrypted by the block is also merged.
在本发明的一种实施例中,解密密钥为非对称加密算法的私钥。In one embodiment of the invention, the decryption key is a private key of an asymmetric encryption algorithm.
本发明提供一种无线通信基站,包括:缓存模块,配置为对满足预设的传输条件的串口数据进行缓存,串口数据为由中央处理器发出需经串口传出的数据;加密模块,配置为对缓存后的串口数据进行加密;发送模块,配置为将加密后的串口数据经串口传出。The invention provides a wireless communication base station, comprising: a cache module configured to cache serial port data that meets a preset transmission condition, wherein the serial port data is data sent by the central processing unit through the serial port; the encryption module is configured to The cached serial port data is encrypted; the sending module is configured to transmit the encrypted serial port data through the serial port.
在本发明的一种实施例中,加密模块包括第一密钥获取子模块和加密子模块,第一密钥获取子模块配置为获取加密密钥,加密子模块配置为当缓存模块分块缓存串口数据时,通过加密密钥对串口数据分块进行加密。In an embodiment of the present invention, the encryption module includes a first key acquisition submodule and an encryption submodule, the first key acquisition submodule is configured to acquire an encryption key, and the encryption submodule is configured to be cached by the cache module. When serial data is used, the serial data block is encrypted by the encryption key.
在本发明的一种实施例中,缓存模块包括判断子模块和缓存子模块,判断子模块配置为判断串口数据是否满足预设的传输条件,缓存子模块配置为对满足预设的传输条件的串口数据分块进行缓存;预设的传输条件为:中央处理器有串口数据传出,同时串口线已连接且两端已上电。In an embodiment of the present invention, the cache module includes a determining submodule and a buffer submodule, and the determining submodule is configured to determine whether the serial port data meets a preset transmission condition, and the buffer submodule is configured to satisfy a preset transmission condition. The serial port data is buffered. The default transmission condition is as follows: the central processing unit has serial port data transmission, and the serial line is connected and both ends are powered.
本发明提供一种终端,其中,包括:接收模块,配置为接收加密后的串口数据;解密模块,配置为对加密后的串口数据进行解密。The present invention provides a terminal, comprising: a receiving module configured to receive encrypted serial port data; and a decryption module configured to decrypt the encrypted serial port data.
在本发明的一种实施例中,解密模块包括第二密钥获取子模块和解密子模块,第二密钥获取子模块配置为获取解密密钥,解密子模块配置为当接收模块接收到分块加密后的所述串口数据时,通过解密密钥对串口数据分块进行解密;终端还包括处理模块,处理模块配置为将分块解密后的串口数据进行合并。In an embodiment of the present invention, the decryption module includes a second key acquisition submodule and a decryption submodule, the second key acquisition submodule is configured to acquire a decryption key, and the decryption submodule is configured to receive the score when the receiving module receives When the serial port data is encrypted, the serial port data is decrypted by the decryption key; the terminal further includes a processing module, and the processing module is configured to merge the serialized data after the block decryption.
本发明实施例还提供一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,所述计算机可执行指令用于执行上述无线通信基站数据发送方法的至少其中之一。The embodiment of the present invention further provides a computer storage medium, where the computer storage medium stores computer executable instructions, and the computer executable instructions are used to execute at least one of the wireless communication base station data transmission methods.
本发明实施例提供的无线通信基站及其数据发送方法、终端及其数据 接收方法和计算机存储介质,在传输前对通信基站串口数据进行加密,终端接收到加密后的串口数据后再对其进行解密,达到了通信基站串口数据传输更安全更稳定的效果,提高了串口数据传输的安全性,避免了因基站串口暴露而产生的风险漏洞。Wireless communication base station and data transmission method thereof, terminal and data thereof provided by embodiments of the present invention The receiving method and the computer storage medium encrypt the serial port data of the communication base station before the transmission, and the terminal decrypts the encrypted serial port data, thereby achieving the safer and more stable effect of the serial port data transmission of the communication base station, and improving the serial port. The security of data transmission avoids the risk of loopholes caused by the exposure of the base station serial port.
附图说明DRAWINGS
图1为本发明实施例一提供的无线通信基站数据发送方法流程示意图;1 is a schematic flowchart of a method for transmitting data of a wireless communication base station according to Embodiment 1 of the present invention;
图2为本发明实施例二提供的无线通信基站数据接收方法流程示意图;2 is a schematic flowchart of a data receiving method of a wireless communication base station according to Embodiment 2 of the present invention;
图3为本发明实施例三提供的无线通信基站结构示意图;3 is a schematic structural diagram of a wireless communication base station according to Embodiment 3 of the present invention;
图4为本发明实施例三提供的缓存模块结构示意图;4 is a schematic structural diagram of a cache module according to Embodiment 3 of the present invention;
图5为本发明实施例三提供的加密模块结构示意图;FIG. 5 is a schematic structural diagram of an encryption module according to Embodiment 3 of the present invention;
