WO2017036310A1 - 验证信息的更新方法及装置 - Google Patents
验证信息的更新方法及装置 Download PDFInfo
- Publication number
- WO2017036310A1 WO2017036310A1 PCT/CN2016/095858 CN2016095858W WO2017036310A1 WO 2017036310 A1 WO2017036310 A1 WO 2017036310A1 CN 2016095858 W CN2016095858 W CN 2016095858W WO 2017036310 A1 WO2017036310 A1 WO 2017036310A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- smart device
- random number
- session random
- verification
- request message
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/062—Pre-authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/70—Services for machine-to-machine communication [M2M] or machine type communication [MTC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Definitions
- the present application relates to the field of network security technologies, and in particular, to a method and an apparatus for updating authentication information.
- the prior art allocates a verification key (Key) and a verification password (Secret) to each smart device through the management platform, calculates a signature value according to the verification number and the verification password, and authenticates the identity of the smart device on the management platform by using the signature value. Since the verification number and the verification password are preset when the smart device is shipped from the factory, and the same type of verification number and verification password are assigned to the same type of smart device, the smart device is easily impersonated or attacked, and the security of the smart device is low.
- the present application provides a new technical solution, which improves the difficulty of the verification information being monitored during the update process by dynamically updating the verification information of the smart device.
- a method for updating verification information which is applied to a server, includes:
- a method for updating the verification information which is applied to the terminal device, includes:
- a method for updating verification information which is applied to a smart device, includes:
- an apparatus for updating verification information which is applied to a server, includes:
- a first receiving module configured to receive a first request message that is required to be bound to the smart device by the terminal device, where the first request message carries a UUID of the smart device;
- a first determining module configured to determine a binding relationship between the UUID received by the first receiving module and a user identifier of the terminal device, and generate a session random number corresponding to the binding relationship
- a first generating module configured to generate a new verification number and a new verification password of the smart device according to the session random number determined by the first determining module.
- an apparatus for updating verification information which is applied to a terminal device, includes:
- a third sending module configured to send, to the server, a first request message that needs to be bound to the smart device, where the first request message carries a universal unique identifier UUID of the smart device;
- a fourth receiving module configured to receive a session random number generated by the server according to the first request message sent by the third sending module
- a fourth sending module configured to send the session random number received by the fourth receiving module to the smart device, where the smart device generates the smart device according to the session random number New verification number and verification password.
- an apparatus for updating verification information which is applied to a smart device, includes:
- a seventh receiving module configured to receive a session random number from the server forwarded by the terminal device
- a third generating module configured to generate a new verification number and a new verification password of the smart device according to the session random number received by the seventh receiving module.
- the present application implements the verification information of the smart device by using the terminal device to generate the session random number by using the binding relationship between the UUID of the smart device and the user identifier of the terminal device (the verification number of the smart device in the present application and
- the dynamic update of the verification password improves the difficulty of the verification information being monitored during the update process, enabling the smart device and the server to implement authentication and authorization based on the verification information in the session, thereby enhancing the security of the system and effectively avoiding the smart device. Being impersonated or attacked in the Internet of Things.
- FIG. 1A is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment of the present invention
- FIG. 1B shows a scene view according to an exemplary embodiment of the present invention
- FIG. 2 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment 2 of the present invention
- FIG. 3 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment 3 of the present invention
- FIG. 4 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment 4 of the present invention
- FIG. 5 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment 5 of the present invention
- FIG. 6 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment 6 of the present invention.
- FIG. 7 is a flow chart showing a method for updating verification information according to an exemplary embodiment 7 of the present invention.
- FIG. 8 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment 8 of the present invention.
- FIG. 9 shows a signaling diagram of a method of updating authentication information according to an exemplary embodiment of the present invention.
- FIG. 10 is a block diagram showing the structure of a server according to an exemplary embodiment of the present invention.
- FIG. 11 is a schematic structural diagram of a terminal device according to an exemplary embodiment of the present invention.
- FIG. 12 is a schematic structural diagram of a smart device according to an exemplary embodiment of the present invention.
- FIG. 13 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment of the present invention.
- FIG. 14 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment of the present invention.
- FIG. 15 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment 3 of the present invention.
- FIG. 16 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment 4 of the present invention.
- FIG. 17 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment 5 of the present invention.
- FIG. 18 is a block diagram showing the structure of an update apparatus for verifying information according to an exemplary embodiment 6 of the present invention.
- first, second, third, etc. may be used to describe various information in this application, such information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
- first information may also be referred to as the second information without departing from the scope of the present application.
- second information may also be referred to as the first information.
- word "if” as used herein may be interpreted as "when” or “when” or “in response to a determination.”
- the present invention implements the dynamic update of the authentication information of the smart device (the verification number and the verification password of the smart device in the present application) by using the terminal device to generate the session random number by using the binding relationship between the UUID of the smart device and the user identifier of the terminal device. It improves the difficulty of the verification information being monitored during the update process, enables the smart device and the server to implement authentication and authorization based on the verification information in the session, strengthens the security of the system, and effectively avoids the smart device being impersonated in the Internet of Things or attack.
- FIG. 1A is a schematic flowchart of a verification information update method according to an exemplary embodiment of the present invention
- FIG. 1B is a scene diagram according to an exemplary embodiment of the present invention; the embodiment is applied to a server. As shown in FIG. 1A, the following steps are included:
- Step 101 Receive a first request message that is required to be bound to the smart device by the terminal device, where the first request message carries the UUID of the smart device.
- Step 102 Determine a binding relationship between the UUID and the user identifier of the terminal device, and generate a session random number corresponding to the binding relationship.
- Step 103 Generate a new verification number and a new verification password of the smart device according to the session random number.
- the terminal device may be a device that can install an application (app) or software, such as a smart phone or a tablet computer, and the smart device may be a smart refrigerator or a smart device.
- a device with communication function such as a TV or an intelligent thermometer.
- the first request message may be generated by a user by using a button on a user interface of an application installed on the terminal device, and a Universally Unique Identifier (UUID) of the smart device.
- UUID Universally Unique Identifier
- the UUID of the smart device may be generated when the smart device is registered on the server, and the binding relationship between the smart device and the user identifier may be recorded, thereby determining that only the user identifier having the binding relationship has management intelligence. Permissions for the device.
- a session random number (session_random) may be generated by a pseudo-random algorithm.
