WO2017063517A1 - Near field communication establishing method and device - Google Patents

Near field communication establishing method and device Download PDF

Info

Publication number
WO2017063517A1
WO2017063517A1 PCT/CN2016/101445 CN2016101445W WO2017063517A1 WO 2017063517 A1 WO2017063517 A1 WO 2017063517A1 CN 2016101445 W CN2016101445 W CN 2016101445W WO 2017063517 A1 WO2017063517 A1 WO 2017063517A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
communication device
connection
authentication
communication
Prior art date
Application number
PCT/CN2016/101445
Other languages
French (fr)
Chinese (zh)
Inventor
徐俊
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2017063517A1 publication Critical patent/WO2017063517A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/30Connection release

Definitions

  • the present invention relates to the field of network communication technologies, and in particular, to a method and an apparatus for establishing short-range communication.
  • wearable devices such as sports bracelets, smart glasses, and smart blood pressure monitors have gradually entered people's lives.
  • Most of these wearable devices use Bluetooth, infrared, Zigbee and other close-range communication to establish a connection with the mobile phone, and interact with the mobile phone for data or control commands.
  • the wearable device when the wearable device establishes a short-distance communication connection with the mobile phone, the mobile phone usually starts scanning and manually pairs, and establishes a connection with the wearable device. Taking Bluetooth as an example, the mobile phone turns on Bluetooth scanning. If scanning to multiple nearby Bluetooth devices, manually select one of the Bluetooth devices to pair to establish a Bluetooth connection. However, this method can cause the wearable device to be scanned by any nearby mobile phone and establish a connection for short-distance communication, thereby obtaining data and having poor security.
  • the present invention provides a method and apparatus for establishing short-range communication, so as to improve the security of communication.
  • the invention provides a method for establishing short-range communication, the method comprising:
  • the short-range communication connection After establishing a short-range communication connection between the first communication device and the second communication device, if the first communication device does not receive the authentication information of the second communication device within a preset time period, or receives the second If the authentication information of the communication device fails but the authentication fails, the short-range communication connection is disconnected.
  • the method further includes:
  • the first communication device receives the authentication information of the second communication device within the set duration and the authentication is successful, saving a binding relationship with the second communication device, and transmitting the second communication
  • the device returns information indicating that the authentication is successful.
  • the method further includes:
  • the first communication device receives the identification information of the second communication device, determines whether the first communication device stores a binding relationship, and if not, sends unbound information to the second communication device, and Waiting to receive the authentication information of the second communication device within the preset duration.
  • the binding relationship is a binding relationship with the second communication device, and if yes, Data communication over the short-range communication connection; if not, disconnecting the near-field communication connection.
  • the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information;
  • the ciphertext information is decrypted, and the plaintext information obtained by the decryption is compared with the plaintext information carried in the authentication information. If the information is consistent, the authentication is passed. Otherwise the authentication fails.
  • the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
  • the method used for the encryption and the decryption comprises: a symmetric encryption algorithm or an asymmetric encryption algorithm;
  • the authentication information further includes public key information.
  • the authentication information includes: identification information of the second communication device;
  • the first communication device When the first communication device authenticates the authentication information, it is determined whether the first communication device stores a binding relationship, and if not, the authentication passes; if yes, further determines whether the binding relationship is The binding relationship with the second communication device, if not, the authentication fails.
  • the method further includes:
  • the method further includes:
  • the first communication device displays an information code including connection information of the first communication device, so that the second communication device scans and utilizes the obtained connection information of the first communication device to establish the short-range communication connection.
  • the method further includes:
  • the first communication device After receiving the scan information of the second communication device, the first communication device sends the scan information to the second communication device And sending scan response information including connection information of the first communication device, so that the second communication device establishes the short-range communication connection by using connection information of the first communication device.
  • the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
  • the present invention also provides a method for establishing short-range communication, the method further comprising:
  • the second communication device After the second communication device establishes a short-range communication connection with the first communication device, the second communication device sends the authentication information of the second communication device to the first communication device within a preset time period.
  • the method further includes:
  • the second communication device After receiving the information that the first communication device returns the authentication success, the second communication device saves the binding relationship with the first communication device.
  • the method further includes:
  • the second communication device sends the binding relationship with the first communication device to the server for saving.
  • the method further includes: the second communication device identifying the second communication device Sending information to the first communication device;
  • the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information.
  • the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
  • the method used for the encryption includes: a symmetric encryption algorithm or an asymmetric encryption algorithm;
  • the authentication information further includes public key information.
  • the authentication information includes: identification information of the second communication device.
  • the second communication device if the second communication device receives the reset instruction, deleting the binding relationship with the first communication device saved by the second communication device, and transmitting the first communication The device sends an unbind request.
  • the method further includes:
  • the second communication device scans an information code provided by the first communication device
  • the short-range communication connection is established using connection information of the first communication device parsed from the information code.
  • the method further includes:
  • the second communication device performs a short-range communication scan
  • the proximity communication connection is established using connection information of the first communication device.
  • the second communication device establishes the short-range communication connection by using a locally saved binding relationship with the first communication device.
  • the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
  • the present invention also provides a device for establishing a short-range communication, the device being disposed on the first communication device, the device comprising:
  • a receiving unit configured to receive authentication information of the second communications device
  • An authentication unit configured to authenticate the authentication information received by the receiving unit
  • a first determining unit configured to determine, after the first communication device establishes a short-range communication connection between the first communication device and the second communication device, whether the receiving unit does not receive the second communication device within a preset duration Authentication information, or receiving the authentication information of the second communication device but the authentication fails;
  • control unit configured to disconnect the short-range communication connection when the determination result of the first determining unit is YES.
  • the device further comprises:
  • a binding unit configured to: when the first determining unit determines that the first communications device receives the authentication information of the second communications device within a set duration, and the authentication succeeds, saving the second communications device Binding relationship between;
  • a sending unit configured to: when the first determining unit determines that the first communications device receives the authentication information of the second communications device within a set duration, and the authentication succeeds, sending the authentication to the second communications device Successful information.
  • the apparatus further includes a second determining unit
  • the receiving unit is further configured to receive the identifier information of the second communications device, and if the determining result of the second determining unit is no, wait for receiving the authentication of the second communications device within the preset duration information;
  • the second determining unit is configured to determine, when the receiving unit receives the identifier information of the second communications device, whether the binding unit saves a binding relationship;
  • the sending unit is further configured to send unbound information to the second communications device if the determining result of the second determining unit is no.
  • the device further comprises:
  • a third determining unit configured to determine, when the determination result of the second determining unit is YES, whether the binding relationship saved by the binding unit is a binding relationship with the second communication device;
  • the control unit is further configured to allow data communication on the short-range communication connection when the determination result of the third determining unit is YES; otherwise, disconnect the short-range communication connection.
  • the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information;
  • the authentication unit when authenticating the authentication information, is specifically configured to: decrypt the ciphertext information, and compare whether the plaintext information obtained by the decryption is consistent with the plaintext information carried in the authentication information, and if they are consistent, the authentication is performed. Passed, otherwise the authentication failed.
  • the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
  • the decryption method adopted by the authentication unit includes a symmetric encryption algorithm or an asymmetric encryption algorithm
  • the authentication information further includes public key information.
  • the authentication information includes: identification information of the second communication device;
  • the authentication unit When the authentication unit authenticates the authentication information, it is determined whether the first communication device stores a binding relationship, and if not, the authentication passes; if yes, further determines whether the binding relationship is The binding relationship of the second communication device is described. If not, the authentication fails.
  • the apparatus further includes: a debinding unit configured to receive the reset instruction, or the receiving unit, when receiving the unbinding request sent by the second communication device, deleting the a binding relationship between the first communication device and the second communication device.
  • the device further comprises:
  • connection establishing unit configured to display an information code including connection information of the first communication device, so that the second communication device scans and uses the obtained connection information of the first communication device to establish the short-range communication connection.
  • the device further comprises:
  • connection establishing unit configured to send scan response information including connection information of the first communication device to the second communication device, after receiving the scan information of the second communication device, so that the second communication device utilizes the The connection information of the first communication device establishes the short-range communication connection.
  • the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or Zigbee.
  • the present invention also provides a device for establishing a short-range communication, the device being disposed in the second communication device, the device comprising:
  • a sending unit configured to send the authentication information of the second communications device to the first communications device after establishing a short-range communication connection between the second communications device and the first communications device.
  • the device further comprises:
  • a receiving unit configured to receive information about successful authentication returned by the first communications device
  • a binding unit configured to save a binding relationship with the first communications device after the receiving unit receives the information that the first communication device returns the authentication success.
  • the sending unit is further configured to send a binding relationship between the second communications device and the first communications device to a server for saving.
  • the apparatus further includes a receiving unit;
  • the sending unit is further configured to send the identifier information of the second communications device to the first communications device after establishing a short-range communication connection between the second communications device and the first communications device; And if the receiving unit receives the unbound information sent by the first communications device, performing the sending the authentication information of the second communications device to the first communications device.
  • the receiving unit is further configured to receive unbound information sent by the first communications device.
  • the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information.
  • the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
  • the method used for the encryption includes: a symmetric encryption algorithm or an asymmetric encryption algorithm;
  • the authentication information further includes public key information.
  • the authentication information includes: identification information of the second communication device.
  • the device further comprises:
  • An unbinding unit configured to delete a binding relationship between the first communications device and the second communications device, and trigger the sending unit to send an unbinding to the first communications device request.
  • the device further comprises:
  • connection establishing unit configured to scan an information code provided by the first communication device; and utilize a solution from the information code The obtained connection information of the first communication device is analyzed, and the short-range communication connection is established.
  • the device further comprises:
  • connection establishing unit configured to perform a short-range communication scan; acquire connection information of the first communication device from the received scan response information; and establish the short-range communication connection by using connection information of the first communication device.
  • the device further comprises:
  • connection establishing unit configured to establish the short-range communication connection by using a binding relationship with the first communications device that is saved by the binding unit.
  • the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
  • the present invention can disconnect the two communication devices after establishing a short-range communication connection, if one party does not receive the authentication information sent by the other party within the set time or receives the authentication information but the authentication fails, Open the above short-range communication connection. That is to say, only devices that adopt the above authentication mechanism and pass authentication can communicate on the established short-range communication connection, which improves the security of short-range communication.
  • FIG. 1 is a structural diagram of a system on which an embodiment of the present invention is based;
  • FIG. 2 is a flowchart of a main method according to an embodiment of the present invention.
  • FIG. 3 is a detailed flowchart of a method according to an embodiment of the present invention.
  • FIG. 5 is a detailed flowchart of still another method according to an embodiment of the present invention.
  • FIG. 6 is a structural diagram of a device according to an embodiment of the present invention.
  • FIG. 7 is a structural diagram of another apparatus according to an embodiment of the present invention.
  • the system structure diagram on which the present invention is based may be as shown in FIG. 1, and mainly includes a first communication device and a second communication device, and a short-range communication connection may be established between the two, and data is performed on the established short-range communication connection.
  • the short-range communication may be, but not limited to, Bluetooth, infrared, Zigbee, and the like.
  • the first communication device and the second communication device may be terminal devices having a short-range communication function, such as a smart phone, a notebook computer, a tablet Computers, wearables, and more.
  • the wearable device may include, but is not limited to, a smart bracelet, a smart watch, smart glasses, and the like.
  • FIG. 2 is a flowchart of a main method according to an embodiment of the present invention. As shown in FIG. 2, the method may include the following steps:
  • a short-range communication connection is established between the first communication device and the second communication device.
  • a Bluetooth connection, an infrared connection, a Zigbee connection, or the like can be established between the first communication device and the second communication device.
  • the first communications device determines whether the authentication information of the second communications device is not received or the authentication information of the second communications device is received within the preset duration but the authentication fails, and if yes, performs 203; otherwise, performs 204. .
  • the second communication device After establishing the short-range communication connection, the second communication device transmits the authentication information to the first communication device within a preset time period.
  • the certification can be adopted but not limited to the following two methods:
  • the authentication information may include identification information of the second communication device.
  • the first communication device performs authentication by using the authentication information, it may be determined whether the first communication device has a binding relationship, and if not, the first communication device is not yet bound to any device, and the authentication may be considered; if yes, Then, it is further determined whether the saved binding relationship is a binding relationship with the second communication device, and if not, determining that the authentication fails; if yes, determining that the authentication is passed.
  • the authentication information may include plaintext information and ciphertext information obtained by encrypting the plaintext information.
  • the first communication device first decrypts the received ciphertext information, and compares whether the plaintext information obtained by the decryption is consistent with the plaintext information carried in the authentication information. If the information is consistent, the authentication passes, otherwise the authentication fails.
  • the above plaintext information may include a random number, such as a timestamp, a randomly generated character string, and the like.
  • Other information such as identification information of the second communication device, etc., may also be included.
  • the encryption and decryption methods used by the second communication device and the first communication device may be symmetric encryption algorithms, such as DES (Data Encryption Standard), AES (Advanced Encryption Standard), or the like. Symmetric algorithms, such as RSA.
  • the second communication device generates a key pair: the public key and the private key of the second communication device; and then encrypts the above plaintext information by using the public key and the private key of the second communication device, and The ciphertext information is sent to the first communication device together with the plaintext information and the public key.
  • the first communication device decrypts the ciphertext information by using the received public key and the private key of the first communication device, and compares the obtained plaintext information with the received plaintext information. If the information is consistent, the authentication passes, otherwise the authentication fails. .
  • the set duration of the embodiment may be set according to specific requirements, for example, may be set to 1 minute.
  • the first communication device disconnects the proximity communication established with the second communication device, ending the flow.
  • the embodiment of the present invention does not change the process of establishing the short-range communication, but performs the above-mentioned authentication process at the application layer, and if the authentication fails, disconnects the established short-range communication connection.