图6为本发明实施例四提供的终端结构示意图;FIG. 6 is a schematic structural diagram of a terminal according to Embodiment 4 of the present invention; FIG.
图7为本发明实施例四提供的另一终端结构示意图。FIG. 7 is a schematic structural diagram of another terminal according to Embodiment 4 of the present invention.
具体实施方式detailed description
下面通过具体实施方式结合附图对本发明作进一步详细说明,应当理解,以下所说明的优选实施例仅用于说明和解释本发明,并不用于限定本发明。The present invention will be further described in detail with reference to the accompanying drawings, in which: FIG.
实施例一:Embodiment 1:
本实施例提供一种无线通信基站数据发送方法,请参考图1,具体包括如下几个步骤:This embodiment provides a method for transmitting data of a wireless communication base station. Referring to FIG. 1, the following steps are specifically included:
步骤S101:对满足预设的传输条件的串口数据进行缓存,所述串口数据为由中央处理器发出且要经串口传出的数据;Step S101: Cache serial port data that meets a preset transmission condition, where the serial port data is data that is sent by the central processing unit and is to be transmitted through the serial port;
对串口数据进行加密前,需要对满足预设的传输条件的串口数据进行缓存,串口数据为由中央处理器发出且要经串口传出的数据;预设的传输条件为:中央处理器有串口数据传出,同时串口线已连接且两端已上电; 具体为实时监测基站单板中央处理器(Central Process ing Unit,CPU)是否向外发出串口数据,若监测到基站单板CPU向外发出了串口数据,并且此时基站串口数据线已连接且两端都已上电,就认为基站单板CPU发出的串口数据要经串口传出,此时缓存该串口数据。Before encrypting the serial port data, the serial port data that meets the preset transmission condition needs to be cached. The serial port data is the data sent by the central processing unit and transmitted through the serial port; the preset transmission condition is: the central processing unit has a serial port. The data is transmitted, and the serial cable is connected and both ends are powered on. Specifically, the real-time monitoring of the central processing unit (CPU) of the base station sends out serial port data. If the CPU of the base station is sent out, the serial port data is sent out, and the serial port data line of the base station is connected and two When the terminal is powered on, it is considered that the serial port data sent by the CPU of the base station is transmitted through the serial port. At this time, the serial port data is buffered.
缓存串口数据时,可以将串口数据切分后分块进行缓存,其具体的切分方法可以为根据时间每隔一定的时间间隔对该串口数据进行切分,优选的,为免缓存空间占用过大或者大量串口数据的加密处理影响效率,可以每秒对串口数据进行一次切分,也可以根据数据长度每隔一定的数据长度对该串口数据进行切分。缓存串口数据时,对应的,对分块后的串口数据分块进行缓存,优选的,对按每秒切分的串口数据分块进行缓存,上述缓存都为临时缓存。应当理解的是,切分方式并不仅限于上述两种切分方式。When the serial port data is cached, the serial port data can be divided into blocks and then cached. The specific segmentation method can divide the serial port data according to the time interval at a certain time interval. Preferably, the cache space is occupied. The encryption processing of large or a large number of serial port data affects the efficiency, and the serial port data can be segmented once every second, or the serial port data can be segmented according to the data length every certain data length. When the serial port data is cached, the corresponding serial port data block is cached. Preferably, the serial port data is divided into blocks per second, and the cache is temporarily cached. It should be understood that the manner of segmentation is not limited to the above two methods of segmentation.
步骤S102:对缓存后的串口数据进行加密;Step S102: encrypt the cached serial port data;
缓存了将要传出的串口数据后,对该串口数据进行加密,对应于前述串口数据的缓存方式,加密串口数据时对分块缓存的串口数据分块进行加密,可以对每隔一定的时间间隔分块隔缓存的串口数据进行加密,与可以对每隔一定的数据长度分块缓存的串口数据进行加密。对串口数据进行加密包括获取加密密钥,并通过加密密钥对分块缓存的串口数据分块进行加密。加密的方式可以是采用非对称加密算法进行加密,获取的加密密钥即为非对称加密算法的公钥;本实施例结合串口数据速率较小的特点,最大传输速率在100KBps左右,优选的使用更安全的非对称加密算法,RSA算法,通过公钥加密、私钥解密,相比对称加密算法更安全,更难破解;另外由于串口数据本身数据量小的特点,采用非对称加密算法与采用对称加密算法两者相比,实现加密和解密的效率相差无几。具体为获取非对称算法RSA的公钥并储存,利用该公钥对串口数据进行加密,加密时可以对每秒的缓存数据进行加密,加密完成后,将加密后的串口数据经串口传出。应当理 解的是,加密方式并不仅限于上述加密方式。After buffering the serial port data to be transmitted, the serial port data is encrypted, corresponding to the buffer mode of the serial port data, and the serial port data block of the block cache is encrypted when the serial port data is encrypted, and may be at regular intervals. The serial port data of the block buffer is encrypted, and the serial port data that can be cached at intervals of a certain data length is encrypted. Encrypting the serial port data includes obtaining an encryption key, and encrypting the serial data block of the block cache by using the encryption key. The encryption method may be performed by using an asymmetric encryption algorithm, and the obtained encryption key is the public key of the asymmetric encryption algorithm; this embodiment combines the characteristics of the serial port data rate to be small, and the maximum transmission rate is about 100 KBps, and the preferred use is A more secure asymmetric encryption algorithm, RSA algorithm, through public key encryption, private key decryption, is more secure and more difficult to crack than symmetric encryption algorithm; in addition, due to the small amount of data in serial port data, asymmetric encryption algorithm and adoption are adopted. Compared with the symmetric encryption algorithm, the efficiency of encryption and decryption is almost the same. Specifically, the public key of the asymmetric algorithm RSA is obtained and stored, and the serial data is encrypted by using the public key. When encrypting, the cached data can be encrypted every second. After the encryption is completed, the encrypted serial port data is transmitted through the serial port. Should be reasonable The solution is that the encryption method is not limited to the above encryption method.