- the server may calculate a new verification number and a new verification password according to the session random number, for example,
- Session_key key+session_random
- session_Secret Hash(secret+session_random);
- session_random is the session random number
- session_key is the new verification number
- session_Secret is the new authentication password
- key is the initial verification number of the smart device
- secret is the initial verification password.
- the smart device is a smart refrigerator 11 and the terminal device is a smart phone 12 as an example.
- the server 13 obtains device data from the smart refrigerator 11 and provides a smart refrigerator through an application on the smart phone 12 . 11 services such as query and control.
- 11 services such as query and control.
- the server 13 needs to authenticate the smart refrigerator 11, the server 13 will have an initial verification number and an initial verification password for the smart refrigerator 11.
- the new verification number and the new verification password are generated through the above steps 101-103, and the smart refrigerator 11 and the server 13 pass the new verification number and new in the subsequent authentication process.
- the verification password authenticates the smart refrigerator 11 to prevent the smart refrigerator 11 from being impersonated or attacked by an illegal device.
- the embodiment of the present invention implements the verification information of the smart device by using the terminal device to generate the session random number by using the binding relationship between the UUID of the smart device and the user identifier of the terminal device (the verification number of the smart device in this application)
- the dynamic update of the verification password improves the difficulty of the verification information being monitored during the update process, enabling the smart device and the server to perform authentication and authorization based on the verification information in the session, thereby enhancing the security of the system and effectively avoiding the smart device.
- the network is impersonated or attacked.
- the malicious user obtains the UUID of the smart device, the UUID is bound to the legal user ID, so the malicious user cannot bind the smart device.
- FIG. 2 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment of the present invention. This embodiment is exemplified by how to generate a session random number on the server side, as shown in FIG. 2 . Including the following steps:
- Step 201 Receive a first request message that is required to be bound to the smart device by the terminal device, where the first request message carries the UUID of the smart device.
- Step 202 Determine a binding relationship between the UUID and the user identifier of the terminal device, and generate a session random number corresponding to the binding relationship.
- Step 203 Determine an initial verification number and an initial verification password of the smart device.
- Step 204 Generate a new verification number of the smart device according to the initial verification number and the session random number.
- Step 205 Generate a new verification password of the smart device according to the initial verification password and the session random number.
- Step 206 After returning the session random number to the terminal device, the smart device generates a new verification number and a verification password of the smart device according to the session random number after the terminal device forwards the session random number to the smart device.
- steps 201 to 202 refer to the related description of the foregoing step 101 to step 102, and details are not described herein.
- the server may pre-allocate an initial verification number and an initial verification password (Key/Secret pair) for each type of smart device, which may be written by hardware.
- the mode is allocated as a smart device, which can reduce the operation and maintenance complexity of the server.
- the smart device may generate a new verification number and a new one on the smart device side according to the session random number using the same generation method as step 204 and step 205 described above. Verify the password, so that the new authentication number and the new authentication password generated by the smart device and the server can be the same, so that the server can verify the smart device with the new verification number and the new verification password.
- the terminal device forwards the session random number to the smart device, so that the new verification number generated by the server and the smart device is the same as the new verification password, so that the server can pass the new verification number and the new verification password pair.
- the smart device performs verification, which reduces the risk of the new verification number and the new verification password being leaked on the network by avoiding the transmission of a new verification number and a new verification password in the network.
- FIG. 3 is a schematic flowchart of a method for updating verification information according to an exemplary embodiment of the present invention. This embodiment is exemplified by an example in which a smart device acquires a UUID on a server, as shown in FIG. step:
- Step 301 Receive a second request message that is required to be registered on the server by the smart device, where the second request message carries the identity information of the smart device and the first signature value of the smart device.
- Step 302 Calculate a second signature value of the smart device according to the initial verification number and the initial verification password corresponding to the identity information.
- Step 303 Generate a UUID for the smart device if the second signature value is the same as the first signature value.
- step 304 the UUID is returned to the smart device.
- the identity information of the smart device may include, but is not limited to, a MAC of the smart device, a model of the smart device, a chip identity (ID) of the smart device, and an initial verification code of the smart device.
- the first signature value may be calculated by the smart device according to the initial verification number and the initial verification password of the smart device and formed into a character string, and then calculated by using a hash algorithm, where the initial verification number and the initial verification password are For related description, refer to the embodiment shown in FIG. 2 above, which will not be described in detail herein.
- the second signature value may also be calculated by the server according to the initial verification number of the smart device and the initial verification password and formed into a character string, and then calculated by using a hash algorithm.
- the UUID of the smart device may be generated by a hash algorithm, which is technical in the art. It can be understood that the method for generating the UUID is not limited in this application, as long as the UUID of the smart device can be unique.
- step 304 by returning the UUID to the smart device, the smart device and the terminal device can identify the smart device by using the UUID in subsequent interactions, so as to prevent the smart device from being counterfeited by the illegal device.
- the UUID with the unique identifier is generated for the smart device, so that the server can bind the UUID to the user identifier of the terminal device and establish both. Binding relationship, so that the smart device can be bound on the server and the malicious user can obtain the UUID of the smart device, preventing the illegal user from controlling the smart device and preventing the malicious device from registering the attack on the smart device, thereby improving the system. Security.
- FIG. 4 is a schematic flowchart diagram of a method for updating verification information according to an exemplary embodiment 4 of the present invention; how to clear a new verification number and a new verification of a smart device on a server after the smart device is reset. password
- Step 401 Receive a notification message from a smart device for resetting.
- Step 402 Clear the new verification number and the new verification password of the smart device according to the notification message.
- the smart device may be reset by a physical button to generate a notification message.
- step 402 in an embodiment, related information of the smart device may be cleared.
- the storage space of the server can be effectively released, and the new verification number and the new verification password are avoided.
- FIG. 5 is a schematic flowchart of a method for updating verification information according to an exemplary embodiment 5 of the present invention; the embodiment may be applied to a terminal device, and the terminal device may be an application for installing a smart phone, a tablet computer, or the like ( App) or software device, as shown in Figure 5, includes the following steps:
- Step 501 Send a first request message that needs to be bound to the smart device to the server, where the first request message carries a universal unique identifier of the smart device;
- Step 502 Receive a session random number generated by the server according to the first request message.
- Step 503 Send the session random number to the smart device, so that the smart device generates a new verification number and a verification password of the smart device according to the session random number.
- step 502 For the method for generating the session random number in step 502, refer to the embodiment shown in FIG. 1A above, and details are not described herein.
