WO2018058796A1 - Intelligent hardware apparatus-based security system employing proximity recognition matching - Google Patents

Intelligent hardware apparatus-based security system employing proximity recognition matching Download PDF

Info

Publication number
WO2018058796A1
WO2018058796A1 PCT/CN2016/109841 CN2016109841W WO2018058796A1 WO 2018058796 A1 WO2018058796 A1 WO 2018058796A1 CN 2016109841 W CN2016109841 W CN 2016109841W WO 2018058796 A1 WO2018058796 A1 WO 2018058796A1
Authority
WO
WIPO (PCT)
Prior art keywords
smart terminal
hardware device
account
smart
intelligent
Prior art date
Application number
PCT/CN2016/109841
Other languages
French (fr)
Chinese (zh)
Inventor
朱峰
朱俊岗
朱俊岭
余建美
Original Assignee
南京物联传感技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 南京物联传感技术有限公司 filed Critical 南京物联传感技术有限公司
Publication of WO2018058796A1 publication Critical patent/WO2018058796A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Definitions

  • the invention belongs to the technical field of smart home control systems, in particular to a near-identification matching security system based on intelligent hardware devices.
  • the present invention provides a near-identification matching security system based on an intelligent hardware device, the security system including two mutually connected gateway devices, intelligent terminals and hardware devices, between hardware devices and intelligent terminals, and gateway devices and Both smart terminals need to perform both account and record authentication;
  • the intelligent terminal When the intelligent terminal requests to control the hardware device, it needs to pass the account authentication and the record authentication at the same time;
  • the foregoing smart terminal is connected to the hardware device and logged in through an account and a password, and the hardware device recognizes the smart terminal. Whether the terminal is a registered intelligent terminal, that is, whether the ID number of the smart terminal is recorded, and if it has been filed, the hardware device can be controlled by the smart terminal.
  • the foregoing security system further includes a server for data storage, account management, and record authentication management; the server is respectively connected to the gateway device, the intelligent terminal and the hardware device, between the hardware device and the intelligent terminal, and between the gateway device and the intelligent terminal, Account and filing are required for authentication, and the account and filing information are stored in the server.
  • the smart terminal or the gateway device When the smart terminal or the gateway device establishes a connection with the smart terminal for the first time, or is configured for the first time, the smart terminal is the primary user of the security system, and the primary user can allow or reject the registration and filing request of other users through the smart terminal held by the primary user. At the same time, the primary user can also authorize and set the operation rights of other users.
  • the security system of the invention can be verified and matched by two-factor authentication, on the one hand, through account registration, setting account and password for login and management, and on the other hand, judging intelligent terminal and gateway or intelligence through space, geographical distance or signal strength through close connection Whether the actual distance of the hardware is the effective distance. If the effective distance is used, the ID number of the intelligent terminal is stored and stored.
  • the intelligent hardware can be controlled; avoid the illegal activities of the bad personnel or hackers through the stolen account password, resulting in the loss of the user's economic property; improve the security and stability of the smart home system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The present invention discloses an intelligent hardware apparatus-based security system employing proximity recognition matching. The system comprises a gateway apparatus, an intelligent terminal and a hardware apparatus, each of which connected to the other two devices in the system. The intelligent terminal needs to simultaneously pass account verification and record verification when requesting to control the hardware apparatus, and to simultaneously pass account verification and record verification when requesting to control the hardware apparatus through the gateway apparatus. The account verification comprises performing account registration and setting passwords for two parties intending to establish a connection therebetween, wherein the account registration and passwords are used for logging in and management. The record verification comprises determining, based on space or geographic distances and signal intensities of two parties intending to establish a connection therebetween, an actual distance between the two parties, determining whether the actual distance is within a predetermined valid distance, and establishing a record if the actual distance is a valid distance. The present invention solves the issue of security risks in networks by employing a twofold verification matching process, preventing malicious individuals from stealing account passwords for illegal activities and causing economic property losses.