  • the first communication device saves the binding relationship with the second communication device, and returns information indicating successful authentication to the second communication device, where the first communication device and the second communication device may be connected to the established short-range communication connection. Data communication.
  • the connection between the first communication device and the second communication device is a secure connection, and data communication is possible.
  • the method is described in detail below by taking the first communication device as a wearable device and the second communication device as a smart phone, and establishing a Bluetooth connection between the two.
  • FIG. 3 is a detailed flowchart of a method according to an embodiment of the present invention.
  • the process is an embodiment in which a smart phone and a wearable device are not bound (for example, a smart phone is connected to a wearable device for the first time), as shown in FIG. 3 .
  • the method can include the following steps:
  • the wearable device can continuously broadcast its own Bluetooth connection information, which can include a Bluetooth MAC address, a sign waiting to be connected, and an unbound flag of the device.
  • the smartphone turns on Bluetooth scanning and sends Bluetooth scan information to the wearable device.
  • the wearable device After acquiring the Bluetooth scan information, the wearable device returns a Bluetooth scan response message to the smart phone, where the Bluetooth scan response information includes connection information of the wearable device, where the connection information of the wearable device may include the wearable device.
  • Bluetooth MAC address In addition to this, it may also include waiting for a connection flag, a device unbound flag, and the like.
  • the information contained in the Bluetooth scan response message may be in a specific format and may be encrypted information or non-encrypted information.
  • connection information of the wearable device carried in the Bluetooth scan response message may be the same as or different from the connection information broadcasted by the wearable device after the Bluetooth function is turned on.
  • the connection information of the two received wearable devices can be integrated.
  • the smartphone transmits the Bluetooth connection request to the wearable device using the acquired connection information of the wearable device.
  • the smart phone may provide the user with the user to select which one is the target device to be connected.
  • the smartphone can broadcast information based on the wearable device
  • the device is not bound in the Bluetooth scan response message, and the unbound wearable device is selected to send a Bluetooth connection request, that is, the bound wearable device is filtered out.
  • connection information of the smart phone can be carried in the sent Bluetooth connection request, and the connection information can adopt the Bluetooth MAC address of the smart phone.
  • the wearable device After the wearable device receives the Bluetooth connection request, the Bluetooth connection is successfully established, and a response to successful connection establishment (not shown) can be returned.
  • the above process is a Bluetooth connection establishment process for smartphones and wearable devices.
  • the smart phone After establishing a Bluetooth connection with the wearable device, the smart phone sends the identification information of the smart phone to the wearable device.
  • the identification information of the smart phone may be, but not limited to, the MAC address of the smart phone, the serial number of the smart phone, the IMEI of the smart phone (International Mobile Equipment Identity), the UDID of the smart phone (the unique device identification)
  • the user account information (the account information used by the user to log in to the APP, the APP can be run in a smartphone to execute the method flow provided by the present invention) and the like.
  • the wearable device determines whether the binding relationship has been stored locally. If not, the smart phone is not authenticated, so unbound information can be returned to the smartphone. The case where the binding relationship has been saved will be described in the embodiment shown in FIG.
  • the smartphone After receiving the unbound information, the smartphone sends the authentication information to the wearable device.
  • the smart phone can carry its own identification information in the authentication information and send it to the wearable device. That is, it corresponds to the first authentication method described above.
  • the second authentication method may also be adopted, that is, the smart phone and the wearable device may pre-agreed the encryption and decryption method, and the smart phone may encrypt the identification information and the time stamp of the smart phone by using the public key and the private key thereof, and encrypt the obtained information.
  • the ciphertext information, the identification information of the smart phone, and the plaintext information composed of the time stamp and the public key are sent to the wearable device.
  • This method is only an example of using asymmetric encryption, or it can use symmetric encryption or other information.
  • the wearable device determines whether the authentication information is received within the set time, and if the authentication information is received within the set time, executes 309. If the authentication information is not received within the set time, execute 310.
  • the wearable device disconnects the Bluetooth connection established with the smartphone.
  • the wearable device authenticates the received authentication information, and if the authentication passes, the binding relationship with the smart phone is saved locally, and the information that the authentication succeeds is returned to the smart phone.
  • the identification information of the smartphone can be saved locally.
  • the smart phone after receiving the information that the authentication succeeds, the smart phone saves the binding relationship with the wearable device.
  • the binding relationship saved on the smartphone may include connection information of the wearable device, and may also include identification information of the wearable device.
  • the smart phone can also send the saved binding relationship with the wearable device to the server for saving, thereby performing subsequent backup or other services.
  • FIG. 4 is a detailed flowchart of another method according to an embodiment of the present invention.
  • the process is an embodiment in which a smart phone and a wearable device are not bound (for example, a first connection between a smart phone and a wearable device), and the implementation is implemented.
  • the difference between the example and the embodiment shown in FIG. 3 is that the manner in which the smart phone establishes a Bluetooth connection with the wearable device is different.
  • the method can include the following steps:
  • the two-dimensional code including the connection information of the wearable device is provided.
  • This step is applicable to a wearable device with a display device.
  • the wearable device can display a QR code containing its own connection information on the screen for scanning by the mobile device.
  • the connection information of the wearable device may include a Bluetooth MAC address of the wearable device.
  • the smartphone scans the two-dimensional code and parses the connection information of the wearable device.
  • the smartphone transmits a Bluetooth connection request to the wearable device using the connection information of the wearable device.
  • FIG. 5 is a detailed flowchart of still another method according to an embodiment of the present invention.
  • the process is an embodiment in which a smart phone is bound to a wearable device.
  • the method may include the following steps:
  • the smartphone transmits a Bluetooth connection request to the wearable device using a locally stored binding relationship with the wearable device.
  • connection information saved by the smart phone locally includes the connection information of the wearable device, and the connection information of the wearable device can be directly used to send the Bluetooth connection request to the wearable device.
  • the wearable device and the smart phone wait for receiving the authentication information of the smart phone within a set time period after establishing a Bluetooth connection with the wearable device.
  • the smartphone transmits the identification information of the smartphone to the wearable device.
  • the wearable device determines whether there is a binding relationship in the local area. In this embodiment, the binding relationship exists. Therefore, the wearable device further determines, according to the identifier information of the received smart phone, whether the smart phone is connected to the smart phone. Binding, if yes, communication between the wearable device and the smartphone; if not, execution 506.
  • the wearable device already has a binding relationship locally, the wearable device is already bound to a certain smart phone. To ensure security, it is necessary to prohibit Bluetooth communication other than the bound smart phone. In this step, the identification information of the received smart phone is actually compared with the locally saved binding relationship. If they are consistent, communication between the wearable device and the smart phone can be performed, otherwise, 506 is performed.
  • the wearable device disconnects from the Bluetooth connection with the smartphone.
  • the identifier information of the smart phone sent by the smart phone to the wearable device may be encrypted information or non-encrypted information.
  • the binding relationship between the smart phone and the wearable device may be released, and may be triggered by the wearable device.
  • the wearable device when the user manually resets the binding relationship on the wearable device, the wearable device is After receiving the reset command, the binding relationship saved by the wearable device is deleted. It can also be triggered by the smart phone.
  • the smart phone receives the reset command, and deletes the binding relationship between the smart phone and the wearable device, and The wearable device sends an unbinding request. After the wearable device receives the unbinding request from the smartphone, the saved binding relationship is released.
  • FIG. 6 is a structural diagram of a device according to an embodiment of the present invention.
  • the device may be configured on the first communications device.
  • the device may include: a receiving unit 01, an authentication unit 02, and a first determining unit.
  • 03 and the control unit 04 may further include a binding unit 05, a transmitting unit 06, a second determining unit 07, a third determining unit 08, and a connection establishing unit 09.
  • the main functions of each component are as follows:
  • the receiving unit 01 is responsible for receiving the authentication information of the second communication device.
  • the authentication unit 02 is responsible for authenticating the authentication information received by the receiving unit.
  • the authentication information may include the identification information of the second communication device, and the authentication unit 02 determines whether the first communication device stores the binding relationship when authenticating the authentication information, and if not, the authentication passes; if yes, further determines the saving. Whether the binding relationship is a binding relationship with the second communication device, and if not, the authentication fails; if yes, the authentication passes.
  • the authentication information may include: plaintext information and ciphertext information obtained by encrypting the plaintext information.
  • the authentication unit 02 can decrypt the ciphertext information, and compare whether the plaintext information obtained by the decryption is consistent with the plaintext information carried in the authentication information. If the authentication is consistent, the authentication is passed, otherwise the authentication fails.
  • the above plaintext information may include a random number, or include a random number and a Identification information of the second communication device.
  • the decryption method adopted by the authentication unit 02 may be a symmetric encryption algorithm, such as DES, AES, or the like, or an asymmetric encryption algorithm, such as RSA.
  • the second communication device generates a key pair: the public key and the private key of the second communication device; and then encrypts the above plaintext information by using the public key and the private key of the second communication device, and The ciphertext information is sent to the first communication device together with the plaintext information and the public key.
  • the first communication device decrypts the ciphertext information by using the received public key and the private key of the first communication device, and compares the obtained plaintext information with the received plaintext information. If the information is consistent, the authentication passes, otherwise the authentication fails. .
  • the first determining unit 03 is responsible for determining whether the receiving unit 01 does not receive the authentication information of the second communication device within the preset time period after establishing the short-range communication connection between the first communication device and the second communication device, or receives the first The authentication information of the second communication device but the authentication fails.
  • the control unit 04 can disconnect the short-range communication connection.
  • the binding unit 05 may save the binding relationship with the second communication device, and The transmitting unit 06 transmits information indicating that the authentication is successful to the second communication device.
  • the binding relationship may include the identifier information of the second communication device.
  • the receiving unit 01 may receive the identification information of the second communication device; when the receiving unit 01 receives the identification information of the second communication device, the second determining unit 07 determines whether the binding unit 05 holds the binding relationship. If the determination result of the second judging unit 07 is NO, the receiving unit 01 waits to receive the authentication information of the second communication device within the preset time period; and the transmitting unit 06 transmits the unbound information to the second communication device.
  • the third judging unit 08 judges whether the binding relationship held by the binding unit 05 is a binding relationship with the second communication device, and if so, the control unit 04 allows the above. Data communication on the short-range communication connection; otherwise, disconnect the above-mentioned short-range communication connection.
  • the apparatus may further include an unbinding unit (not shown), the unbinding unit is responsible for receiving the reset instruction (eg, the user manually resets the binding relationship on the first communication device), or the receiving unit 01 When the unbinding request sent by the second communication device is received, the binding relationship between the saved first communication device and the second communication device is deleted.
  • the unbinding unit is responsible for receiving the reset instruction (eg, the user manually resets the binding relationship on the first communication device), or the receiving unit 01
  • the unbinding request sent by the second communication device is received, the binding relationship between the saved first communication device and the second communication device is deleted.
  • connection establishing unit 09 is primarily responsible for establishing the above-described close-range communication connection between the first communication device and the second communication device. It can be used but not limited to the following two ways:
  • connection establishing unit 09 displays an information code containing the connection information of the first communication device, so that the second communication device scans and uses the obtained connection information of the first communication device to establish a short-range communication connection.
  • connection establishing unit 09 after receiving the scan information of the second communication device, the connection establishing unit 09 sends scan response information including the connection information of the first communication device to the second communication device, so that the second communication device utilizes the first communication device.
  • the connection information establishes a short-range communication connection.
  • the above-mentioned short-range communication connection in this embodiment may include, but is not limited to, a Bluetooth connection, an infrared connection, or a Zigbee.
  • FIG. 7 is a structural diagram of another apparatus according to an embodiment of the present invention.
  • the apparatus may be disposed on a second communication device.
  • the apparatus may include: a sending unit 11, and may further include a receiving unit 12 and The unit 13 and the connection establishing unit 14 are provided.
  • the main functions of each component are as follows:
  • the sending unit 11 is responsible for transmitting the authentication information of the second communication device to the first communication device after establishing the short-range communication connection between the second communication device and the first communication device.
  • the authentication information may include identification information of the second communication device.
  • the authentication information may include: plaintext information and ciphertext information obtained by encrypting the plaintext information.
  • the plaintext information may include a random number or include the random number and identification information of the second communication device.
  • the methods used for encryption include: a symmetric encryption algorithm or an asymmetric encryption algorithm; when an asymmetric encryption algorithm is used, the authentication information also includes public key information.
  • the receiving unit 12 is responsible for receiving the information of the successful authentication returned by the first communication device. After the receiving unit 12 receives the information of the authentication success returned by the first communication device, the binding unit 13 saves the binding relationship with the first communication device.
  • the binding relationship may include connection information of the first communication device, such as a near field communication MAC address of the first communication device, and may further include identification information of the first communication device.
  • the sending unit 11 can also send the binding relationship between the second communication device and the first communication device to the server for saving.
  • the sending unit 11 may send the identification information of the second communication device to the first communication device; if the receiving unit 12 receives the first communication device, The unbound information transmits the authentication information of the second communication device to the first communication device.
  • the device may further include an unbinding unit (not shown), and when the unbinding unit receives the reset instruction (for example, the user manually resets the binding relationship on the second communication device side), the second is deleted.
  • the reset instruction for example, the user manually resets the binding relationship on the second communication device side
  • the second is deleted.
  • the binding relationship held by the communication device, and the triggering sending unit 11 sends an unbinding request to the first communication device.
  • the connection establishing unit 14 is mainly responsible for establishing a near field communication connection between the first communication device and the second communication device. If it is not already associated with the first communication device, the following two methods may be adopted:
  • the first way scanning the information code provided by the first communication device; using the first pass obtained from the information code
  • the connection information of the letter device establishes a short-range communication connection.
  • the second mode performing short-range communication scanning; acquiring connection information of the first communication device from the received scan response information; and establishing a short-distance communication connection by using connection information of the first communication device.
  • connection establishing unit 14 may establish a close-range communication connection using the binding relationship with the first communication device saved by the binding unit.
  • the short-range communication connection may include, but is not limited to, a Bluetooth connection, an infrared connection, or a Zigbee.
  • the method and apparatus provided by the present invention can have the following advantages:
  • the present invention can disconnect the short-range communication connection after the two communication devices establish a short-range communication connection, if one party does not receive the authentication information sent by the other party within the set time or receives the authentication information but the authentication fails. . That is to say, only devices that adopt the above authentication mechanism and pass authentication can communicate on the established short-range communication connection, which improves the security of short-range communication.
  • the first communication device such as a wearable device
  • the other communication device cannot communicate with the first communication device in close proximity, and only binds to the first communication device.
  • the device can communicate with the first communication device in close proximity, further ensuring security.
  • the present invention also provides a way to establish a short-range communication connection by scanning a two-dimensional code, so that the establishment of a short-range communication connection is more targeted.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of hardware plus software functional units.
  • the above-described integrated unit implemented in the form of a software functional unit can be stored in a computer readable storage medium.
  • the above software functional unit is stored in a storage medium and includes a plurality of instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to execute the present invention. Part of the steps of the method described in the various examples.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .

Abstract

Provided in the present invention are a near field communication establishing method and device. The method comprises: after a near field communication connection is established between a first communication device and a second communication device, if the first communication device does not receive authentication information of the second communication device in a predetermined time period or the authentication information is received but the authentication fails, the near field communication connection is disconnected. The present invention can improve the security of the near field communication.

Description

一种近距离通信的建立方法和装置Method and device for establishing short-distance communication
本申请要求2015年10月12日递交的申请号为201510657435.8、发明名称为“一种近距离通信的建立方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 20151065743, the entire disclosure of which is incorporated herein by reference.
技术领域Technical field
本发明涉及网络通信技术领域,特别涉及一种近距离通信的建立方法和装置。The present invention relates to the field of network communication technologies, and in particular, to a method and an apparatus for establishing short-range communication.
背景技术Background technique
随着可穿戴设备的不断兴起和普及,诸如运动手环、智能眼镜、智能血压计等设备逐渐进入人们的生活。这些可穿戴设备大多采用蓝牙、红外、Zigbee等近距离通信的方式与手机建立连接,与手机之间进行数据或控制指令的交互。With the rise and popularity of wearable devices, devices such as sports bracelets, smart glasses, and smart blood pressure monitors have gradually entered people's lives. Most of these wearable devices use Bluetooth, infrared, Zigbee and other close-range communication to establish a connection with the mobile phone, and interact with the mobile phone for data or control commands.
现有技术中,上述可穿戴设备在与手机建立近距离通信的连接时,通常由手机开启扫描并进行手工配对后,与可穿戴设备之间建立连接。以蓝牙为例,手机开启蓝牙扫描,如果扫描到附近的多个蓝牙设备,则手工选择其中一个蓝牙设备进行配对,从而建立蓝牙连接。然而,这种方式会造成可穿戴设备能够被附近任意的手机扫描到并建立连接进行近距离通信,从而被获取到数据,安全性很差。In the prior art, when the wearable device establishes a short-distance communication connection with the mobile phone, the mobile phone usually starts scanning and manually pairs, and establishes a connection with the wearable device. Taking Bluetooth as an example, the mobile phone turns on Bluetooth scanning. If scanning to multiple nearby Bluetooth devices, manually select one of the Bluetooth devices to pair to establish a Bluetooth connection. However, this method can cause the wearable device to be scanned by any nearby mobile phone and establish a connection for short-distance communication, thereby obtaining data and having poor security.
发明内容Summary of the invention
有鉴于此,本发明提供了一种近距离通信的建立方法和装置,以便于提高通信的安全性。In view of this, the present invention provides a method and apparatus for establishing short-range communication, so as to improve the security of communication.
具体技术方案如下:The specific technical solutions are as follows:
本发明提供了一种近距离通信的建立方法,该方法包括:The invention provides a method for establishing short-range communication, the method comprising:
第一通信设备与第二通信设备之间建立近距离通信连接后,若所述第一通信设备在预设时长内未接收到所述第二通信设备的认证信息,或者接收到所述第二通信设备的认证信息但认证失败,则断开所述近距离通信连接。After establishing a short-range communication connection between the first communication device and the second communication device, if the first communication device does not receive the authentication information of the second communication device within a preset time period, or receives the second If the authentication information of the communication device fails but the authentication fails, the short-range communication connection is disconnected.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
若所述第一通信设备在设定时长内接收到所述第二通信设备的认证信息且认证成功,则保存与所述第二通信设备之间的绑定关系,并向所述第二通信设备返回认证成功的信息。 And if the first communication device receives the authentication information of the second communication device within the set duration and the authentication is successful, saving a binding relationship with the second communication device, and transmitting the second communication The device returns information indicating that the authentication is successful.
根据本发明一优选实施方式,第一通信设备与第二通信设备之间建立近距离通信连接后,该方法还包括:According to a preferred embodiment of the present invention, after establishing a short-range communication connection between the first communication device and the second communication device, the method further includes:
所述第一通信设备接收所述第二通信设备的标识信息,判断所述第一通信设备是否保存有绑定关系,如果否,则向所述第二通信设备发送未绑定的信息,并等待在所述预设时长内接收所述第二通信设备的认证信息。The first communication device receives the identification information of the second communication device, determines whether the first communication device stores a binding relationship, and if not, sends unbound information to the second communication device, and Waiting to receive the authentication information of the second communication device within the preset duration.
根据本发明一优选实施方式,如果判断出所述第一通信设备保存有绑定关系,则进一步判断所述绑定关系是否为与所述第二通信设备的绑定关系,如果是,则允许在所述近距离通信连接上的数据通讯;如果否,则断开所述近距离通信连接。According to a preferred embodiment of the present invention, if it is determined that the first communication device holds a binding relationship, it is further determined whether the binding relationship is a binding relationship with the second communication device, and if yes, Data communication over the short-range communication connection; if not, disconnecting the near-field communication connection.
根据本发明一优选实施方式,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息;According to a preferred embodiment of the present invention, the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information;
所述第一通信设备在对所述认证信息进行认证时,对所述密文信息进行解密,比较解密得到的明文信息与所述认证信息携带的明文信息是否一致,如果一致,则认证通过,否则认证失败。When the first communication device authenticates the authentication information, the ciphertext information is decrypted, and the plaintext information obtained by the decryption is compared with the plaintext information carried in the authentication information. If the information is consistent, the authentication is passed. Otherwise the authentication fails.
根据本发明一优选实施方式,所述明文信息包括随机数,或者包括随机数和所述第二通信设备的标识信息。According to a preferred embodiment of the present invention, the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
根据本发明一优选实施方式,所述加密和所述解密所采用的方法包括:对称加密算法或非对称加密算法;According to a preferred embodiment of the present invention, the method used for the encryption and the decryption comprises: a symmetric encryption algorithm or an asymmetric encryption algorithm;
当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
根据本发明一优选实施方式,所述认证信息包括:所述第二通信设备的标识信息;According to a preferred embodiment of the present invention, the authentication information includes: identification information of the second communication device;
所述第一通信设备在对所述认证信息进行认证时,判断所述第一通信设备是否保存有绑定关系,如果否,则认证通过;如果是,则进一步判断所述绑定关系是否为与所述第二通信设备的绑定关系,如果否,则认证失败。When the first communication device authenticates the authentication information, it is determined whether the first communication device stores a binding relationship, and if not, the authentication passes; if yes, further determines whether the binding relationship is The binding relationship with the second communication device, if not, the authentication fails.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
若所述第一通信设备接收到重置指令,或者接收到所述第二通信设备发送的解除绑定请求,则删除保存的所述第一通信设备与所述第二通信设备之间的绑定关系。Deleting the saved binding between the first communication device and the second communication device if the first communication device receives the reset instruction or receives the unbinding request sent by the second communication device Relationship.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
所述第一通信设备显示包含第一通信设备的连接信息的信息码,以便所述第二通信设备扫描并利用得到的第一通信设备的连接信息建立所述近距离通信连接。The first communication device displays an information code including connection information of the first communication device, so that the second communication device scans and utilizes the obtained connection information of the first communication device to establish the short-range communication connection.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
所述第一通信设备接收到所述第二通信设备的扫描信息后,向所述第二通信设备发 送包含第一通信设备的连接信息的扫描回应信息,以便所述第二通信设备利用所述第一通信设备的连接信息建立所述近距离通信连接。After receiving the scan information of the second communication device, the first communication device sends the scan information to the second communication device And sending scan response information including connection information of the first communication device, so that the second communication device establishes the short-range communication connection by using connection information of the first communication device.
根据本发明一优选实施方式,所述近距离通信连接包括:蓝牙连接、红外连接、或者Zigbee。According to a preferred embodiment of the present invention, the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
本发明还提供了一种近距离通信的建立方法,该方法还包括:The present invention also provides a method for establishing short-range communication, the method further comprising:
第二通信设备与第一通信设备之间建立近距离通信连接后,所述第二通信设备在预设时长内将所述第二通信设备的认证信息发送给所述第一通信设备。After the second communication device establishes a short-range communication connection with the first communication device, the second communication device sends the authentication information of the second communication device to the first communication device within a preset time period.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
所述第二通信设备接收到所述第一通信设备返回的认证成功的信息后,保存与所述第一通信设备的绑定关系。After receiving the information that the first communication device returns the authentication success, the second communication device saves the binding relationship with the first communication device.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
所述第二通信设备将与所述第一通信设备的绑定关系发送给服务器端进行保存。The second communication device sends the binding relationship with the first communication device to the server for saving.
根据本发明一优选实施方式,所述第二通信设备与所述第一通信设备之间建立近距离通信连接后,该方法还包括:所述第二通信设备将所述第二通信设备的标识信息发送给所述第一通信设备;According to a preferred embodiment of the present invention, after the second communication device establishes a short-range communication connection with the first communication device, the method further includes: the second communication device identifying the second communication device Sending information to the first communication device;
若接收到所述第一通信设备发送的未绑定的信息,则执行所述将所述第二通信设备的认证信息发送给所述第一通信设备。And if the unbound information sent by the first communications device is received, performing the sending the authentication information of the second communications device to the first communications device.
根据本发明一优选实施方式,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息。According to a preferred embodiment of the present invention, the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information.
根据本发明一优选实施方式,所述明文信息包括随机数,或者包括随机数和所述第二通信设备的标识信息。According to a preferred embodiment of the present invention, the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
根据本发明一优选实施方式,所述加密所采用的方法包括:对称加密算法或非对称加密算法;According to a preferred embodiment of the present invention, the method used for the encryption includes: a symmetric encryption algorithm or an asymmetric encryption algorithm;
当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
根据本发明一优选实施方式,所述认证信息包括:所述第二通信设备的标识信息。According to a preferred embodiment of the present invention, the authentication information includes: identification information of the second communication device.
根据本发明一优选实施方式,若所述第二通信设备接收到重置指令,则删除所述第二通信设备保存的与所述第一通信设备的绑定关系,并向所述第一通信设备发送解除绑定请求。According to a preferred embodiment of the present invention, if the second communication device receives the reset instruction, deleting the binding relationship with the first communication device saved by the second communication device, and transmitting the first communication The device sends an unbind request.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
所述第二通信设备扫描所述第一通信设备提供的信息码; The second communication device scans an information code provided by the first communication device;
利用从所述信息码中解析得到的第一通信设备的连接信息,建立所述近距离通信连接。The short-range communication connection is established using connection information of the first communication device parsed from the information code.
根据本发明一优选实施方式,该方法还包括:According to a preferred embodiment of the present invention, the method further includes:
所述第二通信设备进行近距离通信扫描;The second communication device performs a short-range communication scan;
从接收到的扫描回应信息中获取第一通信设备的连接信息;Obtaining connection information of the first communication device from the received scan response information;
利用所述第一通信设备的连接信息,建立所述近距离通信连接。The proximity communication connection is established using connection information of the first communication device.
根据本发明一优选实施方式,所述第二通信设备利用本地保存的与所述第一通信设备的绑定关系,建立所述近距离通信连接。According to a preferred embodiment of the present invention, the second communication device establishes the short-range communication connection by using a locally saved binding relationship with the first communication device.
根据本发明一优选实施方式,所述近距离通信连接包括:蓝牙连接、红外连接、或者Zigbee。According to a preferred embodiment of the present invention, the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
本发明还提供了一种近距离通信的建立装置,该装置设置于第一通信设备,该装置包括:The present invention also provides a device for establishing a short-range communication, the device being disposed on the first communication device, the device comprising:
接收单元,用于接收所述第二通信设备的认证信息;a receiving unit, configured to receive authentication information of the second communications device;
认证单元,用于对所述接收单元接收到的认证信息进行认证;An authentication unit, configured to authenticate the authentication information received by the receiving unit;
第一判断单元,用于在所述第一通信设备与所述第二通信设备之间建立近距离通信连接后,判断所述接收单元是否在预设时长内未接收到所述第二通信设备的认证信息,或者接收到所述第二通信设备的认证信息但认证失败;a first determining unit, configured to determine, after the first communication device establishes a short-range communication connection between the first communication device and the second communication device, whether the receiving unit does not receive the second communication device within a preset duration Authentication information, or receiving the authentication information of the second communication device but the authentication fails;
控制单元,用于在所述第一判断单元的判断结果为是时,断开所述近距离通信连接。And a control unit, configured to disconnect the short-range communication connection when the determination result of the first determining unit is YES.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
绑定单元,用于在所述第一判断单元判断出所述第一通信设备在设定时长内接收到所述第二通信设备的认证信息且认证成功时,保存与所述第二通信设备之间的绑定关系;a binding unit, configured to: when the first determining unit determines that the first communications device receives the authentication information of the second communications device within a set duration, and the authentication succeeds, saving the second communications device Binding relationship between;
发送单元,用于在所述第一判断单元判断出所述第一通信设备在设定时长内接收到所述第二通信设备的认证信息且认证成功时,向所述第二通信设备发送认证成功的信息。a sending unit, configured to: when the first determining unit determines that the first communications device receives the authentication information of the second communications device within a set duration, and the authentication succeeds, sending the authentication to the second communications device Successful information.
根据本发明一优选实施方式,该装置还包括第二判断单元;According to a preferred embodiment of the present invention, the apparatus further includes a second determining unit;
所述接收单元,还用于接收所述第二通信设备的标识信息;如果所述第二判断单元的判断结果为否,则等待在所述预设时长内接收所述第二通信设备的认证信息;The receiving unit is further configured to receive the identifier information of the second communications device, and if the determining result of the second determining unit is no, wait for receiving the authentication of the second communications device within the preset duration information;
所述第二判断单元,用于在所述接收单元接收到所述第二通信设备的标识信息时,判断所述绑定单元是否保存有绑定关系;The second determining unit is configured to determine, when the receiving unit receives the identifier information of the second communications device, whether the binding unit saves a binding relationship;
所述发送单元,还用于如果所述第二判断单元的判断结果为否,则向所述第二通信设备发送未绑定的信息。 The sending unit is further configured to send unbound information to the second communications device if the determining result of the second determining unit is no.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
第三判断单元,用于在所述第二判断单元的判断结果为是时,判断所述绑定单元保存的绑定关系是否为与所述第二通信设备的绑定关系;a third determining unit, configured to determine, when the determination result of the second determining unit is YES, whether the binding relationship saved by the binding unit is a binding relationship with the second communication device;