- step 503 the session random number is sent to the smart device through a point-to-point communication link established by the smart application and the smart device; or the session random number is displayed on the user interface of the terminal device for the user of the smart device
- the input module input gets the session random number entered by the user.
- the embodiment of the present invention obtains the session random number corresponding to the binding relationship between the UUID and the user identifier of the terminal device generated by the server, and sends the session random number to the smart device, so that the smart device is randomly selected according to the session.
- the new verification number and the verification password of the smart device are generated, and the verification information (the verification number and the verification password of the smart device in the application) is dynamically updated by the third party, which improves the difficulty of the verification information being monitored during the update process.
- the smart device and the server are authenticated and authorized based on the verification information in the session, which enhances the security of the system and effectively prevents the smart device from being impersonated or attacked in the Internet of Things.
- FIG. 6 is a schematic flowchart diagram of a method for updating authentication information according to an exemplary embodiment 6 of the present invention; how to generate a UUID of a smart device on the server side and how to reset a UUID and a session random number of the smart device according to an embodiment of the present invention; For an exemplary example, as shown in FIG. 6, the following steps are included:
- Step 601 Send a third request message that establishes a connection with the smart device to the smart device, where the third request message carries a user account;
- Step 602 After the smart device authenticates the user account, receive the UUID of the smart device returned by the smart device according to the third request message.
- Step 603 Receive a notification message from the smart device for resetting.
- Step 604 Clear the UUID and the session random number of the smart device according to the notification message.
- step 601 when the user needs to control the smart device, the user account and the user password can be used to log in to the application for controlling the smart device on the terminal device, and the third request for establishing a connection with the smart device is sent to the smart device through the application. Message.
- the smart device may authenticate the user account to determine whether the user account is a legitimate user. If the user is a legitimate user, the UUID of the smart device is obtained to obtain the UUID of the smart device. If the user is an illegal user, the smart device rejects Returns the UUID to the terminal device.
- step 603 and step 604 the notification message generated by resetting the smart device by using a physical button may be used to clear related information of the smart device.
- the UUID of the smart device is obtained from the smart device, so that the UUID can be carried in the first request message, and the server generates a session random number corresponding to the binding relationship between the UUID and the user identifier of the terminal device.
- the session random number is sent to the smart device to prevent the illegal user from controlling the smart device and preventing the registration attack of the smart device by the malicious device, thereby improving the security of the system; after the smart device is reset, the new verification number of the smart device is The new verification password is cleared, which can effectively release the storage space of the server and prevent the new verification number and the new verification password from being illegally used by other smart devices.
- FIG. 7 is a schematic flowchart of a method for updating verification information according to an exemplary embodiment 7 of the present invention; the embodiment may be applied to a smart device, which may be a smart refrigerator, a smart TV, an intelligent thermometer, or the like.
- the communication function device as shown in FIG. 7, includes the following steps:
- Step 701 Receive a session random number from a server forwarded by the terminal device.
- Step 702 Generate a new verification number and a new verification password of the smart device according to the session random number.
- the method for generating the session random number and the new verification number and the new verification password for generating the smart device according to the session random number can be referred to the embodiment shown in FIG. 1A, and will not be described in detail herein.
- the embodiment of the present invention implements the verification information of the smart device by receiving the session random number from the server forwarded by the terminal device, and generating a new verification number and a new verification password of the smart device according to the session random number.
- the dynamic update of the verification number and verification password of the smart device in the middle device improves the difficulty of the verification information being monitored during the update process.
- FIG. 8 is a schematic flowchart diagram of a method for updating authentication information according to an exemplary embodiment 8 of the present invention; this embodiment is exemplified by how to generate a session random number on the smart device side as an example, as shown in FIG. , including the following steps:
- Step 801 Determine an initial verification number and an initial verification password of the smart device.
- Step 802 Generate a new verification number of the smart device according to the initial verification number and the session random number.
- Step 803 Generate a new verification password of the smart device according to the initial verification password and the session random number.
- Step 804 after detecting that the button for resetting is triggered, generating a notification message
- Step 805 The notification message is sent to the terminal device and the server, so that the server clears the new verification number and the new verification password of the smart device according to the notification message, and the terminal device clears the UUID and the session random number of the smart device according to the notification message.
- steps 801 to 803 refer to the related description of the embodiment shown in FIG. 2, which will not be described in detail herein.
- steps 804 to 805 refer to the related description of the embodiment shown in FIG. 4, which will not be described in detail herein.
- the terminal device forwards the session random number to the smart device, so that the new verification number generated by the server and the smart device is the same as the new verification password, so that the server can pass the new verification number and the new verification password pair.
- the smart device performs verification, because the transmission of the new verification number and the new verification password in the network is avoided, and the risk of the new verification number and the new verification password being leaked on the network is reduced; after the smart device is reset, the The new verification number and the new verification password of the smart device can effectively release the storage space of the server and prevent the new verification number and the new verification password from being illegally used by other smart devices.
- FIG. 9 is a signaling diagram of a method for updating authentication information according to an exemplary embodiment of the present invention. wherein, before the smart device is put into use, the server needs to pre-allocate an initial verification number for each type of smart device. And the initial verification password (also known as the initial Key/Secret pair) can be assigned to each smart device by means of hardware writing. As shown in FIG. 9, the following steps are included:
- Step 901 The smart device sends an initial request to the server by using an initial Key/Secret pair. Interest to register the device.
- the MAC address of the smart device, the model of the smart device, the chip identity (ID) of the smart device, and the initial verification code of the smart device may be carried in the first request message.
- the first signature value may be a dictionary that sorts the initial verification number of the smart device and the initial verification password into a string, and is calculated by using a hash algorithm (such as a hash algorithm, for example, MD5).
- Step 902 After receiving the first request message, the server uses the initial Key/Secret pair to calculate a second signature value. If the second signature value is the same as the received first signature value, the verification succeeds and the smart device is generated. A unique UUID.
- step 903 the server returns the generated UUID to the smart device.
- Step 904 After receiving the UUID, the smart device saves the UUID locally in the smart device.
- step 905 the terminal device establishes a communication connection with the smart device.
- the user account and the user password can be used to log in to the application of the terminal device, and the application sends a request for establishing a communication connection to the smart device to connect to the smart device to obtain the UUID of the smart device.
- step 906 the smart device returns the UUID to the terminal device.
- Step 907 The terminal device sends a first request message to the server to request binding with the smart device.
- the first request message carries the UUID of the smart device to be bound.
- Step 908 The server records the binding relationship between the user and the smart device, and generates a session random number (session_random).