Description

一种基于智能硬件设备就近识别匹配安全系统A smart hardware device based near identification matching security system 技术领域Technical field
本发明属于智能家居控制系统技术领域,尤其是一种基于智能硬件设备就近识别匹配安全系统。The invention belongs to the technical field of smart home control systems, in particular to a near-identification matching security system based on intelligent hardware devices.
背景技术Background technique
随着科技的飞速发展,智能家居已逐步走入普通家庭,智能家居系统是利用先进的计算机技术、网络通讯技术、综合布线技术、医疗电子技术依照人体工程学原理,融合个性需求,将与家居生活有关的各个子系统如安防、灯光控制、窗帘控制、煤气阀控制、信息家电、场景联动、地板采暖、健康保健、卫生防疫、安防保安等有机地结合在一起,通过网络化综合智能控制和管理,实现“以人为本”的全新家居生活体验。With the rapid development of science and technology, smart home has gradually entered the ordinary family. The smart home system utilizes advanced computer technology, network communication technology, integrated wiring technology, medical electronic technology according to ergonomic principles, and integrates individual needs. Life-related subsystems such as security, lighting control, curtain control, gas valve control, information appliances, scene linkage, floor heating, health care, sanitation and epidemic prevention, security and security, etc. are organically combined through networked integrated intelligent control and Management, to achieve a "people-oriented" new home life experience.
随着网络技术的发展和应用,越来越多的智能设备接入到互联网中,我们在享受网络服务的时候,伴随而来的是网络安全问题,个人的安全信息越来越容易被泄露,对应于智能硬件设备的黑客行为越来越普遍,智能硬件产品的安全问题日益突出。针对智能设备存在的安全隐患问题,目前尚未提出有效的解决方案。With the development and application of network technology, more and more smart devices are connected to the Internet. When we enjoy network services, we are accompanied by network security issues, and personal security information is more and more easily leaked. The hacking behavior corresponding to intelligent hardware devices is becoming more and more common, and the security issues of intelligent hardware products are becoming increasingly prominent. In view of the security risks of smart devices, no effective solution has been proposed yet.
发明内容Summary of the invention
本发明所要解决的技术问题是,克服现有技术的缺点,提供一种基于智能硬件设备就近识别匹配安全系统,通过双重认证进行验证匹配,以解决网络存在安全隐患的问题,防止不良人员盗用账号密码进行非法活动从而造成经济财产损失。The technical problem to be solved by the present invention is to overcome the shortcomings of the prior art, to provide a smart security device based near identification and matching security system, to perform verification and matching through two-factor authentication, to solve the problem of network security risks, and to prevent unauthorized persons from stealing accounts. The password is illegally carried out, resulting in loss of economic property.
为了解决以上技术问题,本发明提供一种基于智能硬件设备就近识别匹配安全系统,安全系统包括两两相互连接的网关设备、智能终端及硬件设备,硬件设备与智能终端之间,以及网关设备与智能终端之间,均需要进行账号和备案两种认证;In order to solve the above technical problem, the present invention provides a near-identification matching security system based on an intelligent hardware device, the security system including two mutually connected gateway devices, intelligent terminals and hardware devices, between hardware devices and intelligent terminals, and gateway devices and Both smart terminals need to perform both account and record authentication;
智能终端请求控制硬件设备时,需要同时通过账号认证和备案认证;When the intelligent terminal requests to control the hardware device, it needs to pass the account authentication and the record authentication at the same time;
智能终端通过网关设备请求控制硬件设备时,需要同时通过账号认证和备案认证;When the intelligent terminal requests to control the hardware device through the gateway device, it needs to pass the account authentication and the record authentication at the same time;
账号认证为建立连接的两方进行账户注册并设置密码,用于登录和管理;Account authentication for the two parties who establish the connection to register the account and set a password for login and management;
备案认证为建立连接的两方通过空间或地理距离以及信号强度判断两方之间的实际距离,并判断该实际距离是否在预设置的有效距离内,若该实际距离为有效距离则建立备案。The registration verification determines the actual distance between the two parties through the spatial or geographic distance and the signal strength, and determines whether the actual distance is within the preset effective distance. If the actual distance is the effective distance, the record is established.
本发明进一步限定的技术方案是:The technical solution further defined by the present invention is:
前述智能终端与硬件设备连接并通过账户和密码进行登录,同时硬件设备识别该智能终 端是否为已备案智能终端,即识别该智能终端的ID号是否已备案,若已备案,则硬件设备可受控于该智能终端。The foregoing smart terminal is connected to the hardware device and logged in through an account and a password, and the hardware device recognizes the smart terminal. Whether the terminal is a registered intelligent terminal, that is, whether the ID number of the smart terminal is recorded, and if it has been filed, the hardware device can be controlled by the smart terminal.
前述智能终端与网关设备连接且网关设备连接硬件设备,智能终端通过账户和密码登录网关设备,同时网关设备识别该智能终端是否为已备案智能终端,即识别该智能终端的ID号是否已备案,若已备案,则智能终端可通过网关设备控制硬件设备。The smart terminal is connected to the gateway device and the gateway device is connected to the hardware device. The smart terminal logs in to the gateway device through the account and the password, and the gateway device identifies whether the smart terminal is a registered intelligent terminal, that is, whether the ID number of the smart terminal is recorded. If it has been filed, the smart terminal can control the hardware device through the gateway device.
进一步的,further,