所述控制单元,还用于在所述第三判断单元的判断结果为是时,允许在所述近距离通信连接上的数据通讯;否则,断开所述近距离通信连接。The control unit is further configured to allow data communication on the short-range communication connection when the determination result of the third determining unit is YES; otherwise, disconnect the short-range communication connection.
根据本发明一优选实施方式,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息;According to a preferred embodiment of the present invention, the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information;
所述认证单元在对所述认证信息进行认证时,具体用于:对所述密文信息进行解密,比较解密得到的明文信息与所述认证信息携带的明文信息是否一致,如果一致,则认证通过,否则认证失败。The authentication unit, when authenticating the authentication information, is specifically configured to: decrypt the ciphertext information, and compare whether the plaintext information obtained by the decryption is consistent with the plaintext information carried in the authentication information, and if they are consistent, the authentication is performed. Passed, otherwise the authentication failed.
根据本发明一优选实施方式,所述明文信息包括随机数,或者包括随机数和所述第二通信设备的标识信息。According to a preferred embodiment of the present invention, the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
根据本发明一优选实施方式,所述认证单元采用的解密方法包括对称加密算法或非对称加密算法;According to a preferred embodiment of the present invention, the decryption method adopted by the authentication unit includes a symmetric encryption algorithm or an asymmetric encryption algorithm;
当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
根据本发明一优选实施方式,所述认证信息包括:所述第二通信设备的标识信息;According to a preferred embodiment of the present invention, the authentication information includes: identification information of the second communication device;
所述认证单元在对所述认证信息进行认证时,判断所述第一通信设备是否保存有绑定关系,如果否,则认证通过;如果是,则进一步判断所述绑定关系是否为与所述第二通信设备的绑定关系,如果否,则认证失败。When the authentication unit authenticates the authentication information, it is determined whether the first communication device stores a binding relationship, and if not, the authentication passes; if yes, further determines whether the binding relationship is The binding relationship of the second communication device is described. If not, the authentication fails.
根据本发明一优选实施方式,该装置还包括:解绑定单元,用于接收到重置指令,或者所述接收单元接收到所述第二通信设备发送的解除绑定请求时,删除所述第一通信设备与所述第二通信设备之间的绑定关系。According to a preferred embodiment of the present invention, the apparatus further includes: a debinding unit configured to receive the reset instruction, or the receiving unit, when receiving the unbinding request sent by the second communication device, deleting the a binding relationship between the first communication device and the second communication device.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
连接建立单元,用于显示包含第一通信设备的连接信息的信息码,以便所述第二通信设备扫描并利用得到的第一通信设备的连接信息建立所述近距离通信连接。And a connection establishing unit, configured to display an information code including connection information of the first communication device, so that the second communication device scans and uses the obtained connection information of the first communication device to establish the short-range communication connection.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
连接建立单元,用于接收到所述第二通信设备的扫描信息后,向所述第二通信设备发送包含第一通信设备的连接信息的扫描回应信息,以便所述第二通信设备利用所述第一通信设备的连接信息建立所述近距离通信连接。a connection establishing unit, configured to send scan response information including connection information of the first communication device to the second communication device, after receiving the scan information of the second communication device, so that the second communication device utilizes the The connection information of the first communication device establishes the short-range communication connection.
根据本发明一优选实施方式,所述近距离通信连接包括:蓝牙连接、红外连接、或 者Zigbee。According to a preferred embodiment of the present invention, the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or Zigbee.
本发明还提供了一种近距离通信的建立装置,该装置设置于第二通信设备,该装置包括:The present invention also provides a device for establishing a short-range communication, the device being disposed in the second communication device, the device comprising:
发送单元,用于在所述第二通信设备与第一通信设备之间建立近距离通信连接后,将所述第二通信设备的认证信息发送给所述第一通信设备。And a sending unit, configured to send the authentication information of the second communications device to the first communications device after establishing a short-range communication connection between the second communications device and the first communications device.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
接收单元,用于接收所述第一通信设备返回的认证成功的信息;a receiving unit, configured to receive information about successful authentication returned by the first communications device;
绑定单元,用于在所述接收单元接收到所述第一通信设备返回的认证成功的信息后,保存与所述第一通信设备的绑定关系。And a binding unit, configured to save a binding relationship with the first communications device after the receiving unit receives the information that the first communication device returns the authentication success.
根据本发明一优选实施方式,所述发送单元,还用于将所述第二通信设备与所述第一通信设备的绑定关系发送给服务器端进行保存。According to a preferred embodiment of the present invention, the sending unit is further configured to send a binding relationship between the second communications device and the first communications device to a server for saving.
根据本发明一优选实施方式,该装置还包括接收单元;According to a preferred embodiment of the present invention, the apparatus further includes a receiving unit;
所述发送单元,还用于在所述第二通信设备与所述第一通信设备之间建立近距离通信连接后,将所述第二通信设备的标识信息发送给所述第一通信设备;若所述接收单元接收到所述第一通信设备发送的未绑定的信息,则执行所述将所述第二通信设备的认证信息发送给所述第一通信设备。The sending unit is further configured to send the identifier information of the second communications device to the first communications device after establishing a short-range communication connection between the second communications device and the first communications device; And if the receiving unit receives the unbound information sent by the first communications device, performing the sending the authentication information of the second communications device to the first communications device.
所述接收单元,还用于接收所述第一通信设备发送的未绑定的信息。The receiving unit is further configured to receive unbound information sent by the first communications device.
根据本发明一优选实施方式,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息。According to a preferred embodiment of the present invention, the authentication information includes: plaintext information and ciphertext information obtained by encrypting the plaintext information.
根据本发明一优选实施方式,所述明文信息包括随机数,或者包括随机数和所述第二通信设备的标识信息。According to a preferred embodiment of the present invention, the plaintext information includes a random number, or includes a random number and identification information of the second communication device.
根据本发明一优选实施方式,所述加密所采用的方法包括:对称加密算法或非对称加密算法;According to a preferred embodiment of the present invention, the method used for the encryption includes: a symmetric encryption algorithm or an asymmetric encryption algorithm;
当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
根据本发明一优选实施方式,所述认证信息包括:所述第二通信设备的标识信息。According to a preferred embodiment of the present invention, the authentication information includes: identification information of the second communication device.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
解绑定单元,用于接收到重置指令,则删除所述第一通信设备与所述第二通信设备的绑定关系,并触发所述发送单元向所述第一通信设备发送解除绑定请求。An unbinding unit, configured to delete a binding relationship between the first communications device and the second communications device, and trigger the sending unit to send an unbinding to the first communications device request.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
连接建立单元,用于扫描所述第一通信设备提供的信息码;利用从所述信息码中解 析得到的第一通信设备的连接信息,建立所述近距离通信连接。a connection establishing unit, configured to scan an information code provided by the first communication device; and utilize a solution from the information code The obtained connection information of the first communication device is analyzed, and the short-range communication connection is established.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
连接建立单元,用于进行近距离通信扫描;从接收到的扫描回应信息中获取第一通信设备的连接信息;利用所述第一通信设备的连接信息,建立所述近距离通信连接。a connection establishing unit, configured to perform a short-range communication scan; acquire connection information of the first communication device from the received scan response information; and establish the short-range communication connection by using connection information of the first communication device.
根据本发明一优选实施方式,该装置还包括:According to a preferred embodiment of the present invention, the device further comprises:
连接建立单元,用于利用所述绑定单元保存的与所述第一通信设备的绑定关系,建立所述近距离通信连接。And a connection establishing unit, configured to establish the short-range communication connection by using a binding relationship with the first communications device that is saved by the binding unit.
根据本发明一优选实施方式,所述近距离通信连接包括:蓝牙连接、红外连接、或者Zigbee。According to a preferred embodiment of the present invention, the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
由以上技术方案可以看出,本发明能够在两个通信设备建立近距离通信连接后,若一方在设定时间内未接收到另一方发送的认证信息或者接收到认证信息但认证失败,则断开上述近距离通信连接。也就是说,只有采用上述认证机制且认证通过的设备才能够在建立的近距离通信连接上进行通信,提高了近距离通信的安全性。It can be seen from the above technical solution that the present invention can disconnect the two communication devices after establishing a short-range communication connection, if one party does not receive the authentication information sent by the other party within the set time or receives the authentication information but the authentication fails, Open the above short-range communication connection. That is to say, only devices that adopt the above authentication mechanism and pass authentication can communicate on the established short-range communication connection, which improves the security of short-range communication.
附图说明DRAWINGS
图1为本发明实施例所基于的系统结构图;1 is a structural diagram of a system on which an embodiment of the present invention is based;
图2为本发明实施例提供的主要方法流程图;2 is a flowchart of a main method according to an embodiment of the present invention;
图3为本发明实施例提供的一种方法的详细流程图;FIG. 3 is a detailed flowchart of a method according to an embodiment of the present invention;
图4为本发明实施例提供的另一种方法的详细流程图;4 is a detailed flowchart of another method according to an embodiment of the present invention;
图5为本发明实施例提供的再一种方法的详细流程图;FIG. 5 is a detailed flowchart of still another method according to an embodiment of the present invention;
图6为本发明实施例提供的一种装置结构图;FIG. 6 is a structural diagram of a device according to an embodiment of the present invention;
图7为本发明实施例提供的另一种装置结构图。FIG. 7 is a structural diagram of another apparatus according to an embodiment of the present invention.
具体实施方式detailed description
为了使本发明的目的、技术方案和优点更加清楚,下面结合附图和具体实施例对本发明进行详细描述。The present invention will be described in detail below with reference to the drawings and specific embodiments.
本发明所基于的系统结构图可以如图1中所示,主要包括第一通信设备和第二通信设备,两者之间可以建立近距离通信连接,并在建立的近距离通信连接上进行数据通讯。其中所述近距离通信可以采用但不限于:蓝牙、红外、Zigbee等等。第一通信设备和第二通信设备可以是具备近距离通信功能的终端设备,诸如智能手机、笔记本电脑、平板 电脑、可穿戴设备等等。其中可穿戴设备可以包括但不限于:智能手环、智能手表、智能眼镜等。The system structure diagram on which the present invention is based may be as shown in FIG. 1, and mainly includes a first communication device and a second communication device, and a short-range communication connection may be established between the two, and data is performed on the established short-range communication connection. communication. The short-range communication may be, but not limited to, Bluetooth, infrared, Zigbee, and the like. The first communication device and the second communication device may be terminal devices having a short-range communication function, such as a smart phone, a notebook computer, a tablet Computers, wearables, and more. The wearable device may include, but is not limited to, a smart bracelet, a smart watch, smart glasses, and the like.
图2为本发明实施例提供的主要方法流程图,如图2中所示,该方法可以包括以下步骤:FIG. 2 is a flowchart of a main method according to an embodiment of the present invention. As shown in FIG. 2, the method may include the following steps:
在201中,第一通信设备与第二通信设备之间建立近距离通信连接。In 201, a short-range communication connection is established between the first communication device and the second communication device.
第一通信设备与第二通信设备之间可以建立诸如蓝牙连接、红外连接或Zigbee连接等。A Bluetooth connection, an infrared connection, a Zigbee connection, or the like can be established between the first communication device and the second communication device.
在202中,第一通信设备判断是否在预设时长内未接收到第二通信设备的认证信息或者接收到第二通信设备的认证信息但认证失败,如果是,则执行203;否则,执行204。In 202, the first communications device determines whether the authentication information of the second communications device is not received or the authentication information of the second communications device is received within the preset duration but the authentication fails, and if yes, performs 203; otherwise, performs 204. .
在建立上述近距离通信连接后,第二通信设备在预设时长内向第一通信设备发送认证信息。其中认证可以采用但不限于以下两种方式:After establishing the short-range communication connection, the second communication device transmits the authentication information to the first communication device within a preset time period. The certification can be adopted but not limited to the following two methods:
第一种方式:认证信息可以包括第二通信设备的标识信息。第一通信设备在利用认证信息进行认证时,可以判断第一通信设备是否保存有绑定关系,如果否,则说明该第一通信设备尚未与任何设备绑定,可以认为认证通过;如果是,则进一步判断保存的绑定关系是否为与第二通信设备的绑定关系,如果否,则确定认证失败;如果是,则确定认证通过。The first way: the authentication information may include identification information of the second communication device. When the first communication device performs authentication by using the authentication information, it may be determined whether the first communication device has a binding relationship, and if not, the first communication device is not yet bound to any device, and the authentication may be considered; if yes, Then, it is further determined whether the saved binding relationship is a binding relationship with the second communication device, and if not, determining that the authentication fails; if yes, determining that the authentication is passed.
第二种方式:认证信息可以包括明文信息以及对该明文信息进行加密后得到的密文信息。第一通信设备在利用认证信息进行认证时,首先对接收到的密文信息进行解密,比较解密得到的明文信息与认证信息携带的明文信息是否一致,如果一致,则认证通过,否则认证失败。The second method: the authentication information may include plaintext information and ciphertext information obtained by encrypting the plaintext information. When the authentication is performed by using the authentication information, the first communication device first decrypts the received ciphertext information, and compares whether the plaintext information obtained by the decryption is consistent with the plaintext information carried in the authentication information. If the information is consistent, the authentication passes, otherwise the authentication fails.
为了保证认证的安全性,上述明文信息可以包括随机数,例如时间戳、随机生成的字符串等。还可以进一步包括其他信息,诸如第二通信设备的标识信息等。In order to ensure the security of the authentication, the above plaintext information may include a random number, such as a timestamp, a randomly generated character string, and the like. Other information, such as identification information of the second communication device, etc., may also be included.
第二通信设备和第一通信设备所采用的加密、解密方式可以为对称加密算法,例如DES(Data Encryption Standard,数据加密标准)、AES(Advanced Encryption Standard,高级加密标准)等,也可以为非对称算法,例如RSA等。以非对称算法为例,第二通信设备生成一个密钥对:公钥和第二通信设备的私钥;然后利用公钥和第二通信设备的私钥对上述的明文信息进行加密,将得到的密文信息与明文信息、上述公钥一起发送给第一通信设备。第一通信设备利用接收到的公钥和第一通信设备的私钥对上述密文信息进行解密,将得到的明文信息与接收到的明文信息进行比较,如果一致,则认证通过,否则认证失败。 The encryption and decryption methods used by the second communication device and the first communication device may be symmetric encryption algorithms, such as DES (Data Encryption Standard), AES (Advanced Encryption Standard), or the like. Symmetric algorithms, such as RSA. Taking the asymmetric algorithm as an example, the second communication device generates a key pair: the public key and the private key of the second communication device; and then encrypts the above plaintext information by using the public key and the private key of the second communication device, and The ciphertext information is sent to the first communication device together with the plaintext information and the public key. The first communication device decrypts the ciphertext information by using the received public key and the private key of the first communication device, and compares the obtained plaintext information with the received plaintext information. If the information is consistent, the authentication passes, otherwise the authentication fails. .
本实施例中涉及的设定时长可以根据具体的需求进行设置,例如可以设置为1分钟。The set duration of the embodiment may be set according to specific requirements, for example, may be set to 1 minute.