- step 909 the server returns a session random number to the terminal device.
- Step 910 The terminal device forwards the session random number to the smart device.
- the method for forwarding may include, but is not limited to: 1.
- the terminal device directly sends the session random number to the smart device by establishing a point-to-point communication link with the smart device; 2.
- the terminal device displays the received session random number to the user on the user interface of the application, and the user inputs the session random number to the smart device through the user input module on the smart device.
- step 911 the smart device and the server calculate the new verification number and the new verification password according to the session random number by using the same calculation method.
- the smart device uses the verification number and the new verification password for identity authentication until the smart device Backup reset. After the reset, both the smart device and the server will clear the new verification number and the new verification password.
- the malware registration attack can be prevented on the server.
- the malicious user obtains the UUID of the smart device, the smart device cannot be bound to the smart device, which improves the security of the system.
- the present application also proposes a schematic structural diagram of the server according to an exemplary embodiment of the present application shown in FIG.
- the server includes a processor, an internal bus, a network interface, a memory, and a non-volatile memory, and may of course include hardware required for other services.
- the processor reads the corresponding computer program from the non-volatile memory into the memory and then runs to form an update device for the verification information on the logical level.
- the present application does not exclude other implementation manners, such as a logic device or a combination of software and hardware, etc., that is, the execution body of the following processing flow is not limited to each logical unit, and may be Hardware or logic device.
- the present application also proposes a schematic structural diagram of the terminal device according to an exemplary embodiment of the present application shown in FIG.
- the terminal device includes a processor, an internal bus, a network interface, a memory, and a non-volatile memory, and may of course include hardware required for other services.
- the processor reads the corresponding computer program from the non-volatile memory into the memory and then runs to form an update device for the verification information on the logical level.
- the present application does not exclude other implementation manners, such as a logic device or a combination of software and hardware, etc., that is, the execution body of the following processing flow is not limited to each logical unit, and may be Hardware or logic device.
- the present application also proposes a schematic structural diagram of the smart device according to an exemplary embodiment of the present application shown in FIG.
- the smart device includes a processor, an internal bus, a network interface, a memory, and a non-volatile memory, and may of course include hardware required for other services.
- the processor reads the corresponding computer program from the non-volatile memory into the memory and then runs to form an update device for the verification information on the logical level.
- the present application does not exclude other implementations, such as logic devices or software and hardware combinations, etc., that is, the execution body of the following processing flow is not limited. In each logical unit, it can also be hardware or logic device.
- FIG. 13 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment of the present invention; applicable to a server, as shown in FIG. 13, the update apparatus of the verification information may include: a first receiving module 1301. The first determining module 1302 and the first generating module 1303. among them:
- the first receiving module 1301 is configured to receive a first request message that is required to be bound to the smart device by the terminal device, where the first request message carries the UUID of the smart device;
- the first determining module 1302 is configured to determine a binding relationship between the UUID received by the first receiving module 1301 and the user identifier of the terminal device, and generate a session random number corresponding to the binding relationship;
- the first generation module 1303 is configured to generate a new verification number and a new verification password of the smart device according to the session random number determined by the first determining module 1302.
- FIG. 14 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment of the present invention. As shown in FIG. 14, on the basis of the embodiment shown in FIG. 13, the verification information update apparatus may further include:
- the first sending module 1304 is configured to return, to the terminal device, the session random number determined by the first determining module 1302, after the terminal device forwards the session random number to the smart device, and the smart device generates a new verification of the smart device according to the session random number. Number and verification password.
- the first generating module 1303 can include:
- a first determining unit 13031 configured to determine an initial verification number and an initial verification password of the smart device
- a first generating unit 13032 configured to generate a new verification number of the smart device according to the initial verification number and the session random number determined by the first determining unit 13031;
- the second generating unit 13033 is configured to generate a new verification password of the smart device according to the initial verification password and the session random number determined by the first determining unit 13031.
- the apparatus further includes:
- the second receiving module 1305 is configured to receive a second request message that is required to be registered on the server by the smart device, where the second request message carries the identity information of the smart device and the first signature value of the smart device;
- the first calculation module 1306 is configured to calculate a second signature value of the smart device according to the initial verification number and the initial verification password corresponding to the identity information carried in the second request message received by the second receiving module 1305;
- a second generating module 1307 configured to generate a UUID for the smart device if the second signature value calculated by the first calculating module 1306 is the same as the first signature value;
- the second sending module is configured to return the UUID generated by the second generating module to the smart device.
- the first signature value may be calculated by the smart device after being sorted according to the initial verification number and the initial verification password of the smart device and composing a character string.
- the apparatus may further include:
- the third receiving module 1308 is configured to receive a notification message from the smart device for resetting
- the first clearing module 1309 is configured to clear the new verification number and the new verification password of the smart device according to the notification message received by the third receiving module 1308.
- FIG. 15 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment of the present invention; applicable to a terminal device, as shown in FIG. 15, the update device of the verification information may include: The module 1501, the fourth receiving module 1502, and the fourth sending module 1503. among them:
- the third sending module 1501 is configured to send, to the server, a first request message that needs to be bound to the smart device, where the first request message carries a universal unique identifier UUID of the smart device;
- the fourth receiving module 1502 is configured to receive a session random number generated by the server according to the first request message sent by the third sending module 1501.
- the fourth sending module 1503 is configured to send the session random number received by the fourth receiving module 1502 to the smart device, so that the smart device generates a new verification number and a verification password of the smart device according to the session random number.
- FIG. 16 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment 4 of the present invention; as shown in FIG. 16, on the basis of the embodiment shown in FIG. 15, the apparatus for updating verification information further includes :
- the fifth sending module 1504 is configured to send, to the smart device, a third request to establish a connection with the smart device. Requesting a message, the third request message carries a user account;
- the fifth receiving module 1505 is configured to: after the smart device authenticates the user account carried in the third request message sent by the fifth sending module 1504, receive the UUID of the smart device returned by the smart device according to the third request message.
- the fourth sending module 1503 may include:
- the sending unit 15031 is configured to send the session random number to the smart device by using a point-to-point communication link established by the smart application and the smart device; or
- the display unit 15032 is configured to display the session random number on the user interface of the terminal device, so that the user input module of the smart device inputs the session random number input by the user.
- the updating device of the verification information may further include:
- a sixth receiving module 1506, configured to receive a notification message from the smart device for resetting
- the second clearing module 1507 is configured to clear the UUID and the session random number of the smart device according to the notification message received by the sixth receiving module 1506.