前述安全系统还包括服务器,服务器用于数据存储、账号管理及备案认证管理;服务器分别连接网关设备、智能终端及硬件设备,硬件设备与智能终端之间,以及网关设备与智能终端之间,均需要进行账号和备案两种认证,账号及备案信息存储在服务器中。The foregoing security system further includes a server for data storage, account management, and record authentication management; the server is respectively connected to the gateway device, the intelligent terminal and the hardware device, between the hardware device and the intelligent terminal, and between the gateway device and the intelligent terminal, Account and filing are required for authentication, and the account and filing information are stored in the server.
当智能终端直接请求控制硬件设备时,该智能终端与硬件设备连接并通过账户和密码进行登录,硬件设备从服务器中调取账号信息进行比对认证,同时将该智能终端的ID号与服务器中已备案的ID号进行比对,若账号及备案认证都通过,则硬件设备可受控于该智能终端。When the smart terminal directly requests to control the hardware device, the smart terminal connects with the hardware device and logs in through the account and the password, and the hardware device retrieves the account information from the server for comparison and authentication, and simultaneously sets the ID number of the smart terminal and the server. The registered ID numbers are compared. If the account number and the registration certificate are both passed, the hardware device can be controlled by the smart terminal.
当智能终端通过网关设备请求控制硬件设备时,智能终端与网关设备连接且网关设备连接硬件设备,智能终端通过账户和密码登录网关设备,网关设备从服务器中调取账号信息进行比对认证,同时将该智能终端的ID号与服务器中已备案的ID号进行比对,若账号及备案认证都通过,则智能终端可通过网关设备控制硬件设备。When the smart terminal requests to control the hardware device through the gateway device, the smart terminal is connected to the gateway device and the gateway device is connected to the hardware device, and the smart terminal logs in to the gateway device through the account and the password, and the gateway device retrieves the account information from the server for comparison and authentication. The ID number of the smart terminal is compared with the ID number recorded in the server. If both the account and the record authentication pass, the smart terminal can control the hardware device through the gateway device.
前述智能终端或网关设备首次与智能终端建立连接、或者首次进行配置时,该智能终端为本安全系统的主用户,主用户可通过其持有的智能终端允许或拒绝其他用户的注册、备案请求,同时主用户还可授权并设置其他用户的操作权限。When the smart terminal or the gateway device establishes a connection with the smart terminal for the first time, or is configured for the first time, the smart terminal is the primary user of the security system, and the primary user can allow or reject the registration and filing request of other users through the smart terminal held by the primary user. At the same time, the primary user can also authorize and set the operation rights of other users.
完成注册及备案的其他用户所持有的智能终端,在请求控制硬件设备时,该硬件设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或者仅发送通知信息告知主用户;完成注册及备案的其他用户所持有的智能终端,在请求通过网关设备控制硬件设备时,该网关设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或者仅发送通知信息告知主用户。The smart terminal held by other users who complete registration and filing, when requesting to control the hardware device, the hardware device simultaneously sends an acknowledgement message to the smart terminal held by the primary user, requests confirmation from the primary user, or only sends notification information. Informing the primary user; the intelligent terminal held by other users who complete the registration and filing, when requesting to control the hardware device through the gateway device, the gateway device simultaneously sends a confirmation message to the smart terminal held by the primary user, requesting the primary user Confirm, or only send notification information to the primary user.
前述硬件设备与智能终端之间、以及网关设备与智能终端之间,通过无线通讯方式进行连接。The foregoing hardware device and the intelligent terminal, and between the gateway device and the intelligent terminal are connected by wireless communication.
前述智能终端包括智能手机、智能手表、pad或PC。 The aforementioned smart terminal includes a smart phone, a smart watch, a pad or a PC.
本发明的有益效果是:The beneficial effects of the invention are:
本发明安全系统可通过双重认证进行验证匹配,一方面通过账户注册,设置账号和密码进行登录和管理,另一方面通过近距离连接,通过空间、地理距离或信号强度判断智能终端与网关或智能硬件的实际距离是否为有效距离,若为有效距离则对智能终端的ID号进行备案存储,当用户对智能硬件发出控制请求时,需要对账户和备案同时进行认证,两者都认证通过后,方可对智能硬件进行控制;避免不良人员或黑客通过盗取的账号密码来进行非法活动,造成用户的经济财产损失;提高智能家居系统的安全稳定性。The security system of the invention can be verified and matched by two-factor authentication, on the one hand, through account registration, setting account and password for login and management, and on the other hand, judging intelligent terminal and gateway or intelligence through space, geographical distance or signal strength through close connection Whether the actual distance of the hardware is the effective distance. If the effective distance is used, the ID number of the intelligent terminal is stored and stored. When the user issues a control request to the intelligent hardware, the account and the record need to be authenticated at the same time. The intelligent hardware can be controlled; avoid the illegal activities of the bad personnel or hackers through the stolen account password, resulting in the loss of the user's economic property; improve the security and stability of the smart home system.
附图说明DRAWINGS
图1为本发明的原理示意图一;Figure 1 is a schematic diagram 1 of the principle of the present invention;
图2为本发明的原理示意图二;Figure 2 is a schematic diagram 2 of the principle of the present invention;
图3为智能终端的示意图;3 is a schematic diagram of a smart terminal;
图4为本发明系统的工作流程图。Figure 4 is a flow chart showing the operation of the system of the present invention.
具体实施方式detailed description
实施例1Example 1