在203中,第一通信设备断开与第二通信设备建立的近距离通信连接,结束流程。In 203, the first communication device disconnects the proximity communication established with the second communication device, ending the flow.
本发明实施例对近距离通信建立的过程不加以改动,而在应用层进行上述认证过程,如果认证失败,断开已建立的近距离通信连接。The embodiment of the present invention does not change the process of establishing the short-range communication, but performs the above-mentioned authentication process at the application layer, and if the authentication fails, disconnects the established short-range communication connection.
在204中,第一通信设备保存与第二通信设备的绑定关系,并向第二通信设备返回认证成功的信息,第一通信设备和第二通信设备可以在上述建立的近距离通信连接上进行数据通讯。In 204, the first communication device saves the binding relationship with the second communication device, and returns information indicating successful authentication to the second communication device, where the first communication device and the second communication device may be connected to the established short-range communication connection. Data communication.
如果认证成功,则第一通信设备和第二通信设备之间的连接为安全连接,可以进行数据通信。If the authentication is successful, the connection between the first communication device and the second communication device is a secure connection, and data communication is possible.
下面以第一通信设备为可穿戴设备,第二通信设备为智能手机,两者之间建立蓝牙连接为例对上述方法进行详细描述。The method is described in detail below by taking the first communication device as a wearable device and the second communication device as a smart phone, and establishing a Bluetooth connection between the two.
图3为本发明实施例提供的一种方法的详细流程图,该流程为智能手机与可穿戴设备尚未绑定(例如,智能手机与可穿戴设备第一次连接)的实施例,如图3中所示,该方法可以包括以下步骤:FIG. 3 is a detailed flowchart of a method according to an embodiment of the present invention. The process is an embodiment in which a smart phone and a wearable device are not bound (for example, a smart phone is connected to a wearable device for the first time), as shown in FIG. 3 . As shown, the method can include the following steps:
在301中,可穿戴设备开启蓝牙功能后,等待智能手机发起蓝牙扫描。In 301, after the wearable device turns on the Bluetooth function, it waits for the smart phone to initiate a Bluetooth scan.
另外,可穿戴设备开启蓝牙功能后,可以持续广播自身的蓝牙连接信息,可以包含蓝牙MAC地址、等待连接的标志、设备未绑定标志等。In addition, after the Bluetooth device is enabled, the wearable device can continuously broadcast its own Bluetooth connection information, which can include a Bluetooth MAC address, a sign waiting to be connected, and an unbound flag of the device.
在302中,智能手机开启蓝牙扫描,向可穿戴设备发送蓝牙扫描信息。In 302, the smartphone turns on Bluetooth scanning and sends Bluetooth scan information to the wearable device.
在303中,可穿戴设备获取到蓝牙扫描信息后,向智能手机返回蓝牙扫描回应信息,在该蓝牙扫描回应信息中包含可穿戴设备的连接信息,其中可穿戴设备的连接信息可以包括可穿戴设备的蓝牙MAC地址。除此之外,还可以包括等待连接标志、设备未绑定标志等。蓝牙扫描回应信息中包含的信息可以采用特定格式,并且可以是加密信息,也可以是非加密信息。In 303, after acquiring the Bluetooth scan information, the wearable device returns a Bluetooth scan response message to the smart phone, where the Bluetooth scan response information includes connection information of the wearable device, where the connection information of the wearable device may include the wearable device. Bluetooth MAC address. In addition to this, it may also include waiting for a connection flag, a device unbound flag, and the like. The information contained in the Bluetooth scan response message may be in a specific format and may be encrypted information or non-encrypted information.
在蓝牙扫描回应信息中携带的可穿戴设备的连接信息与可穿戴设备在开启蓝牙功能后广播的连接信息可以相同,也可以不同。对于智能手机可以综合这两次接收到的可穿戴设备的连接信息。The connection information of the wearable device carried in the Bluetooth scan response message may be the same as or different from the connection information broadcasted by the wearable device after the Bluetooth function is turned on. For the smartphone, the connection information of the two received wearable devices can be integrated.
在304中,智能手机利用获取到的可穿戴设备的连接信息,向可穿戴设备发送蓝牙连接请求。At 304, the smartphone transmits the Bluetooth connection request to the wearable device using the acquired connection information of the wearable device.
在本步骤中,智能手机如果获取到多个可穿戴设备的连接信息,则可以提供给用户供用户选择哪一个是要连接的目标设备。或者智能手机可以根据可穿戴设备广播的信息 或者在蓝牙扫描回应信息中携带的设备未绑定标志,选择未绑定的可穿戴设备发送蓝牙连接请求,即将已绑定的可穿戴设备过滤掉。In this step, if the smart phone obtains the connection information of the plurality of wearable devices, the smart phone may provide the user with the user to select which one is the target device to be connected. Or the smartphone can broadcast information based on the wearable device Or the device is not bound in the Bluetooth scan response message, and the unbound wearable device is selected to send a Bluetooth connection request, that is, the bound wearable device is filtered out.
在发送的蓝牙连接请求中可以携带智能手机的连接信息,该连接信息可以采用智能手机的蓝牙MAC地址。The connection information of the smart phone can be carried in the sent Bluetooth connection request, and the connection information can adopt the Bluetooth MAC address of the smart phone.
可穿戴设备收到蓝牙连接请求后,蓝牙连接建立成功,可以返回一个连接建立成功的响应(图中未示出)。上述过程是智能手机和可穿戴设备的蓝牙连接建立过程。After the wearable device receives the Bluetooth connection request, the Bluetooth connection is successfully established, and a response to successful connection establishment (not shown) can be returned. The above process is a Bluetooth connection establishment process for smartphones and wearable devices.
在305中,智能手机在与可穿戴设备建立蓝牙连接后,发送智能手机的标识信息给可穿戴设备。In 305, after establishing a Bluetooth connection with the wearable device, the smart phone sends the identification information of the smart phone to the wearable device.
其中智能手机的标识信息可以采用但不限于:智能手机的MAC地址、智能手机的出厂序列号、智能手机的IMEI(International Mobile Equipment Identity,移动设备国际身份码)、智能手机的UDID(唯一设备识别符)、用户账户信息(用户登录APP所采用的账户信息,该APP可以运行于智能手机中执行本发明所提供的方法流程)等。The identification information of the smart phone may be, but not limited to, the MAC address of the smart phone, the serial number of the smart phone, the IMEI of the smart phone (International Mobile Equipment Identity), the UDID of the smart phone (the unique device identification) The user account information (the account information used by the user to log in to the APP, the APP can be run in a smartphone to execute the method flow provided by the present invention) and the like.
在306中,可穿戴设备判断本地是否已经存储有绑定关系,如果没有,则说明该智能手机未被认证过,因此可以向智能手机返回未绑定的信息。对于已经保存有绑定关系的情况将在图5所示实施例中描述。In 306, the wearable device determines whether the binding relationship has been stored locally. If not, the smart phone is not authenticated, so unbound information can be returned to the smartphone. The case where the binding relationship has been saved will be described in the embodiment shown in FIG.
在307中,智能手机接收到未绑定的信息之后,发送认证信息给可穿戴设备。In 307, after receiving the unbound information, the smartphone sends the authentication information to the wearable device.
对于智能手机与可穿戴设备的第一次绑定,智能手机可以将自身的标识信息携带在认证信息中发送给可穿戴设备。即对应上述的第一种认证方式。For the first binding of the smart phone and the wearable device, the smart phone can carry its own identification information in the authentication information and send it to the wearable device. That is, it corresponds to the first authentication method described above.
也可以采用上述第二种认证方式,即智能手机和可穿戴设备可以预先约定加解密方法,智能手机可以公钥和自身的私钥对智能手机的标识信息和时间戳进行加密,将加密得到的密文信息、智能手机的标识信息和时间戳构成的明文信息以及公钥发送给可穿戴设备。这种方式仅为利用非对称加密方式的一个实例,也可以采用对称加密方式或者其他信息。The second authentication method may also be adopted, that is, the smart phone and the wearable device may pre-agreed the encryption and decryption method, and the smart phone may encrypt the identification information and the time stamp of the smart phone by using the public key and the private key thereof, and encrypt the obtained information. The ciphertext information, the identification information of the smart phone, and the plaintext information composed of the time stamp and the public key are sent to the wearable device. This method is only an example of using asymmetric encryption, or it can use symmetric encryption or other information.
在308中,可穿戴设备判断是否在设定时间内接收到认证信息,如果在设定时间内接收到认证信息,则执行309。如果未在设定时间内接收到认证信息,则执行310。In 308, the wearable device determines whether the authentication information is received within the set time, and if the authentication information is received within the set time, executes 309. If the authentication information is not received within the set time, execute 310.
在309中,可穿戴设备断开与智能手机建立的蓝牙连接。In 309, the wearable device disconnects the Bluetooth connection established with the smartphone.
在310中,可穿戴设备对接收到的认证信息进行认证,如果认证通过,则在本地保存与智能手机的绑定关系,并向智能手机返回认证成功的信息。In 310, the wearable device authenticates the received authentication information, and if the authentication passes, the binding relationship with the smart phone is saved locally, and the information that the authentication succeeds is returned to the smart phone.
在保存与智能手机的绑定关系时,可以在本地保存智能手机的标识信息。When saving the binding relationship with the smartphone, the identification information of the smartphone can be saved locally.
在311中,智能手机接收到认证成功的信息后,保存与可穿戴设备的绑定关系。 In 311, after receiving the information that the authentication succeeds, the smart phone saves the binding relationship with the wearable device.
在智能手机保存的绑定关系可以包含可穿戴设备的连接信息,还可以包含可穿戴设备的标识信息。The binding relationship saved on the smartphone may include connection information of the wearable device, and may also include identification information of the wearable device.
更进一步地,智能手机还可以将保存的与可穿戴设备的绑定关系发送给服务器进行保存,从而进行后续的备份或其他业务。Further, the smart phone can also send the saved binding relationship with the wearable device to the server for saving, thereby performing subsequent backup or other services.
图4为本发明实施例提供的另一种方法的详细流程图,该流程为智能手机与可穿戴设备尚未绑定(例如,智能手机与可穿戴设备第一次连接)的实施例,本实施例与图3所示实施例的区别为智能手机与可穿戴设备建立蓝牙连接的方式不同。如图4中所示,该方法可以包括以下步骤:4 is a detailed flowchart of another method according to an embodiment of the present invention. The process is an embodiment in which a smart phone and a wearable device are not bound (for example, a first connection between a smart phone and a wearable device), and the implementation is implemented. The difference between the example and the embodiment shown in FIG. 3 is that the manner in which the smart phone establishes a Bluetooth connection with the wearable device is different. As shown in Figure 4, the method can include the following steps:
在401中,可穿戴设备开启蓝牙功能后,提供包含可穿戴设备的连接信息的二维码。In 401, after the wearable device turns on the Bluetooth function, the two-dimensional code including the connection information of the wearable device is provided.
本步骤适用于具备显示屏的可穿戴设备,可穿戴设备可以将包含自身连接信息的二维码显示在屏幕上,供手机设备扫描。其中,可穿戴设备的连接信息可以包括可穿戴设备的蓝牙MAC地址。This step is applicable to a wearable device with a display device. The wearable device can display a QR code containing its own connection information on the screen for scanning by the mobile device. The connection information of the wearable device may include a Bluetooth MAC address of the wearable device.
另外,除了二维码之外,还可以采用诸如条形码等其他信息码形式。In addition, in addition to the two-dimensional code, other information code forms such as a barcode may be employed.
在402中,智能手机扫描二维码,解析得到可穿戴设备的连接信息。In 402, the smartphone scans the two-dimensional code and parses the connection information of the wearable device.
在403中,智能手机利用可穿戴设备的连接信息,向可穿戴设备发送蓝牙连接请求。In 403, the smartphone transmits a Bluetooth connection request to the wearable device using the connection information of the wearable device.
后续步骤404~410与图3所示流程中305至311一致,不再赘述。The subsequent steps 404-410 are consistent with the processes 305 to 311 in the process shown in FIG. 3, and are not described again.
图5为本发明实施例提供的再一种方法的详细流程图,该流程为智能手机已与可穿戴设备绑定的实施例,如图5中所示,该方法可以包括以下步骤:FIG. 5 is a detailed flowchart of still another method according to an embodiment of the present invention. The process is an embodiment in which a smart phone is bound to a wearable device. As shown in FIG. 5, the method may include the following steps:
在501中,可穿戴设备开启蓝牙功能后,等待智能手机发起蓝牙扫描。In 501, after the wearable device turns on the Bluetooth function, it waits for the smart phone to initiate a Bluetooth scan.
在502中,智能手机利用本地保存的与可穿戴设备的绑定关系,向可穿戴设备发送蓝牙连接请求。In 502, the smartphone transmits a Bluetooth connection request to the wearable device using a locally stored binding relationship with the wearable device.
如果智能手机已与可穿戴设备绑定,那么智能手机本地已经保存的绑定关系中包含该可穿戴设备的连接信息,可以直接利用该可穿戴设备的连接信息,向可穿戴设备发送蓝牙连接请求。If the smart phone is already bound to the wearable device, the connection information saved by the smart phone locally includes the connection information of the wearable device, and the connection information of the wearable device can be directly used to send the Bluetooth connection request to the wearable device. .
在503中,可穿戴设备与智能手机在与可穿戴设备建立蓝牙连接后,等待在设定时长内接收智能手机的认证信息。In 503, the wearable device and the smart phone wait for receiving the authentication information of the smart phone within a set time period after establishing a Bluetooth connection with the wearable device.
在504中,智能手机将智能手机的标识信息发送给可穿戴设备。At 504, the smartphone transmits the identification information of the smartphone to the wearable device.
在505中,可穿戴设备判断本地是否存在绑定关系,本实施例中是已经存在绑定关系的情形,因此可穿戴设备进一步根据接收到的智能手机的标识信息,判断是否已与该智能手机绑定,如果是,则可穿戴设备与智能手机之间可以进行通信;如果否,执行506。 In 505, the wearable device determines whether there is a binding relationship in the local area. In this embodiment, the binding relationship exists. Therefore, the wearable device further determines, according to the identifier information of the received smart phone, whether the smart phone is connected to the smart phone. Binding, if yes, communication between the wearable device and the smartphone; if not, execution 506.
如果可穿戴设备本地已经存在绑定关系,说明可穿戴设备已经与某个智能手机绑定,为了保证安全性,需要禁止除了已绑定智能手机之外的其他设备进行蓝牙通信。在本步骤中实际上就是将接收到的智能手机的标识信息与本地保存的绑定关系进行比对,如果一致,则可穿戴设备与智能手机之间可以进行通信,否则执行506。If the wearable device already has a binding relationship locally, the wearable device is already bound to a certain smart phone. To ensure security, it is necessary to prohibit Bluetooth communication other than the bound smart phone. In this step, the identification information of the received smart phone is actually compared with the locally saved binding relationship. If they are consistent, communication between the wearable device and the smart phone can be performed, otherwise, 506 is performed.
在506中,可穿戴设备断开与智能手机之间的蓝牙连接。At 506, the wearable device disconnects from the Bluetooth connection with the smartphone.
需要说明的是,在上述各实施例中,智能手机发送给可穿戴设备的智能手机的标识信息可以是加密后的信息,也可以是非加密的信息。It should be noted that, in the foregoing embodiments, the identifier information of the smart phone sent by the smart phone to the wearable device may be encrypted information or non-encrypted information.
在上述各实施例中,智能手机与可穿戴设备之间的绑定关系可以解除,可以由可穿戴设备端触发,例如当用户在可穿戴设备端手工重置绑定关系,那么可穿戴设备就会接收到重置指令,则删除可穿戴设备保存的绑定关系。也可以由智能手机端触发,例如当用户在智能手机端手工重置绑定关系,那么智能手机就会接收到重置指令,则删除智能手机保存的与可穿戴设备的绑定关系,并向可穿戴设备发送解绑定请求。可穿戴设备接收到智能手机的解绑定请求后,解除保存的绑定关系。In the foregoing embodiments, the binding relationship between the smart phone and the wearable device may be released, and may be triggered by the wearable device. For example, when the user manually resets the binding relationship on the wearable device, the wearable device is After receiving the reset command, the binding relationship saved by the wearable device is deleted. It can also be triggered by the smart phone. For example, when the user manually resets the binding relationship on the smart phone, the smart phone receives the reset command, and deletes the binding relationship between the smart phone and the wearable device, and The wearable device sends an unbinding request. After the wearable device receives the unbinding request from the smartphone, the saved binding relationship is released.
以上是对本发明提供的方法进行的详细描述,下面对本发明提供的装置进行详细描述。The above is a detailed description of the method provided by the present invention, and the apparatus provided by the present invention will be described in detail below.
图6为本发明实施例提供的一种装置结构图,该装置可以设置于上述第一通信设备,如图6中所示,该装置可以包括:接收单元01、认证单元02、第一判断单元03和控制单元04,还可以包括绑定单元05、发送单元06、第二判断单元07、第三判断单元08和连接建立单元09。其中各组成单元的主要功能如下:FIG. 6 is a structural diagram of a device according to an embodiment of the present invention. The device may be configured on the first communications device. As shown in FIG. 6, the device may include: a receiving unit 01, an authentication unit 02, and a first determining unit. 03 and the control unit 04 may further include a binding unit 05, a transmitting unit 06, a second determining unit 07, a third determining unit 08, and a connection establishing unit 09. The main functions of each component are as follows:
