WO2021046926A1 - Method and apparatus for managing internet of things device - Google Patents

Method and apparatus for managing internet of things device Download PDF

Info

Publication number
WO2021046926A1
WO2021046926A1 PCT/CN2019/108202 CN2019108202W WO2021046926A1 WO 2021046926 A1 WO2021046926 A1 WO 2021046926A1 CN 2019108202 W CN2019108202 W CN 2019108202W WO 2021046926 A1 WO2021046926 A1 WO 2021046926A1
Authority
WO
WIPO (PCT)
Prior art keywords
internet
portable server
mobile terminal
certificate
digital certificate
Prior art date
Application number
PCT/CN2019/108202
Other languages
French (fr)
Chinese (zh)
Inventor
王高华
唐占国
梁栋
谭洪涛
Original Assignee
密信技术(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 密信技术(深圳)有限公司 filed Critical 密信技术(深圳)有限公司
Publication of WO2021046926A1 publication Critical patent/WO2021046926A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model

Abstract

A method and apparatus for managing an Internet of things device. The method comprises the following steps: a portable server, upon determining that an access instruction from a mobile terminal has been received, feeding back a configuration interface to the mobile terminal (S10); after receiving encrypted configuration data fed back by the mobile terminal via the configuration interface, decrypting the encrypted configuration data (S20); and sending the decrypted configuration data to an Internet of things device connected to the portable server, such that the Internet of things device performs an Internet of things configuration according to the decrypted configuration data (S30).

Description

物联网设备的管理方法、装置 Management method and device for internet of things equipment To
本申请要求2019年09月11日提交中国专利局、申请号为201910874320.2、发明名称为“物联网设备的管理方法、装置及系统”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office on September 11, 2019, the application number is 201910874320.2, and the invention title is "Management methods, devices and systems for Internet of Things equipment", the entire content of which is incorporated herein by reference Applying.
技术领域Technical field
本申请涉及物联网设备技术领域,尤其涉及物联网设备的管理方法、装置。This application relates to the technical field of Internet of Things equipment, and in particular to methods and devices for managing Internet of Things equipment.
背景技术Background technique
目前各种物联网设备与用户终端之间的交互都是采用浏览器网页界面的方式。用户通过在浏览器网页界面中登录账号,进而对物联网设备进行管理。At present, the interactions between various Internet of Things devices and user terminals are all in the form of a browser web interface. Users can manage IoT devices by logging in to their accounts in the browser web interface.
在此过程中,数据的传输都是基于超文本传输协议(HTTP,Hyper Text Transfer Protocol)进行的,但是超文本传输协议属于明文协议,导致数据传输非常不安全,使得物联网设备和用户终端都会存在安全隐患。In this process, the transmission of data is based on the Hyper Text Transfer Protocol (HTTP, Hyper Text Transfer Protocol). Protocol), but the hypertext transfer protocol is a plaintext protocol, which results in very insecure data transmission, making IoT devices and user terminals have security risks.
发明内容Summary of the invention
本申请的主要目的在于提供一种物联网设备的管理方法、装置,旨在用户通过移动终端与便携式服务器进行数据交互时,通过加密的方式对数据进行传输,使得数据传输更加安全,物联网设备管理更加安全。The main purpose of this application is to provide a management method and device for Internet of Things equipment, which aims to transmit data in an encrypted manner when users interact with portable servers through mobile terminals, so that data transmission is more secure. Management is more secure.
为实现上述目的,本申请提供一种物联网设备的管理方法,应用于便携式服务器,所述便携式服务器与所述物联网设备通过数据传输接口连接,所述物联网设备的管理方法包括以下步骤:In order to achieve the foregoing objective, the present application provides a method for managing the Internet of Things device, which is applied to a portable server, and the portable server is connected to the Internet of Things device through a data transmission interface. The method for managing the Internet of Things device includes the following steps:
确定到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面;Determining the access instruction to the mobile terminal, the portable server feeds back the setting interface to the mobile terminal;
接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密;以及After receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypt the encrypted setting data; and
将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The decrypted setting data is sent to the Internet of Things device connected to the portable server, and the Internet of Things device is configured to perform Internet of Things settings according to the decrypted setting data.