本实施例提供一种基于智能硬件设备就近识别匹配安全系统,如图1、图4所示,安全系统包括两两相互连接的网关设备、智能终端及硬件设备,硬件设备与智能终端之间,以及网关设备与智能终端之间,均需要进行账号和备案两种认证,账号和备案信息存储在网关设备或硬件设备中;智能终端请求控制硬件设备时,需要与硬件设备中存储的账号和备案信息进行比对,同时通过账号认证和备案认证;智能终端通过网关设备请求控制硬件设备时,需要与网关设备中存储的账号和备案信息进行比对,并同时通过账号认证和备案认证;账号认证为建立连接的两方进行账户注册并设置密码,用于登录和管理;备案认证为建立连接的两方通过空间或地理距离以及信号强度判断两方之间的实际距离,并判断该实际距离是否在预设置的有效距离内,若该实际距离为有效距离则建立备案。The embodiment provides a smart device based on the nearest identification and matching security system. As shown in FIG. 1 and FIG. 4 , the security system includes two connected gateway devices, an intelligent terminal, and a hardware device, and between the hardware device and the smart terminal. And between the gateway device and the intelligent terminal, both the account and the record are required to be authenticated, and the account and the record information are stored in the gateway device or the hardware device; when the smart terminal requests to control the hardware device, the account and the file stored in the hardware device are required to be recorded. The information is compared, and the account authentication and the record authentication are performed at the same time; when the smart terminal requests to control the hardware device through the gateway device, it needs to compare with the account and the record information stored in the gateway device, and simultaneously pass the account authentication and the record authentication; the account authentication Register the account for the two parties to establish the connection and set the password for login and management; the record authentication determines the actual distance between the two parties through the spatial or geographic distance and the signal strength, and determines whether the actual distance is Within the preset effective distance, if the actual distance is Effect from the established record.
前述智能终端与硬件设备连接并通过账户和密码进行登录,同时硬件设备识别该智能终端是否为已备案智能终端,即识别该智能终端的ID号是否已备案,若已备案,则硬件设备可受控于该智能终端。The smart terminal is connected to the hardware device and logs in through the account and the password, and the hardware device identifies whether the smart terminal is a registered intelligent terminal, that is, whether the ID number of the smart terminal is recorded, and if the file is registered, the hardware device can be affected. Controlled by the smart terminal.
前述智能终端与网关设备连接且网关设备连接硬件设备,智能终端通过账户和密码登录网关设备,同时网关设备识别该智能终端是否为已备案智能终端,即识别该智能终端的ID号 是否已备案,若已备案,则智能终端可通过网关设备控制硬件设备。The smart terminal is connected to the gateway device and the gateway device is connected to the hardware device. The smart terminal logs in to the gateway device through the account and the password, and the gateway device identifies whether the smart terminal is a registered intelligent terminal, that is, identifies the ID number of the smart terminal. Whether it has been filed, if it has been filed, the intelligent terminal can control the hardware device through the gateway device.
如图3所示,前述智能终端或网关设备首次与智能终端建立连接、或者首次进行配置时,该智能终端为本安全系统的主用户,主用户可通过其持有的智能终端允许或拒绝其他用户的注册、备案请求,同时主用户还可授权并设置其他用户的操作权限。As shown in FIG. 3, when the smart terminal or the gateway device establishes a connection with the smart terminal for the first time, or is configured for the first time, the smart terminal is the primary user of the security system, and the primary user can allow or reject the other through the smart terminal held by the primary user. The user's registration and filing request, and the primary user can also authorize and set the operation rights of other users.
完成注册及备案的其他用户所持有的智能终端,在请求控制硬件设备时,该硬件设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或者仅发送通知信息告知主用户;完成注册及备案的其他用户所持有的智能终端,在请求通过网关设备控制硬件设备时,该网关设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或者仅发送通知信息告知主用户。The smart terminal held by other users who complete registration and filing, when requesting to control the hardware device, the hardware device simultaneously sends an acknowledgement message to the smart terminal held by the primary user, requests confirmation from the primary user, or only sends notification information. Informing the primary user; the intelligent terminal held by other users who complete the registration and filing, when requesting to control the hardware device through the gateway device, the gateway device simultaneously sends a confirmation message to the smart terminal held by the primary user, requesting the primary user Confirm, or only send notification information to the primary user.
前述硬件设备与智能终端之间、以及网关设备与智能终端之间,通过无线通讯方式进行连接,如WiFi、蓝牙等。前述智能终端包括智能手机、智能手表、pad或PC。The foregoing hardware device and the smart terminal, and between the gateway device and the smart terminal are connected by wireless communication, such as WiFi, Bluetooth, and the like. The aforementioned smart terminal includes a smart phone, a smart watch, a pad or a PC.
当用户通过智能手机采用WiFi近距离连接网关摄像机(带网关功能的摄像机)时,智能手机首次与网关摄像机建立连接,对网关摄像机进行首次配置,进行账号注册,设置账户和密码,同时对该智能手机的ID号进行备案,并完成账号和备案信息的存储,该智能手机持有者为主用户;主用户可通过其持有的智能手机控制该网关摄像机进行画面实时传输以及拍摄角度设置等。若有其他用户想要连接该网关摄像机并进行账号注册,则该网关摄像机发送请求信息至主用户持有的智能手机待其确认,且其他用户想要近距离与网关摄像机建立连接并进行ID号备案也需要主用户持有的智能手机确认方可进行,主用户确认后,可对其他用户的使用权限进行设置。若有其他用户仅持有已注册的账号意图对网关摄像机进行控制,但其ID号未被备案,则不能成功;同时网关摄像机发送报警信息至主用户持有的智能手机上,通知主用户这一异常情况。When the user uses WiFi to connect the gateway camera (camera with gateway function) through the smart phone, the smartphone establishes a connection with the gateway camera for the first time, configures the gateway camera for the first time, registers the account, sets the account and password, and simultaneously sets the smart The ID number of the mobile phone is recorded, and the account and the record information are stored. The smart phone holder is the main user; the main user can control the gateway camera to perform real-time screen transmission and shooting angle setting through the smart phone held by the main user. If another user wants to connect to the gateway camera and register the account, the gateway camera sends the request message to the smartphone held by the primary user for confirmation, and other users want to establish a connection with the gateway camera at a close distance and carry the ID number. The filing also requires the confirmation of the smartphone held by the primary user. After the primary user confirms, the usage rights of other users can be set. If another user only holds the registered account and intends to control the gateway camera, but the ID number is not recorded, it will not succeed; at the same time, the gateway camera sends an alarm message to the smart phone held by the primary user to notify the primary user. An abnormal situation.