需要注意的是,本实施例中的公钥由RSA算法公私钥值生成小工具产生,其负责根据RSA算法随机生成一对公私钥对,公钥用于加密串口数据,私钥用于解密加密后的串口数据。It should be noted that the public key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, the public key is used to encrypt the serial port data, and the private key is used for decrypting and encrypting. After the serial port data.
另外,为了避免加密密钥无效或丢失的情况,优选的可以定期更新加密密钥,可以是定期手动更换该加密密钥,也可以设置定时器,使其自动定时更新。In addition, in order to avoid the case where the encryption key is invalid or lost, it is preferable to periodically update the encryption key, and the encryption key may be manually replaced periodically, or a timer may be set to automatically update the time.
步骤S103:将加密后的串口数据经串口传出;Step S103: transmitting the encrypted serial port data through the serial port;
加密后的串口数据经串口传出,具体为通过串口线向外传出。The encrypted serial port data is transmitted through the serial port, and is specifically transmitted out through the serial port line.
采用本实施例中的无线通信基站数据发送方法,从根本上保证基站串口数据在传输过程中的安全性,串口数据在向外传出前已经经过公钥值加密,即使非法侵入者可以获取基站的串口数据,但因为没有可以解密的私钥值,也不能获取任何基站内部相关的信息。The data transmission method of the wireless communication base station in this embodiment is used to fundamentally ensure the security of the serial port data of the base station during transmission. The serial port data is encrypted by the public key value before being transmitted out, even if the hacker can obtain the serial port of the base station. Data, but because there is no private key value that can be decrypted, it is not possible to obtain any relevant information inside the base station.
实施例二:Embodiment 2:
本实施例提供一种终端数据接收方法,请参考图2,具体包括如下几个步骤:This embodiment provides a terminal data receiving method. Referring to FIG. 2, the following steps are specifically included:
步骤S201:接收加密后的串口数据,所述串口数据为由中央处理器发出且要经串口传出的数据;Step S201: Receive encrypted serial port data, where the serial port data is data sent by the central processing unit and transmitted through the serial port;
接收加密后的串口数据具体为接收经串口传出的分块加密后的串口数据。The serial port data received by the encryption is specifically the serial port data encrypted by the block that is transmitted through the serial port.
步骤S202:对加密后的串口数据进行解密;Step S202: Decrypt the encrypted serial port data;
对加密后的串口数据进行解密包括获取解密所需的解密密钥,通过解密密钥分块对串口数据进行解密,所述解密密钥与加密密钥相对应;对应于实施例一,本实施例优选的采用非对称加密算法RSA算法进行解密,具体为获取非对称算法RSA的私钥并储存,然后通过该私钥对加密后的串口 数据分块进行解密。将串口数据分块解密后,还包括将分块解密后的串口数据进行合并,并且将合并后的串口数据显示在终端上。Decrypting the encrypted serial port data includes obtaining a decryption key required for decryption, decrypting the serial port data by decrypting the key block, and the decryption key corresponds to the encryption key; corresponding to the first embodiment, the implementation The preferred method uses the asymmetric encryption algorithm RSA algorithm for decryption, specifically obtaining the private key of the asymmetric algorithm RSA and storing it, and then encrypting the encrypted serial port through the private key pair. The data is chunked for decryption. After the serial port data is decrypted, the serial port data after the block decryption is merged, and the combined serial port data is displayed on the terminal.
需要注意的是,本实施例中的私钥由RSA算法公私钥值生成小工具产生,其负责根据RSA算法随机生成一对公私钥对,公钥用于加密串口数据,私钥用于解密加密后的串口数据。It should be noted that the private key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, the public key is used to encrypt the serial port data, and the private key is used for decrypting and encrypting. After the serial port data.
另外,为了避免加密密钥无效或丢失的情况,相应的随着定期更新加密密钥,也需要定期更新解密密钥,同样可以是定期手动更换该解密密钥,也可以设置定时器,使其自动定时更新。In addition, in order to avoid invalid or lost encryption keys, the encryption key needs to be updated periodically as the encryption key is periodically updated. The decryption key can be manually replaced periodically, or a timer can be set. Automatic timing update.
特别需要注意的是,使用过程中需要特别注意私钥的存放,防止出现泄密事故。In particular, it is necessary to pay special attention to the storage of private keys during use to prevent leakage accidents.