可选地,所述便携式服务器向所述移动终端反馈设置界面的步骤包括:Optionally, the step of the portable server feeding back the setting interface to the mobile terminal includes:
所述便携式服务器将所述便携式服务器存储的数字证书发送至所述移动终端,其中,所述移动终端根据所述数字证书加密所述移动终端的密钥,并将加密后的密钥发送至所述便携式服务器;The portable server sends the digital certificate stored in the portable server to the mobile terminal, wherein the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and sends the encrypted key to the mobile terminal. The portable server;
根据所述数字证书解密接收到的所述加密后的密钥,并存储解密得到的密钥,其中,通过存储的所述密钥对所述已加密的设置数据进行解密;以及Decrypt the received encrypted key according to the digital certificate, and store the decrypted key, wherein the encrypted setting data is decrypted by the stored key; and
根据存储的所述密钥加密所述设置界面,并将加密后的设置界面发送至所述移动终端。Encrypting the setting interface according to the stored key, and sending the encrypted setting interface to the mobile terminal.
可选地,所述数字证书为安全套接层证书。Optionally, the digital certificate is a secure socket layer certificate.
可选地,所述便携式服务器将所述便携式服务器存储的数字证书发送至所述移动终端的步骤之前,所述物联网设备的管理方法还包括:Optionally, before the step of the portable server sending the digital certificate stored in the portable server to the mobile terminal, the method for managing the Internet of Things device further includes:
确定所述便携式服务器第一次连接局域网,获取所述便携式服务器的设备证书和设备私钥;It is determined that the portable server is connected to the local area network for the first time, and the device certificate and the device private key of the portable server are obtained;
调用所述便携式服务器的设备私钥根据所述设备证书生成证书链;以及Invoking the device private key of the portable server to generate a certificate chain based on the device certificate; and
调用所述设备私钥根据所述证书链和所述设备证书生成所述数字证书,并存储所述数字证书。Invoking the device private key to generate the digital certificate according to the certificate chain and the device certificate, and storing the digital certificate.
可选地,所述根据所述证书链、所述设备证书和所述设备私钥生成所述数字证书的步骤包括:Optionally, the step of generating the digital certificate according to the certificate chain, the device certificate, and the device private key includes:
获取所述便携式服务器对应的预设标识;以及Obtaining a preset identifier corresponding to the portable server; and
调用所述设备私钥根据所述预设标识、所述证书链和所述设备证书生成所述数字证书。Invoking the device private key to generate the digital certificate according to the preset identifier, the certificate chain, and the device certificate.
可选地,所述便携式服务器向所述移动终端反馈设置界面的步骤之前,还包括:Optionally, before the step of the portable server feeding back the setting interface to the mobile terminal, the method further includes:
获取与所述物联网设备对应的设置界面。Acquire a setting interface corresponding to the Internet of Things device.
为实现上述目的,本申请提供一种物联网设备的管理方法,应用于移动终端,所述物联网设备的管理方法包括以下步骤:In order to achieve the above objective, the present application provides a method for managing the Internet of Things device, which is applied to a mobile terminal, and the method for managing the Internet of Things device includes the following steps:
确定检测到用户触发的访问指令,将所述访问指令发送至便携式服务器,其中,所述便携式服务器与所述物联网设备通过数据传输接口连接;Determining that an access instruction triggered by a user is detected, and sending the access instruction to a portable server, where the portable server and the Internet of Things device are connected through a data transmission interface;
确定接收到所述便携式服务器反馈的设置界面,显示所述设置界面,并根据所述用户基于所述设置界面的操作获取设置数据;以及Determine the setting interface that receives feedback from the portable server, display the setting interface, and obtain setting data according to the user's operation based on the setting interface; and
对所述设置数据进行加密,并将已加密的设置数据反馈给所述便携式服务器,其中,所述便携式服务器对所述已加密的设置数据进行解密,并将解密后的设置数据发送至连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The setting data is encrypted, and the encrypted setting data is fed back to the portable server, wherein the portable server decrypts the encrypted setting data and sends the decrypted setting data to the connected The Internet of Things device is configured such that the Internet of Things device performs Internet of Things settings according to the decrypted setting data.