当用户通过智能手机采用蓝牙近距离直接连接智能音响(带蓝牙功能)时,智能手机首次与智能音响建立连接,对智能音响进行首次配置,进行账号注册,设置账户和密码,同时智能音响对该智能手机的ID号进行备案,并完成账号和备案信息的存储,该智能手机持有者为主用户;主用户可通过其持有的智能手机控制该智能音响进行打开、关闭、音量调节等。若有其他用户想要连接该智能音响并进行账号注册,则该智能音响发送请求信息至主用户持有的智能手机待其确认,且其他用户想要近距离与智能音响建立连接并进行ID号备案也需要主用户持有的智能手机确认方可进行,主用户确认后,可对其他用户的使用权限进行设置。 若有其他用户仅持有已注册的账号意图对智能音响进行控制,但其ID号未被备案,则不能成功;同时智能音响发送报警信息至主用户持有的智能手机上,通知主用户这一异常情况。When the user directly connects the smart speaker (with Bluetooth function) through the smart phone using Bluetooth, the smart phone establishes a connection with the smart phone for the first time, configures the smart phone for the first time, registers the account, sets the account and password, and simultaneously the smart speaker The ID number of the smart phone is recorded, and the account and the record information are stored. The smart phone holder is the main user; the main user can control the smart sound to turn on, off, and adjust the volume through the smart phone held by the main user. If another user wants to connect to the smart speaker and register the account, the smart speaker sends the request message to the smart phone held by the primary user for confirmation, and other users want to establish a connection with the smart speaker at a close distance and carry the ID number. The filing also requires the confirmation of the smartphone held by the primary user. After the primary user confirms, the usage rights of other users can be set. If other users only hold the registered account with the intention to control the intelligent audio, but the ID number is not recorded, it will not succeed; at the same time, the intelligent audio sends the alarm information to the smart phone held by the primary user to notify the primary user. An abnormal situation.
实施例2Example 2
本实施例提供一种基于智能硬件设备就近识别匹配安全系统,如图2、图4所示,安全系统包括两两相互连接的网关设备、智能终端及硬件设备,系统还包括服务器,服务器用于数据存储、账号管理及备案认证管理;服务器分别连接网关设备、智能终端及硬件设备;硬件设备与智能终端之间,以及网关设备与智能终端之间,均需要进行账号和备案两种认证,账号及备案信息存储在服务器中。The embodiment provides a smart device based on the nearest identification and matching security system. As shown in FIG. 2 and FIG. 4 , the security system includes two connected gateway devices, an intelligent terminal, and a hardware device. The system further includes a server, and the server is used by the server. Data storage, account management and record authentication management; the server is connected to the gateway device, the intelligent terminal and the hardware device respectively; between the hardware device and the intelligent terminal, and between the gateway device and the intelligent terminal, both the account and the record are required to be authenticated, and the account is required. And the filing information is stored in the server.
智能终端请求控制硬件设备时,需要从服务器中调取账号和备案信息进行比对,并通过账号认证和备案认证;智能终端通过网关设备请求控制硬件设备时,需要从服务器中调取账号和备案信息进行比对,并通过账号认证和备案认证;账号认证为建立连接的两方进行账户注册并设置密码,用于登录和管理;备案认证为建立连接的两方通过空间或地理距离以及信号强度判断两方之间的实际距离,并判断该实际距离是否在预设置的有效距离内,若该实际距离为有效距离则建立备案。When the intelligent terminal requests to control the hardware device, the account and the record information need to be retrieved from the server for comparison, and the account authentication and the record authentication are performed; when the smart terminal requests to control the hardware device through the gateway device, the account and the record need to be retrieved from the server. The information is compared and authenticated by the account and the registration is authenticated; the account authentication is used to establish the connection between the two parties for account registration and password setting for login and management; the record authentication is the space or geographical distance and signal strength of the two parties establishing the connection. Determine the actual distance between the two parties, and determine whether the actual distance is within the preset effective distance. If the actual distance is the effective distance, the record is established.
当智能终端直接请求控制硬件设备时,该智能终端与硬件设备连接并通过账户和密码进行登录,硬件设备从服务器中调取账号信息进行比对认证,同时将该智能终端的ID号与服务器中已备案的ID号进行比对,若账号及备案认证都通过,则硬件设备可受控于该智能终端。When the smart terminal directly requests to control the hardware device, the smart terminal connects with the hardware device and logs in through the account and the password, and the hardware device retrieves the account information from the server for comparison and authentication, and simultaneously sets the ID number of the smart terminal and the server. The registered ID numbers are compared. If the account number and the registration certificate are both passed, the hardware device can be controlled by the smart terminal.