采用本实施例中的终端数据接收方法,从根本上保证基站串口数据在传输到终端的过程中的安全性,串口数据在传输前已经经过公钥值加密,即使非法侵入者可以获取基站的串口数据,但因为没有可以解密的私钥值,也不能获取任何基站内部相关的信息。The terminal data receiving method in this embodiment fundamentally ensures the security of the serial port data of the base station in the process of transmitting to the terminal, and the serial port data is encrypted by the public key value before the transmission, even if the hacker can obtain the serial port of the base station. Data, but because there is no private key value that can be decrypted, it is not possible to obtain any relevant information inside the base station.
实施例三:Embodiment 3:
本实施例提供一种无线通信基站,请参考图3,具体包括如下模块:缓存模块301和加密模块302和发送模块303。The embodiment provides a wireless communication base station. Referring to FIG. 3, the following specifically includes the following modules: a cache module 301, an encryption module 302, and a sending module 303.
缓存模块301配置为对满足预设的传输条件的串口数据进行缓存,该串口数据为由中央处理器发出需经串口传出的数据,预设的传输条件为:中央处理器有串口数据传出,同时串口线已连接且两端已上电;请参见图4,缓存模块301还包括判断子模块3011和缓存子模块3012,判断子模块3011配置为判断串口数据是否满足所述预设的传输条件,缓存子模块3012配置为对满足所述预设的传输条件的串口数据进行缓存。例如,判断子模块3011实时监测基站单板中央处理器是否向外发出串口数据,若监测到基站单板CPU向外发出了串口数据,并且此时基站串口数据线已连接且两端都已上 电,就认为基站单板CPU发出的串口数据要经串口传出。关联判断子模块3011和缓存子模块3012,当判断子模块3011检测到基站单板CPU发出的串口数据要经串口传出时,通知缓存子模块3012缓存该串口数据。The cache module 301 is configured to cache the serial port data that meets the preset transmission condition. The serial port data is sent by the central processing unit and transmitted through the serial port. The preset transmission condition is: the central processing unit has serial port data outgoing. The serial port is connected and the two ends are powered on. Referring to FIG. 4, the cache module 301 further includes a determining submodule 3011 and a buffer submodule 3012. The determining submodule 3011 is configured to determine whether the serial port data meets the preset transmission. Conditionally, the cache sub-module 3012 is configured to buffer serial port data that satisfies the preset transmission condition. For example, the determining sub-module 3011 monitors in real time whether the central processing unit of the base station sends out serial port data. If the CPU of the base station is sent out, the serial port data is sent out, and the serial port data line of the base station is connected and both ends are connected. If the power is generated, the serial port data sent by the CPU of the base station board is transmitted through the serial port. The association judgment sub-module 3011 and the buffer sub-module 3012 notify the buffer sub-module 3012 to buffer the serial port data when the judgment sub-module 3011 detects that the serial port data sent by the CPU of the base station is to be transmitted through the serial port.
缓存串口数据时,可以将串口数据切分后分块进行缓存,其具体的切分方法可以为根据时间每隔一定的时间间隔对该串口数据进行切分,优选的,为免缓存空间占用过大或者大量串口数据的加密处理影响效率,可以每秒对串口数据进行一次切分,也可以根据数据长度每隔一定的数据长度对该串口数据进行切分。缓存串口数据时,对应的,缓存子模块3012对切分后的串口数据分块进行缓存,优选的,对按每秒切分的串口数据分块进行缓存,上述缓存都为临时缓存。应当理解的是,切分方式并不仅限于上述两种切分方式。When the serial port data is cached, the serial port data can be divided into blocks and then cached. The specific segmentation method can divide the serial port data according to the time interval at a certain time interval. Preferably, the cache space is occupied. The encryption processing of large or a large number of serial port data affects the efficiency, and the serial port data can be segmented once every second, or the serial port data can be segmented according to the data length every certain data length. When the serial port data is cached, the cache sub-module 3012 caches the split serial data block. Preferably, the serial data block is divided into blocks per second, and the cache is a temporary cache. It should be understood that the manner of segmentation is not limited to the above two methods of segmentation.
加密模块302配置为对缓存后的串口数据分块进行加密,对应于前述串口数据的缓存方式,加密串口数据时对分块缓存的串口数据分块进行加密,可以对每隔一定的时间间隔分块缓存的串口数据进行加密,与可以对每隔一定的数据长度分块缓存的串口数据进行加密。请参见图5,加密模块302包括第一密钥获取子模块3021和加密子模块3022,第一密钥获取子模块3021配置为获取加密密钥,加密子模块3022配置为通过第一密钥获取子模块3021获取的加密密钥对串口数据分块进行加密;对缓存后的串口数据分块进行加密具体为缓存子模块3012分块缓存了将要传出的串口数据后,通知加密子模块3022对该串口数据分块进行加密。例如,加密子模块3022配置为对串口数据进行加密的方式可以是采用非对称加密算法加密,通过加密密钥对串口数据进行加密,该加密密钥即为非对称加密算法的公钥;本实施例结合串口数据速率较小的特点,最大传输速率在100KBps左右,优选的使用更安全的非对称加密算法,RSA算法,通过公钥加密、私钥解密,相比对称加密算法更安全,更难破解;另外由于串口数据本身数据 量小的特点,采用非对称加密算法与采用对称加密算法两者相比,实现加密和解密的效率相差无几。具体为,第一密钥获取子模块3021获取非对称加密算法RSA中用于加密的公钥并储存,加密子模块3022利用该公钥对串口数据进行加密,加密时优选的对按每秒缓存的串口数据分块进行加密,加密完成后,将加密后的串口数据经串口传出。应当理解的是,加密方式并不仅限于上述加密方式。