可选地,所述物联网设备的管理方法还包括:Optionally, the method for managing the Internet of Things device further includes:
确定接收到所述便携式服务器发送的数字证书,根据所述数字证书加密所述移动终端的密钥,其中,所述设置数据通过所述密钥加密;以及Determine that the digital certificate sent by the portable server is received, and encrypt the key of the mobile terminal according to the digital certificate, wherein the setting data is encrypted by the key; and
将加密后的密钥发送至所述便携式服务器,其中,所述便携式服务器根据所述数字证书解密接收到的所述加密后的密钥,并存储解密得到的密钥,通过存储的所述密钥对所述已加密的设置数据进行解密。The encrypted key is sent to the portable server, where the portable server decrypts the received encrypted key according to the digital certificate, and stores the decrypted key, and uses the stored secret The key decrypts the encrypted setting data.
可选地,所述数字证书为安全套接层证书。Optionally, the digital certificate is a secure socket layer certificate.
可选地,所述物联网设备的管理方法还包括:Optionally, the method for managing the Internet of Things device further includes:
确定接收到所述便携式服务器发送的数字证书,根据所述数字证书中的证书链验证所述数字证书的有效性,其中,所述便携式服务器确定第一次连接局域网,调用所述便携式服务器的设备私钥根据设备证书生成所述证书链,调用所述设备私钥根据所述证书链和所述设备证书生成所述数字证书;以及It is determined that the digital certificate sent by the portable server is received, and the validity of the digital certificate is verified according to the certificate chain in the digital certificate. The portable server determines that it is connected to the local area network for the first time and calls the portable server's equipment The private key generates the certificate chain based on the device certificate, and calls the device private key to generate the digital certificate based on the certificate chain and the device certificate; and
确定所述数字证书有效,根据所述数字证书加密所述移动终端的密钥。It is determined that the digital certificate is valid, and the key of the mobile terminal is encrypted according to the digital certificate.
可选地,所述数字证书还包括预设标识,所述物联网设备的管理方法还包括:Optionally, the digital certificate further includes a preset identifier, and the method for managing the Internet of Things device further includes:
确定接收到所述便携式服务器发送的数字证书,其中,所述便携式服务器调用所述设备私钥根据所述便携式服务器对应的预设标识、所述证书链和所述设备证书生成所述数字证书;以及Determining to receive the digital certificate sent by the portable server, wherein the portable server invokes the device private key to generate the digital certificate according to the preset identifier corresponding to the portable server, the certificate chain, and the device certificate; as well as
确定所述数字证书中存在所述预设标识,执行所述根据所述数字证书中的证书链验证所述数字证书的有效性的步骤。It is determined that the preset identifier exists in the digital certificate, and the step of verifying the validity of the digital certificate according to the certificate chain in the digital certificate is executed.