当智能终端通过网关设备请求控制硬件设备时,智能终端与网关设备连接且网关设备连接硬件设备,智能终端通过账户和密码登录网关设备,网关设备从服务器中调取账号信息进行比对认证,同时将该智能终端的ID号与服务器中已备案的ID号进行比对,若账号及备案认证都通过,则智能终端可通过网关设备控制硬件设备。When the smart terminal requests to control the hardware device through the gateway device, the smart terminal is connected to the gateway device and the gateway device is connected to the hardware device, and the smart terminal logs in to the gateway device through the account and the password, and the gateway device retrieves the account information from the server for comparison and authentication. The ID number of the smart terminal is compared with the ID number recorded in the server. If both the account and the record authentication pass, the smart terminal can control the hardware device through the gateway device.
如图3所示,前述智能终端或网关设备首次与智能终端建立连接、或者首次进行配置时,该智能终端为本安全系统的主用户,主用户可通过其持有的智能终端允许或拒绝其他用户的注册、备案请求,同时主用户还可授权并设置其他用户的操作权限。As shown in FIG. 3, when the smart terminal or the gateway device establishes a connection with the smart terminal for the first time, or is configured for the first time, the smart terminal is the primary user of the security system, and the primary user can allow or reject the other through the smart terminal held by the primary user. The user's registration and filing request, and the primary user can also authorize and set the operation rights of other users.
完成注册及备案的其他用户所持有的智能终端,在请求控制硬件设备时,该硬件设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或者仅发送通知信息告知主用户;完成注册及备案的其他用户所持有的智能终端,在请求通过网关设备控制硬件设备时,该网关设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或 者仅发送通知信息告知主用户。The smart terminal held by other users who complete registration and filing, when requesting to control the hardware device, the hardware device simultaneously sends an acknowledgement message to the smart terminal held by the primary user, requests confirmation from the primary user, or only sends notification information. Informing the primary user; the intelligent terminal held by other users who complete the registration and filing, when requesting to control the hardware device through the gateway device, the gateway device simultaneously sends a confirmation message to the smart terminal held by the primary user, requesting the primary user Confirm, or Only the notification message is sent to the primary user.
前述硬件设备与智能终端之间、以及网关设备与智能终端之间,通过无线通讯方式进行连接,如WiFi、zigbee等。前述智能终端包括智能手机、智能手表、pad或PC。The foregoing hardware device and the smart terminal, and between the gateway device and the smart terminal are connected by wireless communication, such as WiFi, zigbee, and the like. The aforementioned smart terminal includes a smart phone, a smart watch, a pad or a PC.
当用户通过智能手机采用WiFi近距离连接网关设备时,智能手机首次与网关设备建立连接,对网关设备进行首次配置,进行账号注册,设置账户和密码,同时对该智能手机的ID号进行备案,并完成账号和备案信息的存储,该智能手机持有者为主用户;主用户可通过其持有的智能手机控制与该网关设备连接的其他硬件设备,网关设备与其他硬件设备采用zigbee进行通讯连接,如:智能灯和指纹密码锁;可通过智能手机控制该智能灯的开启、关闭以及亮度调节和灯光颜色切换等,以及指纹密码锁的开启和关闭。若有其他用户想要连接该网关设备并进行账号注册,则该网关设备发送请求信息至主用户持有的智能手机待其确认,且其他用户想要近距离与网关设备建立连接并进行ID号备案也需要主用户持有的智能手机确认方可进行,主用户确认后,可对其他用户的使用权限进行设置,可设置该其他用户仅能控制智能灯或者仅能控制指纹密码锁,或者同时可控制智能灯和指纹密码锁。When the user uses WiFi to connect to the gateway device through the smart phone, the smart phone establishes a connection with the gateway device for the first time, configures the gateway device for the first time, registers the account, sets the account and password, and records the ID number of the smart phone. And storing the account and filing information, the smart phone holder is the main user; the main user can control other hardware devices connected to the gateway device through the smart phone held by the main device, and the gateway device communicates with other hardware devices by using zigbee Connections, such as smart lights and fingerprint locks; can be controlled by the smartphone to turn the smart light on and off, brightness adjustment and light color switching, and the fingerprint lock is turned on and off. If another user wants to connect to the gateway device and perform account registration, the gateway device sends the request message to the smart phone held by the primary user for confirmation, and other users want to establish a connection with the gateway device at a close distance and perform ID number. The filing also requires the confirmation of the smartphone held by the primary user. After the primary user confirms, the user's usage rights can be set. The other users can only control the smart light or can only control the fingerprint password lock, or at the same time Control smart lights and fingerprint password locks.
若有其他用户仅持有已注册的账号意图通过网关设备控制智能灯,但其ID号未被备案,则不能成功;若有其他用户仅持有已注册的账号意图通过网关设备开启指纹密码锁,或者通过指纹、密码或者钥匙进行开锁动作,但其ID号未被备案,则不能成功;同时网关设备发送报警信息至主用户持有的智能手机上,通知主用户这一异常情况。If other users only hold the registered account and intend to control the smart light through the gateway device, but the ID number is not filed, it will not succeed; if other users only hold the registered account, the fingerprint device lock is opened by the gateway device. , or unlocking by fingerprint, password or key, but the ID number is not recorded, it can not be successful; at the same time, the gateway device sends an alarm message to the smart phone held by the main user to notify the main user of the abnormal situation.
以上实施例仅为说明本发明的技术思想,不能以此限定本发明的保护范围,凡是按照本发明提出的技术思想,在技术方案基础上所做的任何改动,均落入本发明保护范围之内。 The above embodiments are only for explaining the technical idea of the present invention, and the scope of protection of the present invention is not limited thereto. Any modification made based on the technical idea according to the technical idea of the present invention falls within the protection scope of the present invention. Inside.