The encryption module 302 is configured to encrypt the buffered serial port data block, corresponding to the buffer mode of the serial port data, and encrypt the serial port data block of the block cache when encrypting the serial port data, and may be divided at regular intervals. The serial port data of the block buffer is encrypted, and the serial port data that can be cached at intervals of a certain data length is encrypted. Referring to FIG. 5, the encryption module 302 includes a first key acquisition submodule 3021 and an encryption submodule 3022. The first key acquisition submodule 3021 is configured to acquire an encryption key, and the encryption submodule 3022 is configured to obtain by using the first key. The encryption key obtained by the sub-module 3021 encrypts the serial port data block; the cached serial port data block is encrypted. Specifically, the cache sub-module 3012 blocks the serial port data to be transmitted, and then notifies the encryption sub-module 3022. The serial port data is encrypted in blocks. For example, the encryption sub-module 3022 is configured to encrypt the serial port data by using an asymmetric encryption algorithm, and encrypting the serial port data by using an encryption key, which is the public key of the asymmetric encryption algorithm; In combination with the characteristics of small serial port data rate, the maximum transmission rate is about 100 KBps. It is better to use a more secure asymmetric encryption algorithm. The RSA algorithm is more secure and harder than the symmetric encryption algorithm by public key encryption and private key decryption. Crack; in addition, due to serial port data itself The small amount of features, the use of asymmetric encryption algorithm and the use of symmetric encryption algorithm, the efficiency of encryption and decryption is almost the same. Specifically, the first key acquisition sub-module 3021 acquires and stores the public key used for encryption in the asymmetric encryption algorithm RSA, and the encryption sub-module 3022 uses the public key to encrypt the serial port data, and the preferred pair is cached per second when encrypting. The serial port data is encrypted in blocks, and after the encryption is completed, the encrypted serial port data is transmitted through the serial port. It should be understood that the encryption method is not limited to the above encryption method.
需要注意的是,本实施例中的公钥由RSA算法公私钥值生成小工具产生,其负责根据RSA算法随机生成一对公私钥对,将公钥导入加密模块,私钥导入解密模块,公钥用于加密串口数据,私钥用于解密加密后的串口数据,在对串口数据进行加密前,需初始化加密模块中的公钥和解密模块中的私钥。It should be noted that the public key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, importing the public key into the encryption module, and importing the private key into the decryption module. The key is used to encrypt the serial port data, and the private key is used to decrypt the encrypted serial port data. Before encrypting the serial port data, the public key in the encryption module and the private key in the decryption module are initialized.
另外,为了避免加密密钥无效或丢失的情况,优选的可以定期更新加密密钥,可以是定期手动更换该加密密钥,也可以设置定时器,使其自动定时更新。In addition, in order to avoid the case where the encryption key is invalid or lost, it is preferable to periodically update the encryption key, and the encryption key may be manually replaced periodically, or a timer may be set to automatically update the time.
发送模块303配置为将加密后的串口数据经串口传出,具体为发送模块303将加密后的串口数据通过串口线向外传出。The sending module 303 is configured to transmit the encrypted serial port data through the serial port, and specifically, the sending module 303 transmits the encrypted serial port data to the outside through the serial port line.
采用本实施例中的无线通信基站,从根本上保证基站串口数据在传输过程中的安全性,串口数据在传输前已经经过公钥值加密,即使非法侵入者可以获取基站的串口数据,但因为没有可以解密的私钥值,也不能获取任何基站内部相关的信息。The wireless communication base station in this embodiment fundamentally ensures the security of the serial port data of the base station in the transmission process, and the serial port data is encrypted by the public key value before the transmission, even if the hacker can obtain the serial port data of the base station, because There is no private key value that can be decrypted, nor can it obtain any information related to the internal base station.
本发明实施例缓存模块可对应于基站内的存储介质,这里的存储介质可为RAM或flash等各种存储介质。The cache module of the embodiment of the present invention may correspond to a storage medium in the base station, where the storage medium may be various storage media such as a RAM or a flash.
所述加密模块可对应于基站内的中央处理器、微处理器或可编程阵列或数字信号处理器等。所述加密模块还可对应于处理电路,所述处理电路可包括专用集成电路。 The encryption module may correspond to a central processing unit, a microprocessor or a programmable array or a digital signal processor or the like within the base station. The encryption module may also correspond to a processing circuit, which may include an application specific integrated circuit.
所述发送模块可定于基站内的通信接口,例如,基站内的空口。The sending module may be fixed to a communication interface in the base station, for example, an air interface in the base station.
实施例四:Embodiment 4:
本实施例提供一种终端,请参考图6,具体包括接收模块601和解密模块602。This embodiment provides a terminal. Referring to FIG. 6, specifically, the receiving module 601 and the decrypting module 602 are included.