此外,为实现上述目的,本申请还提供一种物联网设备的管理装置,所述物联网设备的管理装置包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的数据的传输方法程序,所述数据的传输方法程序被所述处理器执行时实现以下步骤:In addition, in order to achieve the above objective, this application also provides a management device for Internet of Things equipment. The management device for Internet of Things equipment includes: a memory, a processor, and stored in the memory and capable of running on the processor. The data transmission method program of, when the data transmission method program is executed by the processor, the following steps are implemented:
确定接收到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面;It is determined that the access instruction of the mobile terminal is received, and the portable server feeds back the setting interface to the mobile terminal;
接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密;以及After receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypt the encrypted setting data; and
将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置;Sending the decrypted setting data to the Internet of Things device connected to the portable server, and the Internet of Things device is configured to perform Internet of Things settings according to the decrypted setting data;
或者,所述数据的传输方法程序被所述处理器执行时实现以下步骤:Or, when the program of the data transmission method is executed by the processor, the following steps are implemented:
确定检测到用户触发的访问指令,将所述访问指令发送至便携式服务器,其中,所述便携式服务器与所述物联网设备通过数据传输接口连接;Determining that an access instruction triggered by a user is detected, and sending the access instruction to a portable server, where the portable server and the Internet of Things device are connected through a data transmission interface;
确定接收到所述便携式服务器反馈的设置界面,显示所述设置界面,并根据所述用户基于所述设置界面的操作获取设置数据;以及Determine the setting interface that receives feedback from the portable server, display the setting interface, and obtain setting data according to the user's operation based on the setting interface; and
对所述设置数据进行加密,并将已加密的设置数据反馈给所述便携式服务器,其中,所述便携式服务器对所述已加密的设置数据进行解密,并将解密后的设置数据发送至连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The setting data is encrypted, and the encrypted setting data is fed back to the portable server, wherein the portable server decrypts the encrypted setting data and sends the decrypted setting data to the connected The Internet of Things device is configured such that the Internet of Things device performs Internet of Things settings according to the decrypted setting data.
可选地,所述物联网设备的管理装置为便携式服务器或移动终端。Optionally, the management device of the Internet of Things device is a portable server or a mobile terminal.
可选地,便携式服务器集成于系统级芯片中,所述系统级芯片内置于所述物联网设备。Optionally, the portable server is integrated in a system-on-chip, and the system-on-chip is built in the Internet of Things device.
本申请实施例提出的物联网设备的管理方法、装置,应用于便携式服务器,所述便携式服务器与所述物联网设备通过数据传输接口连接,确定接收到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面,接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密,将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。本申请中,确定用户通过移动终端与便携式服务器进行数据交互,通过加密的方式对数据进行传输,使得数据传输更加安全,物联网设备管理更加安全。The method and device for managing the Internet of Things device proposed in the embodiments of the present application are applied to a portable server, and the portable server is connected to the Internet of Things device through a data transmission interface, and it is determined that the access instruction of the mobile terminal is received, and the portable server sends The mobile terminal feeds back the setting interface, and after receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypts the encrypted setting data, and sends the decrypted setting data to the portable server The connected Internet of Things device is configured such that the Internet of Things device performs Internet of Things settings according to the decrypted setting data. In this application, it is determined that the user interacts with the portable server through the mobile terminal and transmits the data in an encrypted manner, so that the data transmission is more secure and the management of the Internet of Things equipment is more secure.
附图说明Description of the drawings
图1是本申请实施例方案涉及的硬件运行环境的终端结构示意图;FIG. 1 is a schematic diagram of a terminal structure of a hardware operating environment involved in a solution of an embodiment of the present application;
图2为本申请物联网设备的管理方法的一实施例的流程示意图;2 is a schematic flowchart of an embodiment of a method for managing Internet of Things equipment according to this application;
图3为图2中步骤S10的细化流程示意图;FIG. 3 is a schematic diagram of the detailed flow of step S10 in FIG. 2;
图4为本申请物联网设备的管理方法再一实施例的流程示意图;FIG. 4 is a schematic flowchart of still another embodiment of the method for managing Internet of Things equipment according to this application;
图5为本申请物联网设备的管理方法又一实施例的流程示意图。FIG. 5 is a schematic flowchart of another embodiment of a method for managing an Internet of Things device according to this application.
本申请目的的实现、功能特点及优点将结合实施例,参照附图做进一步说明。The realization, functional characteristics, and advantages of the purpose of this application will be further described in conjunction with the embodiments and with reference to the accompanying drawings.
具体实施方式detailed description
应当理解,此处所描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。It should be understood that the specific embodiments described here are only used to explain the application, and not used to limit the application.
本申请实施例的主要解决方案是:The main solution of the embodiment of this application is:
确定接收到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面;It is determined that the access instruction of the mobile terminal is received, and the portable server feeds back the setting interface to the mobile terminal;
接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密;以及After receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypt the encrypted setting data; and
将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The decrypted setting data is sent to the Internet of Things device connected to the portable server, and the Internet of Things device is configured to perform Internet of Things settings according to the decrypted setting data.