- FIG. 17 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment 5 of the present invention; applicable to a smart device, as shown in FIG. 17, the update apparatus of the verification information may include: seventh receiving Module 1701, third generation module 1702. among them:
- the seventh receiving module 1701 is configured to receive a session random number from the server that is forwarded by the terminal device;
- the third generation module 1702 is configured to generate a new verification number and a new verification password of the smart device according to the session random number received by the seventh receiving module 1701.
- FIG. 18 is a schematic structural diagram of an apparatus for updating verification information according to an exemplary embodiment 6 of the present invention. As shown in FIG. 18, on the basis of the embodiment shown in FIG. 17, the verification information update apparatus may further include:
- the sixth sending module 1703 is configured to send, to the server, a second request message that needs to be registered on the server, where the second request message carries the identity information of the smart device and the first signature value of the smart device;
- the eighth receiving module 1704 is configured to receive a UUID of the smart device generated by the server according to the second request message.
- the third generation module 1702 can include:
- a second determining unit 17021, configured to determine an initial verification number and an initial verification password of the smart device
- the third generating unit 17022 is configured to generate a new verification number of the smart device according to the initial verification number and the session random number determined by the second determining unit 17021.
- the fourth generating unit 17023 is configured to generate a new verification password of the smart device according to the initial verification password and the session random number determined by the second determining unit 17022.
- the updating device of the verification information may further include:
- a fourth generating module 1705 configured to generate a notification message after detecting that a button for resetting is triggered
- the seventh sending module 1706 is configured to send the notification message generated by the fourth generating module 1705 to the terminal device and the server, so that the server clears the new verification number and the new verification password of the smart device according to the notification message, and the terminal device according to the notification message Clear the UUID and session random number of the smart device.
- the present application implements the interaction between the smart device and the server by using the terminal device to dynamically update and manage the verification number and the verification password of the smart device, thereby ensuring that the server passes the updated verification number afterwards. And verifying the password (the new verification number and the new verification password in this application) to authenticate and authorize the smart device, which improves the difficulty of the verification number and the verification password being monitored during the update process, and can also effectively prevent the smart device from being Other smart devices in the Internet of Things pretend or attack, further enhancing the security of the system.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims (28)
- 一种验证信息的更新方法,应用在服务器上,其特征在于,所述方法包括:接收来自终端设备需要与智能设备进行绑定的第一请求消息,所述第一请求消息中携带有所述智能设备的通用唯一识别码UUID;确定所述UUID与所述终端设备的用户标识的绑定关系,并生成与所述绑定关系对应的会话随机数;根据所述会话随机数生成所述智能设备的新的验证号和新的验证密码。
- 根据权利要求1所述的方法,其特征在于,所述方法还包括:向所述终端设备返回所述会话随机数,以供所述终端设备将所述会话随机数转发给所述智能设备后,所述智能设备根据所述会话随机数生成所述智能设备的新的验证号和验证密码。
- 根据权利要求1所述的方法,其特征在于,所述根据所述会话随机数生成所述智能设备的新的验证号和新的验证密码,包括:确定所述智能设备的的初始验证号和所述初始验证密码;根据所述初始验证号和所述会话随机数生成所述智能设备的新的验证号;根据所述初始验证密码和所述会话随机数生成所述智能设备的新的验证密码。
- 根据权利要求1所述的方法,其特征在于,所述方法还包括:接收来自所述智能设备需要在所述服务器上注册的第二请求消息,所述第二请求消息中携带有所述智能设备的身份信息和所述智能设备的第一签名值;根据所述身份信息对应的初始验证号和初始验证密码计算所述智能设备的第二签名值;如果所述第二签名值与所述第一签名值相同,为所述智能设备生成所述 UUID;将所述UUID返回给所述智能设备。
- 根据权利要求4所述的方法,其特征在于,所述第一签名值由所述智能设备根据所述智能设备的所述初始验证号和所述初始验证密码进行排序并组成字符串后,利用哈希算法计算得到的。