Claims (10)

  1. 一种基于智能硬件设备就近识别匹配安全系统,所述安全系统包括两两相互连接的网关设备、智能终端及硬件设备,其特征在于:A smart hardware device based near identification matching security system, the security system comprising two pairs of interconnected gateway devices, intelligent terminals and hardware devices, wherein:
    所述硬件设备与智能终端之间,以及网关设备与智能终端之间,均需要同时通过账号和备案两种认证;Between the hardware device and the smart terminal, and between the gateway device and the smart terminal, both the account and the record are required to be authenticated at the same time;
    所述账号认证为建立连接的两方进行账户注册并设置密码,用于登录和管理;The account authentication is to establish an account for two parties to establish a connection and set a password for login and management;
    所述备案认证为建立连接的两方通过空间或地理距离以及信号强度判断两方之间的实际距离,并判断该实际距离是否在预设置的有效距离内,若该实际距离为有效距离则建立备案。The record verification determines that the two parties establishing the connection determine the actual distance between the two parties by the spatial or geographic distance and the signal strength, and determines whether the actual distance is within the preset effective distance, and if the actual distance is the effective distance, the establishment is established. Filing.
  2. 根据权利要求1所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:所述智能终端与硬件设备连接并通过账户和密码进行登录,同时硬件设备识别该智能终端是否为已备案智能终端,即识别该智能终端的ID号是否已备案,若已备案,则硬件设备可受控于该智能终端。The intelligent hardware device-based proximity identification matching security system according to claim 1, wherein the smart terminal is connected to the hardware device and logged in through an account and a password, and the hardware device identifies whether the smart terminal is a recorded intelligent terminal. That is, it is identified whether the ID number of the smart terminal has been filed, and if it has been filed, the hardware device can be controlled by the smart terminal.
  3. 根据权利要求1所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:所述智能终端与网关设备连接且网关设备连接硬件设备,所述智能终端通过账户和密码登录网关设备,同时网关设备识别该智能终端是否为已备案智能终端,即识别该智能终端的ID号是否已备案,若已备案,则智能终端可通过网关设备控制硬件设备。The intelligent hardware device-based proximity identification matching security system according to claim 1, wherein the smart terminal is connected to the gateway device and the gateway device is connected to the hardware device, and the smart terminal logs in to the gateway device through the account and the password, and the gateway The device identifies whether the smart terminal is a registered intelligent terminal, that is, whether the ID number of the smart terminal is recorded, and if the file is already filed, the smart terminal can control the hardware device through the gateway device.
  4. 根据权利要求1所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:The intelligent hardware device-based proximity identification matching security system according to claim 1, wherein:
    所述安全系统还包括服务器,所述服务器用于数据存储、账号管理及备案认证管理;The security system further includes a server for data storage, account management, and filing authentication management;
    所述服务器分别连接网关设备、智能终端及硬件设备,所述硬件设备与智能终端之间,以及网关设备与智能终端之间,均需要进行账号和备案两种认证,所述账号及备案信息存储在服务器中。The server is connected to the gateway device, the smart terminal, and the hardware device, and the authentication between the hardware device and the smart terminal, and between the gateway device and the smart terminal, the account and the record are stored, and the account and the record information are stored. In the server.
  5. 根据权利要求4所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:当智能终端直接请求控制硬件设备时,该智能终端与硬件设备连接并通过账户和密码进行登录,硬件设备从服务器中调取账号信息进行比对认证,同时将该智能终端的ID号与服务器中已备案的ID号进行比对,若账号及备案认证都通过,则硬件设备可受控于该智能终端。The intelligent hardware device-based proximity identification matching security system according to claim 4, wherein when the smart terminal directly requests to control the hardware device, the smart terminal is connected to the hardware device and logs in through an account and a password, and the hardware device is slaved to the server. The account information is compared and the authentication is performed, and the ID number of the smart terminal is compared with the ID number already recorded in the server. If the account and the record authentication are passed, the hardware device can be controlled by the smart terminal.
  6. 根据权利要求4所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:当智能终端通过网关设备请求控制硬件设备时,所述智能终端与网关设备连接且网关设备连接硬件设备,智能终端通过账户和密码登录网关设备,网关设备从服务器中调取账号信息进行比对认证,同时将该智能终端的ID号与服务器中已备案的ID号进行比对,若账号及备案认证 都通过,则智能终端可通过网关设备控制硬件设备。The smart hardware device-based proximity identification matching security system according to claim 4, wherein when the smart terminal requests to control the hardware device through the gateway device, the smart terminal is connected to the gateway device and the gateway device is connected to the hardware device, and the smart terminal Log in to the gateway device through the account and password. The gateway device retrieves the account information from the server for comparison and authentication. At the same time, the ID number of the smart terminal is compared with the ID number already recorded in the server. If the account and the record are authenticated. All passed, the smart terminal can control the hardware device through the gateway device.
  7. 根据权利要求1-6中任一权利要求所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:所述智能终端或网关设备首次与智能终端建立连接、或者首次进行配置时,该智能终端为本安全系统的主用户,所述主用户可通过其持有的智能终端允许或拒绝其他用户的注册、备案请求,同时主用户还可授权并设置其他用户的操作权限。The intelligent hardware device-based proximity identification matching security system according to any one of claims 1 to 6, wherein the smart terminal or the gateway device establishes a connection with the smart terminal for the first time, or when the configuration is first performed, the smart device The terminal is the primary user of the security system, and the primary user can allow or reject the registration and filing requests of other users through the smart terminal held by the primary user, and the primary user can also authorize and set the operation rights of other users.
  8. 根据权利要求7所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:完成注册及备案的其他用户所持有的智能终端,在请求控制硬件设备时,该硬件设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或者仅发送通知信息告知主用户;完成注册及备案的其他用户所持有的智能终端,在请求通过网关设备控制硬件设备时,该网关设备同时发送确认信息至主用户所持有的智能终端上,请求主用户的确认,或者仅发送通知信息告知主用户。The intelligent hardware device-based proximity identification matching security system according to claim 7, wherein the intelligent terminal held by another user who completes registration and filing, when requesting to control the hardware device, the hardware device simultaneously sends a confirmation message to On the smart terminal held by the primary user, the primary user is requested to confirm, or only the notification information is sent to the primary user; the intelligent terminal held by other users who complete the registration and filing, when requesting to control the hardware device through the gateway device, The gateway device simultaneously sends the confirmation message to the smart terminal held by the primary user, requests the confirmation of the primary user, or only sends the notification information to the primary user.
  9. 根据权利要求1-6中任一权利要求所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:所述硬件设备与智能终端之间、以及网关设备与智能终端之间,通过无线通讯方式进行连接。The intelligent hardware device-based proximity identification matching security system according to any one of claims 1 to 6, characterized in that: between the hardware device and the intelligent terminal, and between the gateway device and the intelligent terminal, wireless communication is performed. Way to connect.
  10. 根据权利要求1-6中任一权利要求所述的基于智能硬件设备就近识别匹配安全系统,其特征在于:所述智能终端包括智能手机、智能手表、pad或PC。 The intelligent hardware device-based proximity identification matching security system according to any one of claims 1 to 6, wherein the smart terminal comprises a smart phone, a smart watch, a pad or a PC.
PCT/CN2016/109841 2016-09-28 2016-12-14 Intelligent hardware apparatus-based security system employing proximity recognition matching WO2018058796A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201610859153 2016-09-28
CN201610859153.0 2016-09-28
CN201611082084.3 2016-11-30
CN201611082084.3A CN107046525A (en) 2016-09-28 2016-11-30 One kind recognizes matching security system nearby based on intelligent hardware devices