由于现有技术中,物联网设备与用户终端之间的数据传输都是基于超文本传输协议(HTTP,Hyper Text Transfer Protocol)进行的,但是超文本传输协议属于明文协议,导致数据传输非常不安全,使得物联网设备和用户终端都会存在安全隐患。In the prior art, data transmission between IoT devices and user terminals is based on the Hypertext Transfer Protocol (HTTP, Hyper Text Transfer Protocol). Transfer Protocol), but the hypertext transfer protocol is a plaintext protocol, which results in very insecure data transmission, making IoT devices and user terminals have security risks.
本申请提供一种解决方案,确定用户通过移动终端与便携式服务器进行数据交互,通过加密的方式对数据进行传输,使得数据传输更加安全,物联网设备管理更加安全。This application provides a solution that determines that a user interacts with a portable server through a mobile terminal and transmits the data in an encrypted manner, so that the data transmission is safer and the IoT device management is safer.
如图1所示,图1是本申请实施例方案涉及的硬件运行环境的终端结构示意图。As shown in FIG. 1, FIG. 1 is a schematic diagram of a terminal structure of a hardware operating environment involved in a solution of an embodiment of the present application.
本申请实施例的一终端为便携式服务器。A terminal in the embodiment of the present application is a portable server.
如图1所示,该终端可以包括:处理器1001,例如CPU,网络接口1004,用户接口1003,存储器1005,通信总线1002。其中,通信总线1002设置为实现这些组件之间的连接通信。用户接口1003可以包括显示屏(Display)、输入单元比如键盘(Keyboard),可选用户接口1003还可以包括标准的有线接口、无线接口。网络接口1004可选的可以包括标准的有线接口、无线接口(如WI-FI接口)。存储器1005可以是高速RAM存储器,也可以是稳定的存储器(non-volatile memory),例如磁盘存储器。存储器1005可选的还可以是独立于前述处理器1001的存储装置。As shown in FIG. 1, the terminal may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, and a communication bus 1002. Among them, the communication bus 1002 is configured to realize the connection and communication between these components. The user interface 1003 may include a display screen (Display) and an input unit such as a keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface and a wireless interface. The network interface 1004 may optionally include a standard wired interface and a wireless interface (such as a WI-FI interface). The memory 1005 can be a high-speed RAM memory or a stable memory (non-volatile memory), such as disk storage. Optionally, the memory 1005 may also be a storage device independent of the aforementioned processor 1001.
本领域技术人员可以理解,图1中示出的终端结构并不构成对终端的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。Those skilled in the art can understand that the terminal structure shown in FIG. 1 does not constitute a limitation on the terminal, and may include more or fewer components than shown in the figure, or combine some components, or arrange different components.
如图1所示,作为一种计算机存储介质的存储器1005中可以包括操作系统、网络通信模块、用户接口模块以及物联网设备的管理程序,处理器1001可以设置为调用存储器1005中存储的物联网设备的管理程序,并执行以下操作:As shown in FIG. 1, the memory 1005 as a computer storage medium may include an operating system, a network communication module, a user interface module, and a management program of the Internet of Things device. The processor 1001 may be configured to call the Internet of Things stored in the memory 1005. The management program of the device and perform the following operations:
确定接收到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面;It is determined that the access instruction of the mobile terminal is received, and the portable server feeds back the setting interface to the mobile terminal;
接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密;以及After receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypt the encrypted setting data; and
将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The decrypted setting data is sent to the Internet of Things device connected to the portable server, and the Internet of Things device is configured to perform Internet of Things settings according to the decrypted setting data.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