- 根据权利要求1-5任一所述的方法,其特征在于,所述方法还包括:接收来自所述智能设备进行重置的通知消息;根据所述通知消息清除所述智能设备的所述新的验证号和所述新的验证密码。
- 一种验证信息的更新方法,应用在终端设备上,其特征在于,所述方法包括:向服务器发送需要与智能设备进行绑定的第一请求消息,所述第一请求消息中携带有所述智能设备的UUID;接收来自所述服务器根据所述第一请求消息生成的会话随机数;将所述会话随机数发送给所述智能设备,以供所述智能设备根据所述会话随机数生成所述智能设备的新的验证号和验证密码。
- 根据权利要求7所述的方法,其特征在于,所述方法还包括:向所述智能设备发送与所述智能设备建立连接的第三请求消息,所述第三请求消息中携带有用户账号;在所述智能设备对所述用户账号进行鉴权后,接收来自所述智能设备根据所述第三请求消息返回的所述智能设备的UUID。
- 根据权利要求7所述的方法,其特征在于,所述将所述会话随机数发送给所述智能设备,包括:通过智能应用与智能设备建立的点到点的通信链路将所述会话随机数发送给所述智能设备;或者,将所述会话随机数显示在所述终端设备的用户界面上,以供智能设备的用户输入模块输入获取所述用户输入的所述会话随机数。
- 根据权利要求7-9任一所述的方法,其特征在于,所述方法还包括:接收来自所述智能设备进行重置的通知消息;根据所述通知消息清除所述智能设备的UUID和所述会话随机数。
- 一种验证信息的更新方法,应用在智能设备上,其特征在于,所述方法包括:接收终端设备转发的来自服务器的会话随机数;根据所述会话随机数生成所述智能设备的新的验证号和新的验证密码。
- 根据权利要求11所述的方法,其特征在于,所述方法还包括:向所述服务器发送需要在所述服务器上注册的第二请求消息,所述第二请求消息中携带有所述智能设备的身份信息和所述智能设备的第一签名值;接收所述服务器根据所述第二请求消息生成的所述智能设备的UUID。
- 根据权利要求11所述的方法,其特征在于,所述根据所述会话随机数生成所述智能设备的新的验证号和新的验证密码,包括:确定所述智能设备的的初始验证号和所述初始验证密码;根据所述初始验证号和所述会话随机数生成所述智能设备的新的验证号;根据所述初始验证密码和所述会话随机数生成所述智能设备的新的验证密码。
- 根据权利要求11-13任一所述的方法,其特征在于,所述方法还包括:在检测到用于重置的按键被触发后,生成通知消息;将所述通知消息发送所述终端设备和所述服务器,以供所述服务器根据所述通知消息清除所述智能设备的所述新的验证号和所述新的验证密码,以及所述终端设备根据所述通知消息清除所述智能设备的UUID和所述会话随机数。
- 一种验证信息的更新装置,应用在服务器上,其特征在于,所述装置包括:第一接收模块,用于接收来自终端设备需要与智能设备进行绑定的第一请求消息,所述第一请求消息中携带有所述智能设备的UUID;第一确定模块,用于确定所述第一接收模块接收到的所述UUID与所述终端设备的用户标识的绑定关系,并生成与所述绑定关系对应的会话随机数;第一生成模块,用于根据所述第一确定模块确定的所述会话随机数生成所述智能设备的新的验证号和新的验证密码。
- 根据权利要求15所述的装置,其特征在于,所述装置还包括:第一发送模块,用于向所述终端设备返回所述第一确定模块确定的所述会话随机数,以供所述终端设备将所述会话随机数转发给所述智能设备后,所述智能设备根据所述会话随机数生成所述智能设备的新的验证号和验证密码。
- 根据权利要求15所述的装置,其特征在于,所述第一生成模块包括:第一确定单元,用于确定所述智能设备的的初始验证号和所述初始验证密码;第一生成单元,用于根据所述第一确定单元确定的所述初始验证号和所述会话随机数生成所述智能设备的新的验证号;第二生成单元,用于根据所述第一确定单元确定的所述初始验证密码和所述会话随机数生成所述智能设备的新的验证密码。
- 根据权利要求15所述的装置,其特征在于,所述装置还包括:第二接收模块,用于接收来自所述智能设备需要在所述服务器上注册的第二请求消息,所述第二请求消息中携带有所述智能设备的身份信息和所述智能设备的第一签名值;第一计算模块,用于根据所述第二接收模块接收到的所述第二请求消息中携带的所述身份信息对应的初始验证号和初始验证密码计算所述智能设备的第二签名值;第二生成模块,用于如果所述第一计算模块计算得到的所述第二签名值与若所述第一签名值相同,为所述智能设备生成所述UUID;第二发送模块,用于将所述第二生成模块生成的所述UUID返回给所述智能设备。
- 根据权利要求18所述的装置,其特征在于,所述第一签名值由所述智能设备根据所述智能设备的所述初始验证号和所述初始验证密码进行排序并组成字符串后,利用哈希算法计算得到的。
- 根据权利要求15-19任一所述的装置,其特征在于,所述装置还包括:第三接收模块,用于接收来自所述智能设备进行重置的通知消息;第一清除模块,用于根据所述第三接收模块接收到的所述通知消息清除所述智能设备的所述新的验证号和所述新的验证密码。
- 一种验证信息的更新装置,应用在终端设备上,其特征在于,所述装置包括:第三发送模块,用于向服务器发送需要与智能设备进行绑定的第一请求消息,所述第一请求消息中携带有所述智能设备的通用唯一识别码UUID;第四接收模块,用于接收来自所述服务器根据所述第三发送模块发送的所述第一请求消息生成的会话随机数;第四发送模块,用于将所述第四接收模块接收到的所述会话随机数发送给所述智能设备,以供所述智能设备根据所述会话随机数生成所述智能设备的新的验证号和验证密码。
- 根据权利要求21所述的装置,其特征在于,所述装置还包括:第五发送模块,用于向所述智能设备发送与所述智能设备建立连接的第三请求消息,所述第三请求消息中携带有用户账号;第五接收模块,用于在所述智能设备对所述第五发送模块发送的所述第三请求消息中携带的所述用户账号进行鉴权后,接收来自所述智能设备根据所述第三请求消息返回的所述智能设备的UUID。
- 根据权利要求21所述的装置,其特征在于,所述第四发送模块包括:发送单元,用于通过智能应用与智能设备建立的点到点的通信链路将所 述会话随机数发送给所述智能设备;或者,显示单元,用于将所述会话随机数显示在所述终端设备的用户界面上,以供智能设备的用户输入模块输入获取所述用户输入的所述会话随机数。
- 根据权利要求21-23任一所述的装置,其特征在于,所述装置还包括:第六接收模块,用于接收来自所述智能设备进行重置的通知消息;第二清除模块,用于根据所述第六接收模块接收到的所述通知消息清除所述智能设备的UUID和所述会话随机数。
- 一种验证信息的更新装置,应用在智能设备上,其特征在于,所述装置包括:第七接收模块,用于接收终端设备转发的来自服务器的会话随机数;第三生成模块,用于根据所述第七接收模块接收到的所述会话随机数生成所述智能设备的新的验证号和新的验证密码。
- 根据权利要求25所述的装置,其特征在于,所述装置还包括:第六发送模块,用于向所述服务器发送需要在所述服务器上注册的第二请求消息,所述第二请求消息中携带有所述智能设备的身份信息和所述智能设备的第一签名值;第八接收模块,用于接收所述服务器根据所述第二请求消息生成的所述智能设备的UUID。
- 根据权利要求25所述的装置,其特征在于,所述第三生成模块包括:第二确定单元,用于确定所述智能设备的的初始验证号和所述初始验证密码;第三生成单元,用于根据所述第二确定单元确定的所述初始验证号和所述会话随机数生成所述智能设备的新的验证号;第四生成单元,用于根据所述第二确定单元确定的所述初始验证密码和所述会话随机数生成所述智能设备的新的验证密码。
- 根据权利要求25-27任一所述的装置,其特征在于,所述装置还包 括:第四生成模块,用于在检测到用于重置的按键被触发后,生成通知消息;第七发送模块,用于将所述第四生成模块生成的所述通知消息发送所述终端设备和所述服务器,以供所述服务器根据所述通知消息清除所述智能设备的所述新的验证号和所述新的验证密码,以及所述终端设备根据所述通知消息清除所述智能设备的UUID和所述会话随机数。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020187005810A KR102511030B1 (ko) | 2015-08-31 | 2016-08-18 | 검증 정보 업데이트 방법 및 장치 |
JP2018510915A JP6818744B2 (ja) | 2015-08-31 | 2016-08-18 | 確認情報更新方法及び装置 |
EP16840739.3A EP3346660B1 (en) | 2015-08-31 | 2016-08-18 | Authentication information update method and device |
US15/906,996 US10880306B2 (en) | 2015-08-31 | 2018-02-27 | Verification information update |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510549437.5 | 2015-08-31 | ||
CN201510549437.5A CN106487767B (zh) | 2015-08-31 | 2015-08-31 | 验证信息的更新方法及装置 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/906,996 Continuation US10880306B2 (en) | 2015-08-31 | 2018-02-27 | Verification information update |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017036310A1 true WO2017036310A1 (zh) | 2017-03-09 |
Family
ID=58186663