接收模块601配置为接收加密后的串口数据,所述串口数据为由中央处理器发出且要经串口传出的数据;具体为接收经串口传出的加密后的串口数据。The receiving module 601 is configured to receive the encrypted serial port data, where the serial port data is data sent by the central processing unit and transmitted through the serial port; specifically, the encrypted serial port data transmitted through the serial port is received.
解密模块602配置为对加密后的串口数据进行解密,请参见图7,解密模块602包括第二密钥获取子模块6021和解密子模块6022,第二密钥获取子模块6021配置为对加密后的串口数据进行解密前获取解密所需的解密密钥,所述解密密钥与加密密钥相对应,对应于实施例一,本实施例优选的采用非对称加密算法RSA进行解密,具体为第二密钥获取子模块6021获取非对称加密算法RSA的私钥并储存,然后解密子模块6022通过该私钥对分块加密后的串口数据分块进行解密。本实施例提供的终端,还包括处理模块603,处理模块603用于将分块解密后的串口数据进行合并,合并后将串口数据正常显示在终端。The decryption module 602 is configured to decrypt the encrypted serial port data. Referring to FIG. 7, the decryption module 602 includes a second key acquisition submodule 6021 and a decryption submodule 6022. The second key acquisition submodule 6021 is configured to be encrypted. The decryption key required for decryption is obtained before the decryption of the serial port data, and the decryption key corresponds to the encryption key. Corresponding to the first embodiment, the present embodiment preferably uses the asymmetric encryption algorithm RSA for decryption, specifically The second key acquisition sub-module 6021 obtains the private key of the asymmetric encryption algorithm RSA and stores it, and then the decryption sub-module 6022 decrypts the block-encrypted serial data block by the private key. The terminal provided in this embodiment further includes a processing module 603, where the processing module 603 is configured to merge the serialized data after the block decryption, and then merge the serial port data to be displayed on the terminal.
需要注意的是,本实施例中的私钥由RSA算法公私钥值生成小工具产生,其负责根据RSA算法随机生成一对公私钥对,公钥用于加密串口数据,私钥用于解密加密后的串口数据。It should be noted that the private key in this embodiment is generated by the RSA algorithm public-private key generation gadget, which is responsible for randomly generating a pair of public-private key pairs according to the RSA algorithm, the public key is used to encrypt the serial port data, and the private key is used for decrypting and encrypting. After the serial port data.
另外,为了避免加密密钥无效或丢失的情况,相应的随着定期更新加密密钥,也需要定期更新解密密钥,同样可以是定期手动更换该解密密钥,也可以设置定时器,使其自动定时更新。In addition, in order to avoid invalid or lost encryption keys, the encryption key needs to be updated periodically as the encryption key is periodically updated. The decryption key can be manually replaced periodically, or a timer can be set. Automatic timing update.
特别需要注意的是,使用过程中需要特别注意私钥的存放,防止出现泄密事故。In particular, it is necessary to pay special attention to the storage of private keys during use to prevent leakage accidents.
采用本实施例中的终端,从根本上保证基站串口数据在传输到终端时 的安全性,串口数据在传输前已经经过公钥值加密,即使非法侵入者可以获取基站的串口数据,但因为没有可以解密的私钥值,也不能获取任何基站内部相关的信息。The terminal in this embodiment is used to fundamentally ensure that the serial port data of the base station is transmitted to the terminal. Security, the serial port data has been encrypted by the public key value before transmission, even if the hacker can obtain the serial port data of the base station, but because there is no private key value that can be decrypted, it can not acquire any relevant information inside the base station.
这里的接收模块可对应于终端的通信接口,例如,对应于终端的接收天线。The receiving module here may correspond to a communication interface of the terminal, for example, a receiving antenna corresponding to the terminal.
所述解密模块可对应于终端内的处理器或处理电路。这里的处理电路可包括专用集成电路;所述处理器可为终端内的中央处理器或微处理器等各种处理器。The decryption module can correspond to a processor or processing circuitry within the terminal. The processing circuitry herein can include an application specific integrated circuit; the processor can be a variety of processors, such as a central processing unit or a microprocessor within the terminal.
本发明实施例提供一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,所述计算机可执行指令用于前述述无线通信基站数据发送方法的至少其中之一,例如可以执行图1和/或图2所示的方法。An embodiment of the present invention provides a computer storage medium, where the computer storage medium stores computer executable instructions, and the computer executable instructions are used in at least one of the foregoing wireless communication base station data transmission methods, for example, the figure may be executed. 1 and / or the method shown in Figure 2.
本实施例所述计算机存储介质可为光盘、硬盘或磁盘等各种类型的存储就诶之,可选为非瞬间存储介质。The computer storage medium in this embodiment may be any type of storage such as an optical disk, a hard disk or a magnetic disk, and may be a non-transitory storage medium.
以上内容是结合具体的实施方式对本发明所作的进一步详细说明,凡按照本发明原理所作的修改,都应当理解为落入本发明的保护范围。 The above is a further detailed description of the present invention in combination with the specific embodiments, and the modifications made in accordance with the principles of the present invention should be understood as falling within the scope of the present invention.