所述便携式服务器将所述便携式服务器存储的数字证书发送至所述移动终端,其中,所述移动终端根据所述数字证书加密所述移动终端的密钥,并将加密后的密钥发送至所述便携式服务器;The portable server sends the digital certificate stored in the portable server to the mobile terminal, wherein the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and sends the encrypted key to the mobile terminal. The portable server;
根据所述数字证书解密接收到的所述加密后的密钥,并存储解密得到的密钥,其中,通过存储的所述密钥对所述已加密的设置数据进行解密;以及Decrypt the received encrypted key according to the digital certificate, and store the decrypted key, wherein the encrypted setting data is decrypted by the stored key; and
根据存储的所述密钥加密所述设置界面,并将加密后的设置界面发送至所述移动终端。Encrypting the setting interface according to the stored key, and sending the encrypted setting interface to the mobile terminal.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
所述便携式服务器将所述便携式服务器存储的数字证书发送至所述移动终端,其中,所述数字证书为安全套接层证书。The portable server sends the digital certificate stored in the portable server to the mobile terminal, where the digital certificate is a secure socket layer certificate.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
确定所述便携式服务器第一次连接局域网,获取所述便携式服务器的设备证书和设备私钥;It is determined that the portable server is connected to the local area network for the first time, and the device certificate and the device private key of the portable server are obtained;
调用所述便携式服务器的设备私钥根据所述设备证书生成证书链;以及Invoking the device private key of the portable server to generate a certificate chain based on the device certificate; and
调用所述设备私钥根据所述证书链和所述设备证书生成所述数字证书,并存储所述数字证书。Invoking the device private key to generate the digital certificate according to the certificate chain and the device certificate, and storing the digital certificate.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
获取所述便携式服务器对应的预设标识;以及Obtaining a preset identifier corresponding to the portable server; and
调用所述设备私钥根据所述预设标识、所述证书链和所述设备证书生成所述数字证书。Invoking the device private key to generate the digital certificate according to the preset identifier, the certificate chain, and the device certificate.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
获取与所述物联网设备对应的设置界面。Acquire a setting interface corresponding to the Internet of Things device.
本申请实施例的另一终端为移动终端。The other terminal in the embodiment of the present application is a mobile terminal.
如图1所示,该终端可以包括:处理器1001,例如CPU,网络接口1004,用户接口1003,存储器1005,通信总线1002。其中,通信总线1002设置为实现这些组件之间的连接通信。用户接口1003可以包括显示屏(Display)、输入单元比如键盘(Keyboard),可选用户接口1003还可以包括标准的有线接口、无线接口。网络接口1004可选的可以包括标准的有线接口、无线接口(如WI-FI接口)。存储器1005可以是高速RAM存储器,也可以是稳定的存储器(non-volatile memory),例如磁盘存储器。存储器1005可选的还可以是独立于前述处理器1001的存储装置。As shown in FIG. 1, the terminal may include: a processor 1001, such as a CPU, a network interface 1004, a user interface 1003, a memory 1005, and a communication bus 1002. Among them, the communication bus 1002 is configured to realize the connection and communication between these components. The user interface 1003 may include a display screen (Display) and an input unit such as a keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface and a wireless interface. The network interface 1004 may optionally include a standard wired interface and a wireless interface (such as a WI-FI interface). The memory 1005 can be a high-speed RAM memory or a stable memory (non-volatile memory), such as disk storage. Optionally, the memory 1005 may also be a storage device independent of the aforementioned processor 1001.
本领域技术人员可以理解,图1中示出的终端结构并不构成对终端的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。Those skilled in the art can understand that the terminal structure shown in FIG. 1 does not constitute a limitation on the terminal, and may include more or fewer components than shown in the figure, or combine some components, or arrange different components.