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2016/095858 WO2017036310A1 (zh) | 2015-08-31 | 2016-08-18 | 验证信息的更新方法及装置 |
Country Status (6)
Country | Link |
---|---|
US (1) | US10880306B2 (zh) |
EP (1) | EP3346660B1 (zh) |
JP (1) | JP6818744B2 (zh) |
KR (1) | KR102511030B1 (zh) |
CN (1) | CN106487767B (zh) |
WO (1) | WO2017036310A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107766738A (zh) * | 2017-09-12 | 2018-03-06 | 阿里巴巴集团控股有限公司 | 一种智能设备的绑定方法、装置和系统、通讯系统 |
CN111435913A (zh) * | 2019-01-14 | 2020-07-21 | 海信集团有限公司 | 一种物联网终端的身份认证方法、装置和存储介质 |
CN115208934A (zh) * | 2022-07-14 | 2022-10-18 | 潍柴动力股份有限公司 | 挖掘机安全操作的控制方法以及其控制装置 |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3048528B1 (fr) * | 2016-03-07 | 2018-09-21 | Idemia France | Procede de verification de l'integrite d'un dispositif electronique, et dispositif electronique correspondant |
CN107342984A (zh) * | 2017-06-13 | 2017-11-10 | 浙江大华技术股份有限公司 | 一种用于设备绑定的系统、方法及装置 |
CN107809418B (zh) * | 2017-09-26 | 2021-07-16 | 深圳市亿兆互联技术有限公司 | 一种LoRa终端设备自主绑定方法及系统 |
CN110071901B (zh) * | 2018-01-23 | 2022-03-22 | 西门子(中国)有限公司 | 物联网设备的注册方法、装置、系统和存储介质 |
CN108200192B (zh) * | 2018-01-30 | 2022-02-22 | 北京小米移动软件有限公司 | 控制终端设备绑定的方法及装置 |
CN110046876B (zh) * | 2018-10-29 | 2020-12-01 | 创新先进技术有限公司 | 数据传输方法、装置、计算设备及存储介质 |
CN109934976A (zh) * | 2019-02-01 | 2019-06-25 | Oppo广东移动通信有限公司 | 门禁管理方法、装置、系统、电子设备及存储介质 |
CN111935059B (zh) * | 2019-05-13 | 2023-08-25 | 阿里巴巴集团控股有限公司 | 一种设备标识的处理方法、装置及系统 |
CN110460585B (zh) * | 2019-07-19 | 2022-02-11 | 招联消费金融有限公司 | 设备身份识别方法、装置、计算机设备以及存储介质 |
CN111064743B (zh) * | 2019-12-28 | 2021-09-28 | 飞天诚信科技股份有限公司 | 一种安全输入密码的方法及系统 |
CN111277980B (zh) * | 2020-01-21 | 2023-09-26 | 杭州涂鸦信息技术有限公司 | 基于WiFi探测请求帧的配对方法、遥控方法及其系统和装置 |
WO2021196763A1 (zh) * | 2020-04-02 | 2021-10-07 | 出门问问信息科技有限公司 | 信息处理方法、装置、电子设备和计算机可读存储介质 |
CN111475843B (zh) * | 2020-04-08 | 2023-03-14 | 腾讯科技(深圳)有限公司 | 一种数据处理方法和相关装置 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8205076B1 (en) * | 2008-10-15 | 2012-06-19 | Adobe Systems Incorporated | Imparting real-time priority-based network communications in an encrypted communication session |
CN202634464U (zh) * | 2012-05-29 | 2012-12-26 | 华南理工大学 | 基于UPnP协议的智能家居统一平台的实现装置 |
CN103023917A (zh) * | 2012-12-26 | 2013-04-03 | 百度在线网络技术(北京)有限公司 | 针对智能家电进行授权的方法、系统和装置 |
CN103383736A (zh) * | 2012-05-02 | 2013-11-06 | 中频电子股份有限公司 | 对电子芯片进行验证的方法与使用者终端 |
CN104660618A (zh) * | 2015-03-24 | 2015-05-27 | 联想(北京)有限公司 | 绑定方法和绑定设备 |
Family Cites Families (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4303952B2 (ja) * | 2002-12-24 | 2009-07-29 | 株式会社コムスクエア | 多重認証システム、コンピュータプログラムおよび多重認証方法 |
US7210166B2 (en) * | 2004-10-16 | 2007-04-24 | Lenovo (Singapore) Pte. Ltd. | Method and system for secure, one-time password override during password-protected system boot |
US7522732B2 (en) * | 2004-11-09 | 2009-04-21 | Lexmark International, Inc. | Method for controlling the distribution of software code updates |
US20080034216A1 (en) * | 2006-08-03 | 2008-02-07 | Eric Chun Wah Law | Mutual authentication and secure channel establishment between two parties using consecutive one-time passwords |
US8510811B2 (en) * | 2009-02-03 | 2013-08-13 | InBay Technologies, Inc. | Network transaction verification and authentication |
JP5397858B2 (ja) * | 2009-11-13 | 2014-01-22 | 学校法人神奈川大学 | 電子投票媒体 |
KR100992573B1 (ko) * | 2010-03-26 | 2010-11-05 | 주식회사 아이그로브 | 휴대단말기를 이용한 인증 방법 및 시스템 |
TWI465094B (zh) * | 2011-04-26 | 2014-12-11 | Telepaq Technology Inc | User identification methods and systems for Internet transactions |
US9003492B2 (en) * | 2011-06-21 | 2015-04-07 | Qualcomm Incorporated | Secure client authentication and service authorization in a shared communication network |
JP2013015992A (ja) * | 2011-07-04 | 2013-01-24 | Sony Corp | 通信装置、通信方法、サービス提供装置、サービス提供方法、連携装置、連携方法、プログラム、送受信システム、及び送受信方法 |
CN102307193A (zh) * | 2011-08-22 | 2012-01-04 | 北京宏基恒信科技有限责任公司 | 动态令牌的密钥更新及同步方法、系统及装置 |
US8973091B2 (en) * | 2011-10-03 | 2015-03-03 | Imprivata, Inc. | Secure authentication using mobile device |
CN102497221B (zh) * | 2011-12-13 | 2014-12-31 | 华为终端有限公司 | 终端之间传输数据的方法和终端 |
JP5903190B2 (ja) * | 2012-04-01 | 2016-04-13 | オーセンティファイ・インクAuthentify Inc. | マルチパーティシステムにおける安全な認証 |
KR101305901B1 (ko) * | 2012-07-06 | 2013-09-11 | 주식회사 더존넥스트 | 인증 방법 및 시스템 |