Claims (15)

  1. 一种无线通信基站数据发送方法,包括:A method for transmitting data of a wireless communication base station, comprising:
    对满足预设的传输条件的串口数据进行缓存,所述串口数据为由中央处理器发出且要经串口传出的数据;Cache the serial port data that meets the preset transmission condition, and the serial port data is data that is sent by the central processing unit and is to be transmitted through the serial port;
    对缓存后的所述串口数据进行加密;Encrypting the cached serial port data;
    将加密后的所述串口数据经串口传出。The encrypted serial port data is transmitted through the serial port.
  2. 如权利要求1所述的无线通信基站数据发送方法,其中,对所述串口数据进行缓存包括将所述串口数据切分后分块进行缓存。The method for transmitting data of a wireless communication base station according to claim 1, wherein the buffering the serial port data comprises dividing the serial port data into blocks and buffering the blocks.
  3. 如权利要求2所述的无线通信基站数据发送方法,其中,切分所述串口数据的方法包括以下方式中的任意一种:The method for transmitting data of a wireless communication base station according to claim 2, wherein the method of dividing the serial port data comprises any one of the following methods:
    每隔一定的时间间隔对所述串口数据进行切分;Separating the serial port data at regular intervals;
    每隔一定的数据长度对所述串口数据进行切分。The serial port data is segmented every certain data length.
  4. 如权利要求2或3所述的无线通信基站数据发送方法,其中,对所述串口数据进行加密包括:The method for transmitting data of a wireless communication base station according to claim 2 or 3, wherein encrypting the serial port data comprises:
    获取加密密钥,并通过所述加密密钥对分块缓存的所述串口数据分块进行加密。Obtaining an encryption key, and encrypting the serial port data block of the block cache by using the encryption key.
  5. 如权利要求4所述的无线通信基站数据发送方法,其中,所述加密密钥为非对称加密算法的公钥。The wireless communication base station data transmitting method according to claim 4, wherein the encryption key is a public key of an asymmetric encryption algorithm.
  6. 如权利要求1至3任一项所述的无线通信基站数据发送方法,其中,所述对满足预设的传输条件的串口数据进行缓存包括:The method for transmitting data of a wireless communication base station according to any one of claims 1 to 3, wherein the buffering of the serial port data that satisfies the preset transmission condition comprises:
    判断所述串口数据是否满足所述预设的传输条件,对满足所述预设的传输条件的所述串口数据分块进行缓存;Determining whether the serial port data meets the preset transmission condition, and buffering, by using the serial port data block that meets the preset transmission condition;
    所述预设的传输条件为:中央处理器有所述串口数据传出,同时串口线已连接且两端已上电。The preset transmission condition is: the central processing unit has the serial port data transmitted, and the serial line is connected and both ends are powered.
  7. 一种终端数据接收方法,其中,包括: A terminal data receiving method, comprising:
    接收加密后的串口数据,所述串口数据为由中央处理器发出且要经串口传出的数据;Receiving the encrypted serial port data, where the serial port data is data sent by the central processing unit and transmitted through the serial port;
    对加密后的所述串口数据进行解密。The encrypted serial port data is decrypted.
  8. 如权利要求7所述的终端数据接收方法,其中,所述对加密后的所述串口数据进行解密包括:The terminal data receiving method according to claim 7, wherein the decrypting the encrypted serial port data comprises:
    获取解密密钥,当接收到分块加密后的所述串口数据时,通过所述解密密钥对所述串口数据分块进行解密;Acquiring a decryption key, and when receiving the serial port data encrypted by the block, decrypting the serial data block by using the decryption key;
    将所述串口数据分块进行解密后,还包括将分块解密后的所述串口数据进行合并。After the serial port data is decrypted by the block, the serial port data after the block decryption is further combined.
  9. 如权利要求8所述的终端数据接收方法,其中,所述解密密钥为非对称加密算法的私钥。The terminal data receiving method according to claim 8, wherein said decryption key is a private key of an asymmetric encryption algorithm.
  10. 一种无线通信基站,其中,包括:A wireless communication base station, comprising:
    缓存模块,配置为对满足预设的传输条件的串口数据进行缓存,所述串口数据为由中央处理器发出需经串口传出的数据;a cache module configured to cache serial port data that meets a preset transmission condition, where the serial port data is sent by the central processing unit to be transmitted through the serial port;
    加密模块,配置为对缓存后的所述串口数据进行加密;The encryption module is configured to encrypt the cached serial port data;
    发送模块,配置为将加密后的所述串口数据经串口传出。The sending module is configured to transmit the encrypted serial port data through the serial port.
  11. 如权利要求10所述的无线通信基站,其中,所述加密模块包括第一密钥获取子模块和加密子模块,The wireless communication base station according to claim 10, wherein said encryption module comprises a first key acquisition submodule and an encryption submodule,
    所述第一密钥获取子模块配置为获取加密密钥,The first key acquisition submodule is configured to acquire an encryption key,
    所述加密子模块配置为当所述缓存模块分块缓存所述串口数据时,通过所述加密密钥对所述串口数据分块进行加密。The encryption submodule is configured to encrypt the serial port data block by using the encryption key when the cache module caches the serial port data in blocks.
  12. 如权利要求10或11所述的无线通信基站,其中,所述缓存模块包括判断子模块和缓存子模块,The wireless communication base station according to claim 10 or 11, wherein the cache module comprises a judgment submodule and a cache submodule,
    所述判断子模块配置为判断所述串口数据是否满足所述预设的传输条件, The determining submodule is configured to determine whether the serial port data meets the preset transmission condition,
    所述缓存子模块配置为对满足所述预设的传输条件的所述串口数据分块进行缓存;所述预设的传输条件为:中央处理器有所述串口数据传出,同时串口线已连接且两端已上电。The buffer sub-module is configured to cache the serial port data block that meets the preset transmission condition; the preset transmission condition is: the central processor has the serial port data transmitted, and the serial line has been Connected and powered on both ends.
  13. 一种终端,其中,包括:A terminal, including:
    接收模块,配置为接收加密后的串口数据,所述串口数据为由中央处理器发出且要经串口传出的数据;The receiving module is configured to receive the encrypted serial port data, where the serial port data is data sent by the central processing unit and transmitted through the serial port;
    解密模块,配置为对加密后的所述串口数据进行解密。The decryption module is configured to decrypt the encrypted serial port data.
  14. 如权利要求13所述的终端,其中,The terminal of claim 13 wherein
    所述解密模块包括第二密钥获取子模块和解密子模块,The decryption module includes a second key acquisition submodule and a decryption submodule,
    所述第二密钥获取子模块配置为获取解密密钥,The second key acquisition submodule is configured to acquire a decryption key,
    所述解密子模块配置为当所述接收模块接收到分块加密后的所述串口数据时,通过所述解密密钥对所述串口数据分块进行解密;The decryption sub-module is configured to decrypt the serial port data block by using the decryption key when the receiving module receives the block-encrypted serial port data;
    所述终端还包括处理模块,The terminal further includes a processing module,
    所述处理模块配置为将分块解密后的所述串口数据进行合并。The processing module is configured to merge the serial port data decrypted by the block.
  15. 一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,所述计算机可执行指令用于执行权利要求1至7所述无线通信基站数据发送方法的至少其中之一。 A computer storage medium having stored therein computer executable instructions for performing at least one of the wireless communication base station data transmission methods of claims 1 to 7.
PCT/CN2016/073851 2015-10-10 2016-02-16 Wireless communication base station, data transmission and reception method, terminal and storage medium WO2016184183A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510653899.1A CN106572061A (en) 2015-10-10 2015-10-10 Wireless communication base station and data sending method thereof, and terminal and data reception thereof
CN201510653899.1 2015-10-10