接收单元01负责接收第二通信设备的认证信息。认证单元02负责对接收单元接收到的认证信息进行认证。The receiving unit 01 is responsible for receiving the authentication information of the second communication device. The authentication unit 02 is responsible for authenticating the authentication information received by the receiving unit.
其中认证信息可以包括第二通信设备的标识信息,认证单元02在对认证信息进行认证时,判断第一通信设备是否保存有绑定关系,如果否,则认证通过;如果是,则进一步判断保存的绑定关系是否为与所述第二通信设备的绑定关系,如果否,则认证失败;如果是,则认证通过。The authentication information may include the identification information of the second communication device, and the authentication unit 02 determines whether the first communication device stores the binding relationship when authenticating the authentication information, and if not, the authentication passes; if yes, further determines the saving. Whether the binding relationship is a binding relationship with the second communication device, and if not, the authentication fails; if yes, the authentication passes.
或者,认证信息可以包括:明文信息以及对明文信息进行加密后得到的密文信息。相应地,认证单元02在对认证信息进行认证时,可以对密文信息进行解密,比较解密得到的明文信息与认证信息携带的明文信息是否一致,如果一致,则认证通过,否则认证失败。Alternatively, the authentication information may include: plaintext information and ciphertext information obtained by encrypting the plaintext information. Correspondingly, when authenticating the authentication information, the authentication unit 02 can decrypt the ciphertext information, and compare whether the plaintext information obtained by the decryption is consistent with the plaintext information carried in the authentication information. If the authentication is consistent, the authentication is passed, otherwise the authentication fails.
为了保证认证过程的安全性,上述明文信息可以包括随机数,或者包括随机数和第 二通信设备的标识信息。认证单元02采用的解密方法可以是对称加密算法,例如DES、AES等,也可以是非对称加密算法,例如RSA等。以非对称算法为例,第二通信设备生成一个密钥对:公钥和第二通信设备的私钥;然后利用公钥和第二通信设备的私钥对上述的明文信息进行加密,将得到的密文信息与明文信息、上述公钥一起发送给第一通信设备。第一通信设备利用接收到的公钥和第一通信设备的私钥对上述密文信息进行解密,将得到的明文信息与接收到的明文信息进行比较,如果一致,则认证通过,否则认证失败。In order to ensure the security of the authentication process, the above plaintext information may include a random number, or include a random number and a Identification information of the second communication device. The decryption method adopted by the authentication unit 02 may be a symmetric encryption algorithm, such as DES, AES, or the like, or an asymmetric encryption algorithm, such as RSA. Taking the asymmetric algorithm as an example, the second communication device generates a key pair: the public key and the private key of the second communication device; and then encrypts the above plaintext information by using the public key and the private key of the second communication device, and The ciphertext information is sent to the first communication device together with the plaintext information and the public key. The first communication device decrypts the ciphertext information by using the received public key and the private key of the first communication device, and compares the obtained plaintext information with the received plaintext information. If the information is consistent, the authentication passes, otherwise the authentication fails. .
第一判断单元03负责在第一通信设备与第二通信设备之间建立近距离通信连接后,判断接收单元01是否在预设时长内未接收到第二通信设备的认证信息,或者接收到第二通信设备的认证信息但认证失败。The first determining unit 03 is responsible for determining whether the receiving unit 01 does not receive the authentication information of the second communication device within the preset time period after establishing the short-range communication connection between the first communication device and the second communication device, or receives the first The authentication information of the second communication device but the authentication fails.
在第一判断单元03的判断结果为是时,控制单元04可以断开近距离通信连接。在第一判断单元03判断出第一通信设备在设定时长内接收到第二通信设备的认证信息且认证成功时,绑定单元05可以保存与第二通信设备之间的绑定关系,并且发送单元06向第二通信设备发送认证成功的信息。其中绑定关系中可以包含第二通信设备的标识信息。When the determination result of the first judging unit 03 is YES, the control unit 04 can disconnect the short-range communication connection. When the first determining unit 03 determines that the first communication device receives the authentication information of the second communication device within the set duration and the authentication is successful, the binding unit 05 may save the binding relationship with the second communication device, and The transmitting unit 06 transmits information indicating that the authentication is successful to the second communication device. The binding relationship may include the identifier information of the second communication device.
更进一步地,接收单元01可以接收第二通信设备的标识信息;在接收单元01接收到第二通信设备的标识信息时,第二判断单元07判断绑定单元05是否保存有绑定关系。如果第二判断单元07的判断结果为否,接收单元01则等待在预设时长内接收第二通信设备的认证信息;并且发送单元06向第二通信设备发送未绑定的信息。Further, the receiving unit 01 may receive the identification information of the second communication device; when the receiving unit 01 receives the identification information of the second communication device, the second determining unit 07 determines whether the binding unit 05 holds the binding relationship. If the determination result of the second judging unit 07 is NO, the receiving unit 01 waits to receive the authentication information of the second communication device within the preset time period; and the transmitting unit 06 transmits the unbound information to the second communication device.
在第二判断单元07的判断结果为是时,第三判断单元08判断绑定单元05保存的绑定关系是否为与第二通信设备的绑定关系,如果是,则控制单元04允许在上述近距离通信连接上的数据通讯;否则,断开上述近距离通信连接。When the determination result of the second judging unit 07 is YES, the third judging unit 08 judges whether the binding relationship held by the binding unit 05 is a binding relationship with the second communication device, and if so, the control unit 04 allows the above. Data communication on the short-range communication connection; otherwise, disconnect the above-mentioned short-range communication connection.
另外,该装置还可以包括解绑定单元(图中未示出),解绑定单元负责接收到重置指令(例如用户在第一通信设备上手动重置绑定关系),或者接收单元01接收到第二通信设备发送的解除绑定请求时,删除保存的第一通信设备与第二通信设备之间的绑定关系。In addition, the apparatus may further include an unbinding unit (not shown), the unbinding unit is responsible for receiving the reset instruction (eg, the user manually resets the binding relationship on the first communication device), or the receiving unit 01 When the unbinding request sent by the second communication device is received, the binding relationship between the saved first communication device and the second communication device is deleted.
连接建立单元09主要负责建立第一通信设备与第二通信设备的上述近距离通信连接。可以采用但不限于以下两种方式:The connection establishing unit 09 is primarily responsible for establishing the above-described close-range communication connection between the first communication device and the second communication device. It can be used but not limited to the following two ways:
第一种方式:连接建立单元09显示包含第一通信设备的连接信息的信息码,以便第二通信设备扫描并利用得到的第一通信设备的连接信息建立近距离通信连接。 The first mode: the connection establishing unit 09 displays an information code containing the connection information of the first communication device, so that the second communication device scans and uses the obtained connection information of the first communication device to establish a short-range communication connection.
第二种方式:连接建立单元09接收到第二通信设备的扫描信息后,向第二通信设备发送包含第一通信设备的连接信息的扫描回应信息,以便第二通信设备利用第一通信设备的连接信息建立近距离通信连接。The second mode: after receiving the scan information of the second communication device, the connection establishing unit 09 sends scan response information including the connection information of the first communication device to the second communication device, so that the second communication device utilizes the first communication device. The connection information establishes a short-range communication connection.
本实施例中上述的近距离通信连接可以包括但不限于:蓝牙连接、红外连接、或者Zigbee。The above-mentioned short-range communication connection in this embodiment may include, but is not limited to, a Bluetooth connection, an infrared connection, or a Zigbee.
图7为本发明实施例提供的另一种装置结构图,该装置可以设置于第二通信设备,如图7中所示,该装置可以包括:发送单元11,还可以包括接收单元12、绑定单元13和连接建立单元14。其中各组成单元的主要功能如下:FIG. 7 is a structural diagram of another apparatus according to an embodiment of the present invention. The apparatus may be disposed on a second communication device. As shown in FIG. 7, the apparatus may include: a sending unit 11, and may further include a receiving unit 12 and The unit 13 and the connection establishing unit 14 are provided. The main functions of each component are as follows:
发送单元11负责在第二通信设备与第一通信设备之间建立近距离通信连接后,将第二通信设备的认证信息发送给第一通信设备。The sending unit 11 is responsible for transmitting the authentication information of the second communication device to the first communication device after establishing the short-range communication connection between the second communication device and the first communication device.
其中认证信息可以包括第二通信设备的标识信息。The authentication information may include identification information of the second communication device.
或者,认证信息可以包括:明文信息以及对明文信息进行加密后得到的密文信息。明文信息可以包括随机数,或者包括随机数和第二通信设备的标识信息。加密所采用的方法包括:对称加密算法或非对称加密算法;当采用非对称加密算法时,认证信息还包括公钥信息。Alternatively, the authentication information may include: plaintext information and ciphertext information obtained by encrypting the plaintext information. The plaintext information may include a random number or include the random number and identification information of the second communication device. The methods used for encryption include: a symmetric encryption algorithm or an asymmetric encryption algorithm; when an asymmetric encryption algorithm is used, the authentication information also includes public key information.
接收单元12负责接收第一通信设备返回的认证成功的信息。在接收单元12接收到第一通信设备返回的认证成功的信息后,绑定单元13保存与第一通信设备的绑定关系。该绑定关系中可以包括第一通信设备的连接信息,例如第一通信设备的近场通信MAC地址,还可以包括第一通信设备的标识信息。The receiving unit 12 is responsible for receiving the information of the successful authentication returned by the first communication device. After the receiving unit 12 receives the information of the authentication success returned by the first communication device, the binding unit 13 saves the binding relationship with the first communication device. The binding relationship may include connection information of the first communication device, such as a near field communication MAC address of the first communication device, and may further include identification information of the first communication device.
发送单元11还可以将第二通信设备与第一通信设备的绑定关系发送给服务器端进行保存。The sending unit 11 can also send the binding relationship between the second communication device and the first communication device to the server for saving.
在第二通信设备与第一通信设备之间建立近距离通信连接后,发送单元11可以将第二通信设备的标识信息发送给第一通信设备;若接收单元12接收到第一通信设备发送的未绑定的信息,则发送单元11执行将第二通信设备的认证信息发送给第一通信设备。After the second communication device establishes a short-range communication connection with the first communication device, the sending unit 11 may send the identification information of the second communication device to the first communication device; if the receiving unit 12 receives the first communication device, The unbound information transmits the authentication information of the second communication device to the first communication device.
另外,该装置还可以包括解绑定单元(图中未示出),解绑定单元接收到重置指令(例如用户在第二通信设备端手动重置绑定关系)时,则删除第二通信设备保存的绑定关系,并触发发送单元11向第一通信设备发送解除绑定请求。In addition, the device may further include an unbinding unit (not shown), and when the unbinding unit receives the reset instruction (for example, the user manually resets the binding relationship on the second communication device side), the second is deleted. The binding relationship held by the communication device, and the triggering sending unit 11 sends an unbinding request to the first communication device.
连接建立单元14主要负责建立第一通信设备与第二通信设备之间的近场通信连接,如果尚未与第一通信设备关联,则可以采用但不限于以下两种方式:The connection establishing unit 14 is mainly responsible for establishing a near field communication connection between the first communication device and the second communication device. If it is not already associated with the first communication device, the following two methods may be adopted:
第一种方式:扫描第一通信设备提供的信息码;利用从信息码中解析得到的第一通 信设备的连接信息,建立近距离通信连接。The first way: scanning the information code provided by the first communication device; using the first pass obtained from the information code The connection information of the letter device establishes a short-range communication connection.
第二种方式:进行近距离通信扫描;从接收到的扫描回应信息中获取第一通信设备的连接信息;利用第一通信设备的连接信息,建立近距离通信连接。The second mode: performing short-range communication scanning; acquiring connection information of the first communication device from the received scan response information; and establishing a short-distance communication connection by using connection information of the first communication device.
如果第一通信设备已经与第二通信设备关联,则连接建立单元14可以利用绑定单元保存的与第一通信设备的绑定关系,建立近距离通信连接。If the first communication device has been associated with the second communication device, the connection establishing unit 14 may establish a close-range communication connection using the binding relationship with the first communication device saved by the binding unit.
在本实施例中,上述近距离通信连接可以包括但不限于:蓝牙连接、红外连接、或者Zigbee。In this embodiment, the short-range communication connection may include, but is not limited to, a Bluetooth connection, an infrared connection, or a Zigbee.
由以上描述可以看出,本发明提供的方法和装置可以具备以下优点:As can be seen from the above description, the method and apparatus provided by the present invention can have the following advantages:
1)本发明能够在两个通信设备建立近距离通信连接后,若一方在设定时间内未接收到另一方发送的认证信息或者接收到认证信息但认证失败,则断开上述近距离通信连接。也就是说,只有采用上述认证机制且认证通过的设备才能够在建立的近距离通信连接上进行通信,提高了近距离通信的安全性。1) The present invention can disconnect the short-range communication connection after the two communication devices establish a short-range communication connection, if one party does not receive the authentication information sent by the other party within the set time or receives the authentication information but the authentication fails. . That is to say, only devices that adopt the above authentication mechanism and pass authentication can communicate on the established short-range communication connection, which improves the security of short-range communication.
2)另外,诸如可穿戴设备等第一通信设备,如果已与某一通信设备绑定,则其他通信设备就无法与该第一通信设备进行近距离通信,只有与该第一通信设备绑定的设备才能够与第一通信设备进行近距离通信,更进一步保证了安全性。2) In addition, the first communication device, such as a wearable device, if it is bound to a certain communication device, the other communication device cannot communicate with the first communication device in close proximity, and only binds to the first communication device. The device can communicate with the first communication device in close proximity, further ensuring security.
3)本发明还提供了一种通过扫描二维码建立近距离通信连接的方式,使得近距离通信连接的建立更具有针对性。3) The present invention also provides a way to establish a short-range communication connection by scanning a two-dimensional code, so that the establishment of a short-range communication connection is more targeted.
在本发明所提供的几个实施例中,应该理解到,所揭露的系统,装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。In the several embodiments provided by the present invention, it should be understood that the disclosed system, apparatus, and method may be implemented in other manners. For example, the device embodiments described above are merely illustrative. For example, the division of the unit is only a logical function division, and the actual implementation may have another division manner.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用硬件加软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of hardware plus software functional units.
上述以软件功能单元的形式实现的集成的单元,可以存储在一个计算机可读取存储介质中。上述软件功能单元存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)或处理器(processor)执行本发 明各个实施例所述方法的部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。The above-described integrated unit implemented in the form of a software functional unit can be stored in a computer readable storage medium. The above software functional unit is stored in a storage medium and includes a plurality of instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to execute the present invention. Part of the steps of the method described in the various examples. The foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .
以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本发明保护的范围之内。 The above are only the preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalents, improvements, etc., which are made within the spirit and principles of the present invention, should be included in the present invention. Within the scope of protection.