Publications (1)

Publication Number Publication Date
WO2018058796A1 true WO2018058796A1 (en) 2018-04-05

Family

ID=59543498

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/109841 WO2018058796A1 (en) 2016-09-28 2016-12-14 Intelligent hardware apparatus-based security system employing proximity recognition matching

Country Status (2)

Country Link
CN (1) CN107046525A (en)
WO (1) WO2018058796A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112731877A (en) * 2020-12-22 2021-04-30 福建爱迪生科技有限公司 Control method of smart home
CN115189958A (en) * 2022-07-18 2022-10-14 西安热工研究院有限公司 Method for realizing authentication roaming and authentication between multi-level architectures

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109831410B (en) * 2018-12-20 2020-10-09 美的集团股份有限公司 Intelligent device authority management method, distribution network device, server and electronic device
CN110727938B (en) * 2019-10-18 2021-12-31 北京云迹科技有限公司 Configuration method and device of intelligent equipment, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016030857A1 (en) * 2014-08-28 2016-03-03 Telezygology Inc System for accessing a secure delivery
CN105574962A (en) * 2015-06-19 2016-05-11 宇龙计算机通信科技(深圳)有限公司 Door access control management method and mobile terminal
CN105610891A (en) * 2015-09-24 2016-05-25 宇龙计算机通信科技(深圳)有限公司 Biological information verification function control method and apparatus thereof, and terminal
CN105897809A (en) * 2015-01-26 2016-08-24 陕西汽车集团有限责任公司 Vehicle interconnected control and data service system based on intelligent terminal

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067340B (en) * 2011-10-20 2016-08-03 中兴通讯股份有限公司 The method for authenticating of remote control network information household appliances and system, the Internet home gateway
CN104066203A (en) * 2014-06-20 2014-09-24 可牛网络技术(北京)有限公司 Method and system for generating identifier of mobile device, method for remotely controlling mobile device, and communication terminal
AU2015215965B2 (en) * 2014-08-25 2016-12-22 Accenture Global Services Limited Secure short-distance-based communication and access control system
CN104394051A (en) * 2014-11-28 2015-03-04 杨光源 Intelligent home control system and intelligent home router
CN104468577B (en) * 2014-12-09 2017-12-05 广东美的制冷设备有限公司 The binding method and binding system of mobile terminal and household electrical appliance terminal
US20160227474A1 (en) * 2015-02-03 2016-08-04 Vizio Inc Multi-device network setup
CN104808496B (en) * 2015-02-13 2018-02-02 成都零点六一八科技有限公司 A kind of intelligent home control system and access method
CN104954454A (en) * 2015-06-03 2015-09-30 维融集团有限公司 Intelligent control method and device
CN105046801A (en) * 2015-09-17 2015-11-11 山东泰斗网络科技有限公司 Intelligent remote door lock monitoring system and method
CN105353624A (en) * 2015-09-22 2016-02-24 波瑞电气有限公司 Smart home safety controller of wireless communication of network topology
CN105719376B (en) * 2016-01-22 2017-03-15 慧锐通智能科技股份有限公司 A kind of access control system and method
CN105931343A (en) * 2016-06-20 2016-09-07 上海卓易科技股份有限公司 Smart door lock system and control method for same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016030857A1 (en) * 2014-08-28 2016-03-03 Telezygology Inc System for accessing a secure delivery
CN105897809A (en) * 2015-01-26 2016-08-24 陕西汽车集团有限责任公司 Vehicle interconnected control and data service system based on intelligent terminal
CN105574962A (en) * 2015-06-19 2016-05-11 宇龙计算机通信科技(深圳)有限公司 Door access control management method and mobile terminal
CN105610891A (en) * 2015-09-24 2016-05-25 宇龙计算机通信科技(深圳)有限公司 Biological information verification function control method and apparatus thereof, and terminal

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112731877A (en) * 2020-12-22 2021-04-30 福建爱迪生科技有限公司 Control method of smart home
CN112731877B (en) * 2020-12-22 2022-02-01 深圳安力诺科技有限公司 Control method of smart home
CN115189958A (en) * 2022-07-18 2022-10-14 西安热工研究院有限公司 Method for realizing authentication roaming and authentication between multi-level architectures
CN115189958B (en) * 2022-07-18 2024-01-19 西安热工研究院有限公司 Method for realizing authentication roaming and authentication between multi-level architectures

Also Published As

Publication number Publication date
CN107046525A (en) 2017-08-15

Similar Documents

Publication Publication Date Title
TWI295030B (en) Method for bootstrapping applications and services at different layers in a communications stack, apparatus that provides a device introduction framework, method for an introduction process, method for introducing two devices, method for establishing tru
JP6166484B2 (en) Unified communication protocol for communication between controller and accessories
WO2016184195A1 (en) Door lock control method, apparatus and terminal
US7454619B2 (en) Method, apparatus, and program product for securely presenting situation information
US8515389B2 (en) Method, apparatus, and program product for provisioning secure wireless sensors
US7581096B2 (en) Method, apparatus, and program product for automatically provisioning secure network elements
WO2018058796A1 (en) Intelligent hardware apparatus-based security system employing proximity recognition matching
WO2021218859A1 (en) Access request response method and apparatus, and electronic device
US20040098581A1 (en) Method and apparatus for establishing and using a secure credential infrastructure
US20050129240A1 (en) Method and apparatus for establishing a secure ad hoc command structure
US9730001B2 (en) Proximity based authentication using bluetooth
US20070266164A1 (en) Personal domain controller
TW201805846A (en) System and method for identity authentication
US10972446B2 (en) Device pairing
US11050737B2 (en) Techniques for verifying user intent and securely configuring computing devices
US9853971B2 (en) Proximity based authentication using bluetooth
WO2013182126A1 (en) Unified management and control method and platform for ubiquitous terminal
US11818180B1 (en) Transient setup of applications on communal devices
CN107534674A (en) The method for managing the access to service
US20240031414A1 (en) Transient setup of applications on communal devices
US20240129123A1 (en) Blockchain based access to devices on a network with local token acquisition
CA3172297A1 (en) Proof of authority based access to devices on a network with local token acquisition
Kou et al. An efficient Authentication Scheme Using Token Distribution for Cloud-based Smart Home
TW201642225A (en) Door access management system and method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16917541

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16917541

Country of ref document: EP

Kind code of ref document: A1