Publications (1)

Publication Number Publication Date
WO2016184183A1 true WO2016184183A1 (en) 2016-11-24

Family

ID=57319402

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/073851 WO2016184183A1 (en) 2015-10-10 2016-02-16 Wireless communication base station, data transmission and reception method, terminal and storage medium

Country Status (2)

Country Link
CN (1) CN106572061A (en)
WO (1) WO2016184183A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1916925A (en) * 2006-09-05 2007-02-21 北京飞天诚信科技有限公司 Method and equipment for carrying out safety communication between USB device and host
CN101442739A (en) * 2007-11-20 2009-05-27 展讯通信(上海)有限公司 Method for protecting AT instruction
CN101494684A (en) * 2008-01-24 2009-07-29 北京汉潮大成科技孵化器有限公司 Mobile phone data backup device capable of communicating with serial encipher mobile phone
CN101877849A (en) * 2009-04-28 2010-11-03 福建星网锐捷通讯股份有限公司 Communication method between wireless module and external equipment
US20110055864A1 (en) * 2009-08-26 2011-03-03 Sling Media Inc. Systems and methods for transcoding and place shifting media content

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1247041C (en) * 2003-10-24 2006-03-22 海信集团有限公司 Method of encrypting mobile terminals
EP2056542A1 (en) * 2007-10-29 2009-05-06 Panasonic Corporation Transmission power mask for fast access requests
CN102036232B (en) * 2010-12-17 2015-12-09 中兴通讯股份有限公司 A kind of base station data sending, receiving method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1916925A (en) * 2006-09-05 2007-02-21 北京飞天诚信科技有限公司 Method and equipment for carrying out safety communication between USB device and host
CN101442739A (en) * 2007-11-20 2009-05-27 展讯通信(上海)有限公司 Method for protecting AT instruction
CN101494684A (en) * 2008-01-24 2009-07-29 北京汉潮大成科技孵化器有限公司 Mobile phone data backup device capable of communicating with serial encipher mobile phone
CN101877849A (en) * 2009-04-28 2010-11-03 福建星网锐捷通讯股份有限公司 Communication method between wireless module and external equipment
US20110055864A1 (en) * 2009-08-26 2011-03-03 Sling Media Inc. Systems and methods for transcoding and place shifting media content

Also Published As

Publication number Publication date
CN106572061A (en) 2017-04-19

Similar Documents

Publication Publication Date Title
WO2018014723A1 (en) Key management method, apparatus, device and system
US20150264724A1 (en) Method and system of establishing wireless communication connection
TW201330577A (en) Data protection system and method based on cloud storage
WO2016008344A1 (en) Wireless connection establishing methods and wireless connection establishing apparatuses
CN103428221A (en) Safety logging method, system and device of mobile application
CA2829689A1 (en) An instant communication method and system
WO2015117451A1 (en) Encrypted communications method and communications terminal, and computer storage medium
CN109104273B (en) Message processing method and receiving end server
CN112291268B (en) Information transmission method, device, equipment and storage medium
TWI553504B (en) A cloud encryption system and method
CN105141984A (en) Network video obtaining system and network video obtaining method
WO2017080356A1 (en) Secure input method, device and system
CN112182624A (en) Encryption method, encryption device, storage medium and electronic equipment
JP6192870B2 (en) Encryption communication apparatus, encryption communication terminal, encryption communication method, and encryption communication program
JP5054317B2 (en) Encryption key setting method, network system, management apparatus, information processing terminal, and encryption key setting program
US11546151B2 (en) System for securing deployed security cameras
CN105450597B (en) A kind of information transferring method and device
CN105827601A (en) Data encryption application method and system of mobile device
WO2016184183A1 (en) Wireless communication base station, data transmission and reception method, terminal and storage medium
CN107529159B (en) Access layer encryption, decryption and integrity protection method and device for broadband cluster downlink shared channel and security implementation method
JP2018042081A (en) Data transmitting/receiving method and sensing system
KR101440585B1 (en) Memory card with encryption functions
JP2016139861A (en) Encryption device, encryption method and distribution system
CN101483640B (en) Method and apparatus for encrypted authentication
CN104301332B (en) A kind of key distribution system based on wireless cascade

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16795670

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16795670

Country of ref document: EP

Kind code of ref document: A1