Claims (50)

  1. 一种近距离通信的建立方法,其特征在于,该方法包括:A method for establishing short-range communication, characterized in that the method comprises:
    第一通信设备与第二通信设备之间建立近距离通信连接后,若所述第一通信设备在预设时长内未接收到所述第二通信设备的认证信息,或者接收到所述第二通信设备的认证信息但认证失败,则断开所述近距离通信连接。After establishing a short-range communication connection between the first communication device and the second communication device, if the first communication device does not receive the authentication information of the second communication device within a preset time period, or receives the second If the authentication information of the communication device fails but the authentication fails, the short-range communication connection is disconnected.
  2. 根据权利要求1所述的方法,其特征在于,该方法还包括:The method of claim 1 further comprising:
    若所述第一通信设备在设定时长内接收到所述第二通信设备的认证信息且认证成功,则保存与所述第二通信设备之间的绑定关系,并向所述第二通信设备返回认证成功的信息。And if the first communication device receives the authentication information of the second communication device within the set duration and the authentication is successful, saving a binding relationship with the second communication device, and transmitting the second communication The device returns information indicating that the authentication is successful.
  3. 根据权利要求2所述的方法,其特征在于,第一通信设备与第二通信设备之间建立近距离通信连接后,该方法还包括:The method of claim 2, wherein after the first communication device establishes a short-range communication connection with the second communication device, the method further includes:
    所述第一通信设备接收所述第二通信设备的标识信息,判断所述第一通信设备是否保存有绑定关系,如果否,则向所述第二通信设备发送未绑定的信息,并等待在所述预设时长内接收所述第二通信设备的认证信息。The first communication device receives the identification information of the second communication device, determines whether the first communication device stores a binding relationship, and if not, sends unbound information to the second communication device, and Waiting to receive the authentication information of the second communication device within the preset duration.
  4. 根据权利要求3所述的方法,其特征在于,如果判断出所述第一通信设备保存有绑定关系,则进一步判断所述绑定关系是否为与所述第二通信设备的绑定关系,如果是,则允许在所述近距离通信连接上的数据通讯;如果否,则断开所述近距离通信连接。The method according to claim 3, wherein if it is determined that the first communication device holds a binding relationship, it is further determined whether the binding relationship is a binding relationship with the second communication device, If so, data communication over the short-range communication connection is allowed; if not, the short-range communication connection is broken.
  5. 根据权利要求1所述的方法,其特征在于,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息;The method according to claim 1, wherein the authentication information comprises: plaintext information and ciphertext information obtained by encrypting the plaintext information;
    所述第一通信设备在对所述认证信息进行认证时,对所述密文信息进行解密,比较解密得到的明文信息与所述认证信息携带的明文信息是否一致,如果一致,则认证通过,否则认证失败。When the first communication device authenticates the authentication information, the ciphertext information is decrypted, and the plaintext information obtained by the decryption is compared with the plaintext information carried in the authentication information. If the information is consistent, the authentication is passed. Otherwise the authentication fails.
  6. 根据权利要求5所述的方法,其特征在于,所述明文信息包括随机数,或者包括随机数和所述第二通信设备的标识信息。The method according to claim 5, wherein the plaintext information comprises a random number or comprises a random number and identification information of the second communication device.
  7. 根据权利要求5所述的方法,其特征在于,所述加密和所述解密所采用的方法包括:对称加密算法或非对称加密算法;The method according to claim 5, wherein the method for encrypting and decrypting comprises: a symmetric encryption algorithm or an asymmetric encryption algorithm;
    当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
  8. 根据权利要求1所述的方法,其特征在于,所述认证信息包括:所述第二通信设备的标识信息;The method according to claim 1, wherein the authentication information comprises: identification information of the second communication device;
    所述第一通信设备在对所述认证信息进行认证时,判断所述第一通信设备是否保存 有绑定关系,如果否,则认证通过;如果是,则进一步判断所述绑定关系是否为与所述第二通信设备的绑定关系,如果否,则认证失败。When the first communication device authenticates the authentication information, it is determined whether the first communication device is saved. There is a binding relationship, if not, the authentication is passed; if yes, it is further determined whether the binding relationship is a binding relationship with the second communication device, and if not, the authentication fails.
  9. 根据权利要求2、3、4或8所述的方法,其特征在于,该方法还包括:The method of claim 2, 3, 4 or 8, wherein the method further comprises:
    若所述第一通信设备接收到重置指令,或者接收到所述第二通信设备发送的解除绑定请求,则删除保存的所述第一通信设备与所述第二通信设备之间的绑定关系。Deleting the saved binding between the first communication device and the second communication device if the first communication device receives the reset instruction or receives the unbinding request sent by the second communication device Relationship.
  10. 根据权利要求1至8任一权项所述的方法,其特征在于,该方法还包括:The method according to any one of claims 1 to 8, wherein the method further comprises:
    所述第一通信设备显示包含第一通信设备的连接信息的信息码,以便所述第二通信设备扫描并利用得到的第一通信设备的连接信息建立所述近距离通信连接。The first communication device displays an information code including connection information of the first communication device, so that the second communication device scans and utilizes the obtained connection information of the first communication device to establish the short-range communication connection.
  11. 根据权利要求1至8任一权项所述的方法,其特征在于,该方法还包括:The method according to any one of claims 1 to 8, wherein the method further comprises:
    所述第一通信设备接收到所述第二通信设备的扫描信息后,向所述第二通信设备发送包含第一通信设备的连接信息的扫描回应信息,以便所述第二通信设备利用所述第一通信设备的连接信息建立所述近距离通信连接。After receiving the scan information of the second communication device, the first communication device sends scan response information including connection information of the first communication device to the second communication device, so that the second communication device utilizes the The connection information of the first communication device establishes the short-range communication connection.
  12. 根据权利要求1至8任一权项所述的方法,其特征在于,所述近距离通信连接包括:蓝牙连接、红外连接、或者Zigbee。The method of any of claims 1 to 8, wherein the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
  13. 一种近距离通信的建立方法,其特征在于,该方法还包括:A method for establishing short-range communication, characterized in that the method further comprises:
    第二通信设备与第一通信设备之间建立近距离通信连接后,所述第二通信设备在预设时长内将所述第二通信设备的认证信息发送给所述第一通信设备。After the second communication device establishes a short-range communication connection with the first communication device, the second communication device sends the authentication information of the second communication device to the first communication device within a preset time period.
  14. 根据权利要求13所述的方法,其特征在于,该方法还包括:The method of claim 13 further comprising:
    所述第二通信设备接收到所述第一通信设备返回的认证成功的信息后,保存与所述第一通信设备的绑定关系。After receiving the information that the first communication device returns the authentication success, the second communication device saves the binding relationship with the first communication device.
  15. 根据权利要求13所述的方法,其特征在于,该方法还包括:The method of claim 13 further comprising:
    所述第二通信设备将与所述第一通信设备的绑定关系发送给服务器端进行保存。The second communication device sends the binding relationship with the first communication device to the server for saving.
  16. 根据权利要求13所述的方法,其特征在于,所述第二通信设备与所述第一通信设备之间建立近距离通信连接后,该方法还包括:所述第二通信设备将所述第二通信设备的标识信息发送给所述第一通信设备;The method according to claim 13, wherein after the second communication device establishes a short-range communication connection with the first communication device, the method further comprises: the second communication device Sending identification information of the second communication device to the first communication device;
    若接收到所述第一通信设备发送的未绑定的信息,则执行所述将所述第二通信设备的认证信息发送给所述第一通信设备。And if the unbound information sent by the first communications device is received, performing the sending the authentication information of the second communications device to the first communications device.
  17. 根据权利要求13所述的方法,其特征在于,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息。The method according to claim 13, wherein the authentication information comprises: plaintext information and ciphertext information obtained by encrypting the plaintext information.
  18. 根据权利要求17所述的方法,其特征在于,所述明文信息包括随机数,或者 包括随机数和所述第二通信设备的标识信息。The method according to claim 17, wherein said plaintext information comprises a random number, or A random number and identification information of the second communication device are included.
  19. 根据权利要求17所述的方法,其特征在于,所述加密所采用的方法包括:对称加密算法或非对称加密算法;The method according to claim 17, wherein the method used for the encryption comprises: a symmetric encryption algorithm or an asymmetric encryption algorithm;
    当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
  20. 根据权利要求13所述的方法,其特征在于,所述认证信息包括:所述第二通信设备的标识信息。The method according to claim 13, wherein the authentication information comprises: identification information of the second communication device.
  21. 根据权利要求14或15所述的方法,其特征在于,若所述第二通信设备接收到重置指令,则删除所述第二通信设备保存的与所述第一通信设备的绑定关系,并向所述第一通信设备发送解除绑定请求。The method according to claim 14 or 15, wherein if the second communication device receives the reset command, deleting the binding relationship with the first communication device saved by the second communication device, And sending an unbinding request to the first communication device.
  22. 根据权利要求13至20任一权项所述的方法,其特征在于,该方法还包括:The method of any of claims 13 to 20, further comprising:
    所述第二通信设备扫描所述第一通信设备提供的信息码;The second communication device scans an information code provided by the first communication device;
    利用从所述信息码中解析得到的第一通信设备的连接信息,建立所述近距离通信连接。The short-range communication connection is established using connection information of the first communication device parsed from the information code.
  23. 根据权利要求13至20任一权项所述的方法,其特征在于,该方法还包括:The method of any of claims 13 to 20, further comprising:
    所述第二通信设备进行近距离通信扫描;The second communication device performs a short-range communication scan;
    从接收到的扫描回应信息中获取第一通信设备的连接信息;Obtaining connection information of the first communication device from the received scan response information;
    利用所述第一通信设备的连接信息,建立所述近距离通信连接。The proximity communication connection is established using connection information of the first communication device.
  24. 根据权利要求13所述的方法,其特征在于,所述第二通信设备利用本地保存的与所述第一通信设备的绑定关系,建立所述近距离通信连接。The method of claim 13 wherein said second communication device establishes said short-range communication connection using a locally stored binding relationship with said first communication device.
  25. 根据权利要求13至20任一权项所述的方法,其特征在于,所述近距离通信连接包括:蓝牙连接、红外连接、或者Zigbee。The method of any of claims 13 to 20, wherein the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
  26. 一种近距离通信的建立装置,该装置设置于第一通信设备,其特征在于,该装置包括:A device for establishing a short-range communication, the device being disposed in the first communication device, wherein the device comprises:
    接收单元,用于接收所述第二通信设备的认证信息;a receiving unit, configured to receive authentication information of the second communications device;
    认证单元,用于对所述接收单元接收到的认证信息进行认证;An authentication unit, configured to authenticate the authentication information received by the receiving unit;
    第一判断单元,用于在所述第一通信设备与所述第二通信设备之间建立近距离通信连接后,判断所述接收单元是否在预设时长内未接收到所述第二通信设备的认证信息,或者接收到所述第二通信设备的认证信息但认证失败;a first determining unit, configured to determine, after the first communication device establishes a short-range communication connection between the first communication device and the second communication device, whether the receiving unit does not receive the second communication device within a preset duration Authentication information, or receiving the authentication information of the second communication device but the authentication fails;
    控制单元,用于在所述第一判断单元的判断结果为是时,断开所述近距离通信连接。And a control unit, configured to disconnect the short-range communication connection when the determination result of the first determining unit is YES.
  27. 根据权利要求26所述的装置,其特征在于,该装置还包括: The device of claim 26, further comprising:
    绑定单元,用于在所述第一判断单元判断出所述第一通信设备在设定时长内接收到所述第二通信设备的认证信息且认证成功时,保存与所述第二通信设备之间的绑定关系;a binding unit, configured to: when the first determining unit determines that the first communications device receives the authentication information of the second communications device within a set duration, and the authentication succeeds, saving the second communications device Binding relationship between;
    发送单元,用于在所述第一判断单元判断出所述第一通信设备在设定时长内接收到所述第二通信设备的认证信息且认证成功时,向所述第二通信设备发送认证成功的信息。a sending unit, configured to: when the first determining unit determines that the first communications device receives the authentication information of the second communications device within a set duration, and the authentication succeeds, sending the authentication to the second communications device Successful information.
  28. 根据权利要求27所述的装置,其特征在于,该装置还包括第二判断单元;The device according to claim 27, wherein the device further comprises a second determining unit;
    所述接收单元,还用于接收所述第二通信设备的标识信息;如果所述第二判断单元的判断结果为否,则等待在所述预设时长内接收所述第二通信设备的认证信息;The receiving unit is further configured to receive the identifier information of the second communications device, and if the determining result of the second determining unit is no, wait for receiving the authentication of the second communications device within the preset duration information;
    所述第二判断单元,用于在所述接收单元接收到所述第二通信设备的标识信息时,判断所述绑定单元是否保存有绑定关系;The second determining unit is configured to determine, when the receiving unit receives the identifier information of the second communications device, whether the binding unit saves a binding relationship;
    所述发送单元,还用于如果所述第二判断单元的判断结果为否,则向所述第二通信设备发送未绑定的信息。The sending unit is further configured to send unbound information to the second communications device if the determining result of the second determining unit is no.
  29. 根据权利要求28所述的装置,其特征在于,该装置还包括:The device of claim 28, further comprising:
    第三判断单元,用于在所述第二判断单元的判断结果为是时,判断所述绑定单元保存的绑定关系是否为与所述第二通信设备的绑定关系;a third determining unit, configured to determine, when the determination result of the second determining unit is YES, whether the binding relationship saved by the binding unit is a binding relationship with the second communication device;
    所述控制单元,还用于在所述第三判断单元的判断结果为是时,允许在所述近距离通信连接上的数据通讯;否则,断开所述近距离通信连接。The control unit is further configured to allow data communication on the short-range communication connection when the determination result of the third determining unit is YES; otherwise, disconnect the short-range communication connection.
  30. 根据权利要求26所述的装置,其特征在于,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息;The device according to claim 26, wherein the authentication information comprises: plaintext information and ciphertext information obtained by encrypting the plaintext information;
    所述认证单元在对所述认证信息进行认证时,具体用于:对所述密文信息进行解密,比较解密得到的明文信息与所述认证信息携带的明文信息是否一致,如果一致,则认证通过,否则认证失败。The authentication unit, when authenticating the authentication information, is specifically configured to: decrypt the ciphertext information, and compare whether the plaintext information obtained by the decryption is consistent with the plaintext information carried in the authentication information, and if they are consistent, the authentication is performed. Passed, otherwise the authentication failed.
  31. 根据权利要求30所述的装置,其特征在于,所述明文信息包括随机数,或者包括随机数和所述第二通信设备的标识信息。The apparatus according to claim 30, wherein the plaintext information comprises a random number or comprises a random number and identification information of the second communication device.
  32. 根据权利要求30所述的装置,其特征在于,所述认证单元采用的解密方法包括对称加密算法或非对称加密算法;The apparatus according to claim 30, wherein the decryption method adopted by the authentication unit comprises a symmetric encryption algorithm or an asymmetric encryption algorithm;
    当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
  33. 根据权利要求26所述的装置,其特征在于,所述认证信息包括:所述第二通信设备的标识信息; The device according to claim 26, wherein the authentication information comprises: identification information of the second communication device;
    所述认证单元在对所述认证信息进行认证时,判断所述第一通信设备是否保存有绑定关系,如果否,则认证通过;如果是,则进一步判断所述绑定关系是否为与所述第二通信设备的绑定关系,如果否,则认证失败。When the authentication unit authenticates the authentication information, it is determined whether the first communication device stores a binding relationship, and if not, the authentication passes; if yes, further determines whether the binding relationship is The binding relationship of the second communication device is described. If not, the authentication fails.
  34. 根据权利要求27、28、29或33所述的装置,其特征在于,该装置还包括:解绑定单元,用于接收到重置指令,或者所述接收单元接收到所述第二通信设备发送的解除绑定请求时,删除所述第一通信设备与所述第二通信设备之间的绑定关系。The apparatus according to claim 27, 28, 29 or 33, characterized in that the apparatus further comprises: an unbinding unit for receiving a reset instruction, or the receiving unit receives the second communication device When the unbinding request is sent, the binding relationship between the first communication device and the second communication device is deleted.
  35. 根据权利要求26至33任一权项所述的装置,其特征在于,该装置还包括:The device according to any one of claims 26 to 33, further comprising:
    连接建立单元,用于显示包含第一通信设备的连接信息的信息码,以便所述第二通信设备扫描并利用得到的第一通信设备的连接信息建立所述近距离通信连接。And a connection establishing unit, configured to display an information code including connection information of the first communication device, so that the second communication device scans and uses the obtained connection information of the first communication device to establish the short-range communication connection.
  36. 根据权利要求26至33任一权项所述的装置,其特征在于,该装置还包括:The device according to any one of claims 26 to 33, further comprising:
    连接建立单元,用于接收到所述第二通信设备的扫描信息后,向所述第二通信设备发送包含第一通信设备的连接信息的扫描回应信息,以便所述第二通信设备利用所述第一通信设备的连接信息建立所述近距离通信连接。a connection establishing unit, configured to send scan response information including connection information of the first communication device to the second communication device, after receiving the scan information of the second communication device, so that the second communication device utilizes the The connection information of the first communication device establishes the short-range communication connection.
  37. 根据权利要求26至33任一权项所述的装置,其特征在于,所述近距离通信连接包括:蓝牙连接、红外连接、或者Zigbee。The apparatus according to any one of claims 26 to 33, wherein the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
  38. 一种近距离通信的建立装置,该装置设置于第二通信设备,其特征在于,该装置包括:A device for establishing a short-range communication, the device being disposed in a second communication device, wherein the device comprises:
    发送单元,用于在所述第二通信设备与第一通信设备之间建立近距离通信连接后,将所述第二通信设备的认证信息发送给所述第一通信设备。And a sending unit, configured to send the authentication information of the second communications device to the first communications device after establishing a short-range communication connection between the second communications device and the first communications device.
  39. 根据权利要求38所述的装置,其特征在于,该装置还包括:The device of claim 38, further comprising:
    接收单元,用于接收所述第一通信设备返回的认证成功的信息;a receiving unit, configured to receive information about successful authentication returned by the first communications device;
    绑定单元,用于在所述接收单元接收到所述第一通信设备返回的认证成功的信息后,保存与所述第一通信设备的绑定关系。And a binding unit, configured to save a binding relationship with the first communications device after the receiving unit receives the information that the first communication device returns the authentication success.
  40. 根据权利要求38所述的装置,其特征在于,所述发送单元,还用于将所述第二通信设备与所述第一通信设备的绑定关系发送给服务器端进行保存。The device according to claim 38, wherein the sending unit is further configured to send a binding relationship between the second communication device and the first communication device to a server for saving.
  41. 根据权利要求38所述的装置,其特征在于,该装置还包括接收单元;The device according to claim 38, characterized in that the device further comprises a receiving unit;
    所述发送单元,还用于在所述第二通信设备与所述第一通信设备之间建立近距离通信连接后,将所述第二通信设备的标识信息发送给所述第一通信设备;若所述接收单元接收到所述第一通信设备发送的未绑定的信息,则执行所述将所述第二通信设备的认证信息发送给所述第一通信设备。 The sending unit is further configured to send the identifier information of the second communications device to the first communications device after establishing a short-range communication connection between the second communications device and the first communications device; And if the receiving unit receives the unbound information sent by the first communications device, performing the sending the authentication information of the second communications device to the first communications device.
    所述接收单元,还用于接收所述第一通信设备发送的未绑定的信息。The receiving unit is further configured to receive unbound information sent by the first communications device.
  42. 根据权利要求38所述的装置,其特征在于,所述认证信息包括:明文信息以及对所述明文信息进行加密后得到的密文信息。The device according to claim 38, wherein the authentication information comprises: plaintext information and ciphertext information obtained by encrypting the plaintext information.
  43. 根据权利要求42所述的装置,其特征在于,所述明文信息包括随机数,或者包括随机数和所述第二通信设备的标识信息。The apparatus according to claim 42, wherein the plaintext information comprises a random number or comprises a random number and identification information of the second communication device.
  44. 根据权利要求42所述的装置,其特征在于,所述加密所采用的方法包括:对称加密算法或非对称加密算法;The apparatus according to claim 42, wherein the method used for the encryption comprises: a symmetric encryption algorithm or an asymmetric encryption algorithm;
    当采用所述非对称加密算法时,所述认证信息还包括公钥信息。When the asymmetric encryption algorithm is employed, the authentication information further includes public key information.
  45. 根据权利要求38所述的装置,其特征在于,所述认证信息包括:所述第二通信设备的标识信息。The apparatus according to claim 38, wherein said authentication information comprises: identification information of said second communication device.
  46. 根据权利要求39或40所述的装置,其特征在于,该装置还包括:The device according to claim 39 or 40, wherein the device further comprises:
    解绑定单元,用于接收到重置指令,则删除所述第一通信设备与所述第二通信设备的绑定关系,并触发所述发送单元向所述第一通信设备发送解除绑定请求。An unbinding unit, configured to delete a binding relationship between the first communications device and the second communications device, and trigger the sending unit to send an unbinding to the first communications device request.
  47. 根据权利要求38至45任一权项所述的装置,其特征在于,该装置还包括:The device according to any one of claims 38 to 45, further comprising:
    连接建立单元,用于扫描所述第一通信设备提供的信息码;利用从所述信息码中解析得到的第一通信设备的连接信息,建立所述近距离通信连接。a connection establishing unit, configured to scan an information code provided by the first communication device; and establish the short-range communication connection by using connection information of the first communication device that is parsed from the information code.
  48. 根据权利要求38至45任一权项所述的装置,其特征在于,该装置还包括:The device according to any one of claims 38 to 45, further comprising:
    连接建立单元,用于进行近距离通信扫描;从接收到的扫描回应信息中获取第一通信设备的连接信息;利用所述第一通信设备的连接信息,建立所述近距离通信连接。a connection establishing unit, configured to perform a short-range communication scan; acquire connection information of the first communication device from the received scan response information; and establish the short-range communication connection by using connection information of the first communication device.
  49. 根据权利要求38所述的装置,其特征在于,该装置还包括:The device of claim 38, further comprising:
    连接建立单元,用于利用所述绑定单元保存的与所述第一通信设备的绑定关系,建立所述近距离通信连接。And a connection establishing unit, configured to establish the short-range communication connection by using a binding relationship with the first communications device that is saved by the binding unit.
  50. 根据权利要求38至45任一权项所述的装置,其特征在于,所述近距离通信连接包括:蓝牙连接、红外连接、或者Zigbee。 The apparatus according to any one of claims 38 to 45, wherein the short-range communication connection comprises: a Bluetooth connection, an infrared connection, or a Zigbee.
PCT/CN2016/101445 2015-10-12 2016-10-08 Near field communication establishing method and device WO2017063517A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510657435.8 2015-10-12
CN201510657435.8A CN106572427B (en) 2015-10-12 2015-10-12 Method and device for establishing near field communication