CN103731802A (zh) * | 2012-10-12 | 2014-04-16 | 上海宝信软件股份有限公司 | 基于Android移动终端的设备管理方法 |
KR101513694B1 (ko) * | 2013-02-26 | 2015-04-22 | (주)이스톰 | Otp 인증 시스템 및 방법 |
EP2974219B1 (en) * | 2013-03-15 | 2021-06-16 | Assa Abloy Ab | Method, system, and device for generating, storing, using, and validating nfc tags and data |
CN103916475B (zh) * | 2014-04-04 | 2017-09-05 | 广州勒夫蔓德电器有限公司 | 一种网络遥控方法 |
US9009805B1 (en) * | 2014-09-30 | 2015-04-14 | Google Inc. | Method and system for provisioning an electronic device |
CN104780154B (zh) * | 2015-03-13 | 2018-06-19 | 小米科技有限责任公司 | 设备绑定方法和装置 |
EP3304431B1 (en) * | 2015-06-04 | 2021-09-08 | Chronicled, Inc. | Open registry for identity of things |
JP2019518642A (ja) * | 2016-04-14 | 2019-07-04 | ロンバス システムズ グループ, インコーポレイテッドRhombus Systems Group, Inc. | 無人航空機の完全性を検証するためのシステム |
-
2015
- 2015-08-31 CN CN201510549437.5A patent/CN106487767B/zh active Active
-
2016
- 2016-08-18 EP EP16840739.3A patent/EP3346660B1/en active Active
- 2016-08-18 KR KR1020187005810A patent/KR102511030B1/ko active IP Right Grant
- 2016-08-18 WO PCT/CN2016/095858 patent/WO2017036310A1/zh active Application Filing
- 2016-08-18 JP JP2018510915A patent/JP6818744B2/ja active Active
-
2018
- 2018-02-27 US US15/906,996 patent/US10880306B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8205076B1 (en) * | 2008-10-15 | 2012-06-19 | Adobe Systems Incorporated | Imparting real-time priority-based network communications in an encrypted communication session |
CN103383736A (zh) * | 2012-05-02 | 2013-11-06 | 中频电子股份有限公司 | 对电子芯片进行验证的方法与使用者终端 |
CN202634464U (zh) * | 2012-05-29 | 2012-12-26 | 华南理工大学 | 基于UPnP协议的智能家居统一平台的实现装置 |
CN103023917A (zh) * | 2012-12-26 | 2013-04-03 | 百度在线网络技术(北京)有限公司 | 针对智能家电进行授权的方法、系统和装置 |
CN104660618A (zh) * | 2015-03-24 | 2015-05-27 | 联想(北京)有限公司 | 绑定方法和绑定设备 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3346660A4 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107766738A (zh) * | 2017-09-12 | 2018-03-06 | 阿里巴巴集团控股有限公司 | 一种智能设备的绑定方法、装置和系统、通讯系统 |
CN111435913A (zh) * | 2019-01-14 | 2020-07-21 | 海信集团有限公司 | 一种物联网终端的身份认证方法、装置和存储介质 |
CN111435913B (zh) * | 2019-01-14 | 2022-04-08 | 海信集团有限公司 | 一种物联网终端的身份认证方法、装置和存储介质 |
CN115208934A (zh) * | 2022-07-14 | 2022-10-18 | 潍柴动力股份有限公司 | 挖掘机安全操作的控制方法以及其控制装置 |
Also Published As
Publication number | Publication date |
---|---|
JP2018525947A (ja) | 2018-09-06 |
EP3346660A4 (en) | 2019-02-20 |
US20180191504A1 (en) | 2018-07-05 |
CN106487767A (zh) | 2017-03-08 |
JP6818744B2 (ja) | 2021-01-20 |
EP3346660B1 (en) | 2020-09-30 |
CN106487767B (zh) | 2020-01-21 |
US10880306B2 (en) | 2020-12-29 |
KR20180048655A (ko) | 2018-05-10 |
EP3346660A1 (en) | 2018-07-11 |
KR102511030B1 (ko) | 2023-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017036310A1 (zh) | 验证信息的更新方法及装置 | |
US11178134B2 (en) | Method and apparatus for allocating device identifiers | |
US9692743B2 (en) | Securing organizational computing assets over a network using virtual domains | |
JP6574168B2 (ja) | 端末識別方法、ならびにマシン識別コードを登録する方法、システム及び装置 | |
KR102396528B1 (ko) | 컨트롤러 기반 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
JP6590807B2 (ja) | プライバシー機密情報の交換を制御するための方法およびシステム | |
US9178880B1 (en) | Gateway mediated mobile device authentication | |
WO2016188335A1 (zh) | 用户数据的访问控制方法、装置及系统 | |
CN112989426B (zh) | 授权认证方法及装置、资源访问令牌的获取方法 | |
KR102439881B1 (ko) | 컨트롤러 기반의 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
KR20150026587A (ko) | 신규 기기로부터의 로그인 알림 기능 제공 장치, 방법 및 컴퓨터 판독 가능한 기록 매체 | |
KR102495369B1 (ko) | 컨트롤러 기반 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
CN109460647B (zh) | 一种多设备安全登录的方法 | |
CN115550002B (zh) | 一种基于tee的智能家居远程控制方法及相关装置 | |
KR102472554B1 (ko) | 컨트롤러 기반 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 | |
US20220353081A1 (en) | User authentication techniques across applications on a user device | |
KR102228744B1 (ko) | 난수에 기초한 데이터 메시지 인증 | |
KR102558821B1 (ko) | 사용자 및 디바이스 통합 인증 시스템 및 그 방법 | |
TWI738708B (zh) | 驗證資訊的更新方法及裝置 | |
KR102564416B1 (ko) | 네트워크 접속을 제어하기 위한 시스템 및 그에 관한 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16840739 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 20187005810 Country of ref document: KR Kind code of ref document: A Ref document number: 2018510915 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2016840739 Country of ref document: EP |