Publications (1)

Publication Number Publication Date
WO2017063517A1 true WO2017063517A1 (en) 2017-04-20

Family

ID=58508255

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/101445 WO2017063517A1 (en) 2015-10-12 2016-10-08 Near field communication establishing method and device

Country Status (2)

Country Link
CN (1) CN106572427B (en)
WO (1) WO2017063517A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109299593A (en) * 2018-11-20 2019-02-01 努比亚技术有限公司 Bracelet unlocking method, Intelligent bracelet and readable storage medium storing program for executing
CN111540458A (en) * 2020-04-02 2020-08-14 出门问问信息科技有限公司 Information processing method and device, electronic equipment and computer storage medium

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110611903B (en) * 2018-06-15 2022-07-15 中兴通讯股份有限公司 Equipment binding method, device, equipment and storage medium
CN110177000A (en) * 2019-05-21 2019-08-27 重庆邮电大学 A kind of encrypted transmission method of wearable device
CN110139261B (en) * 2019-06-06 2024-02-20 深圳诺康医疗设备股份有限公司 Bluetooth equipment, bluetooth mobile terminal, bluetooth quick connection system and Bluetooth quick connection method
CN110602689B (en) * 2019-07-30 2021-01-05 华为技术有限公司 Method and device for safely operating equipment
CN112965358B (en) * 2019-11-28 2023-01-20 Oppo广东移动通信有限公司 Wearable device, control method, and computer-readable storage medium
CN112672333B (en) * 2020-12-15 2023-08-25 三维通信股份有限公司 Equipment connection method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102869014A (en) * 2012-09-18 2013-01-09 东莞宇龙通信科技有限公司 Terminal and data communication method
CN102983890A (en) * 2012-11-14 2013-03-20 北京小米科技有限责任公司 Method and device of pairing connection of equipment
WO2015100210A1 (en) * 2013-12-28 2015-07-02 Intel Corporation Extending user authentication across a trust group of smart devices
CN105430603A (en) * 2015-12-03 2016-03-23 北京握奇智能科技有限公司 Secure connection method and system for Bluetooth equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102869014A (en) * 2012-09-18 2013-01-09 东莞宇龙通信科技有限公司 Terminal and data communication method
CN102983890A (en) * 2012-11-14 2013-03-20 北京小米科技有限责任公司 Method and device of pairing connection of equipment
WO2015100210A1 (en) * 2013-12-28 2015-07-02 Intel Corporation Extending user authentication across a trust group of smart devices
CN105430603A (en) * 2015-12-03 2016-03-23 北京握奇智能科技有限公司 Secure connection method and system for Bluetooth equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109299593A (en) * 2018-11-20 2019-02-01 努比亚技术有限公司 Bracelet unlocking method, Intelligent bracelet and readable storage medium storing program for executing
CN109299593B (en) * 2018-11-20 2023-06-09 努比亚技术有限公司 Bracelet unlocking method, intelligent bracelet and readable storage medium
CN111540458A (en) * 2020-04-02 2020-08-14 出门问问信息科技有限公司 Information processing method and device, electronic equipment and computer storage medium

Also Published As

Publication number Publication date
CN106572427B (en) 2020-03-31
CN106572427A (en) 2017-04-19

Similar Documents

Publication Publication Date Title
WO2017063517A1 (en) Near field communication establishing method and device
US10182255B2 (en) Method, terminal, and system for communication pairing of a digital television terminal and a mobile terminal
US10715654B1 (en) Methods and devices for secure authentication to a compute device
US8595810B1 (en) Method for automatically updating application access security
WO2017045539A1 (en) Identity authentication method and device
WO2017071208A1 (en) Authentication method, device, server, system and storage medium
CN108763917B (en) Data encryption and decryption method and device
US9294474B1 (en) Verification based on input comprising captured images, captured audio and tracked eye movement
CN105634737B (en) Data transmission method, terminal and system
US20140310793A1 (en) Application login method and apparatus, and mobile terminal therefor
EP2963959A1 (en) Method, configuration device, and wireless device for establishing connection between devices
WO2017185577A1 (en) Esim card data sharing method, and related device and system
JP2013535860A (en) Indirect device communication
EP3282737B1 (en) Information processing device, authentication device, system, information processing method, program, and authentication method
US20180288593A1 (en) Remote control method and apparatus and mobile terminal
US10772141B2 (en) System and method for peer-to-peer wireless communication
US20130262876A1 (en) Method, Apparatus, and System for Performing Authentication on Bound Data Card and Mobile Host
WO2019056957A1 (en) Data processing and identity authentication methods and systems, and terminal
WO2014154073A1 (en) System for securely accessing network address, and device and method therein
CA2701061A1 (en) Method and system for recovering a security credential
CN105577619B (en) Client login method, client and system
JP6397046B2 (en) Address book protection method, apparatus and communication system
US9280645B1 (en) Local and remote verification
CN106685897B (en) Safe input method, device and system
WO2017050152A1 (en) Password security system adopted by mobile apparatus and secure password entering method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16854896

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16854896

Country of ref document: EP

Kind code of ref document: A1