如图1所示,作为一种计算机存储介质的存储器1005中可以包括操作系统、网络通信模块、用户接口模块以及物联网设备的管理程序,处理器1001可以设置为调用存储器1005中存储的物联网设备的管理程序,并执行以下操作:As shown in FIG. 1, the memory 1005 as a computer storage medium may include an operating system, a network communication module, a user interface module, and a management program of the Internet of Things device. The processor 1001 may be configured to call the Internet of Things stored in the memory 1005. The management program of the device and perform the following operations:
确定检测到用户触发的访问指令,将所述访问指令发送至便携式服务器,其中,所述便携式服务器与所述物联网设备通过数据传输接口连接;Determining that an access instruction triggered by a user is detected, and sending the access instruction to a portable server, where the portable server and the Internet of Things device are connected through a data transmission interface;
确定接收到所述便携式服务器反馈的设置界面,显示所述设置界面,并根据所述用户基于所述设置界面的操作获取设置数据;以及Determine the setting interface that receives feedback from the portable server, display the setting interface, and obtain setting data according to the user's operation based on the setting interface; and
对所述设置数据进行加密,并将已加密的设置数据反馈给所述便携式服务器,其中,所述便携式服务器对所述已加密的设置数据进行解密,并将解密后的设置数据发送至连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The setting data is encrypted, and the encrypted setting data is fed back to the portable server, wherein the portable server decrypts the encrypted setting data and sends the decrypted setting data to the connected The Internet of Things device is configured such that the Internet of Things device performs Internet of Things settings according to the decrypted setting data.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
确定接收到所述便携式服务器发送的数字证书,根据所述数字证书加密所述移动终端的密钥,其中,所述设置数据通过所述密钥加密;以及Determine that the digital certificate sent by the portable server is received, and encrypt the key of the mobile terminal according to the digital certificate, wherein the setting data is encrypted by the key; and
将加密后的密钥发送至所述便携式服务器,其中,所述便携式服务器根据所述数字证书解密接收到的所述加密后的密钥,并存储解密得到的密钥,通过存储的所述密钥对所述已加密的设置数据进行解密。The encrypted key is sent to the portable server, where the portable server decrypts the received encrypted key according to the digital certificate, and stores the decrypted key, and uses the stored secret The key decrypts the encrypted setting data.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
确定接收到所述便携式服务器发送的数字证书,根据所述数字证书加密所述移动终端的密钥,其中,所述数字证书为安全套接层证书。It is determined that the digital certificate sent by the portable server is received, and the key of the mobile terminal is encrypted according to the digital certificate, wherein the digital certificate is a secure socket layer certificate.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
确定接收到所述便携式服务器发送的数字证书,根据所述数字证书中的证书链验证所述数字证书的有效性,其中,所述便携式服务器确定第一次连接局域网,调用所述便携式服务器的设备私钥根据设备证书生成所述证书链,调用所述设备私钥根据所述证书链和所述设备证书生成所述数字证书;以及It is determined that the digital certificate sent by the portable server is received, and the validity of the digital certificate is verified according to the certificate chain in the digital certificate. The portable server determines that it is connected to the local area network for the first time and calls the portable server's equipment The private key generates the certificate chain based on the device certificate, and calls the device private key to generate the digital certificate based on the certificate chain and the device certificate; and
确定所述数字证书有效,根据所述数字证书加密所述移动终端的密钥。It is determined that the digital certificate is valid, and the key of the mobile terminal is encrypted according to the digital certificate.
进一步地,处理器1001可以调用存储器1005中存储的物联网设备的管理程序,还执行以下操作:Further, the processor 1001 may call the management program of the Internet of Things device stored in the memory 1005, and also perform the following operations:
确定接收到所述便携式服务器发送的数字证书,其中,所述便携式服务器调用所述设备私钥根据所述便携式服务器对应的预设标识、所述证书链和所述设备证书生成所述数字证书;以及Determining to receive the digital certificate sent by the portable server, wherein the portable server invokes the device private key to generate the digital certificate according to the preset identifier corresponding to the portable server, the certificate chain, and the device certificate; as well as
确定所述数字证书中存在所述预设标识,执行所述根据所述数字证书中的证书链验证所述数字证书的有效性的步骤。It is determined that the preset identifier exists in the digital certificate, and the step of verifying the validity of the digital certificate according to the certificate chain in the digital certificate is executed.
参照图2,在一实施例中,应用于便携式服务器,所述物联网设备的管理方法包括以下步骤:Referring to FIG. 2, in an embodiment, applied to a portable server, the method for managing the Internet of Things device includes the following steps:
步骤S10,确定接收到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面;Step S10, it is determined that an access instruction of the mobile terminal is received, and the portable server feeds back a setting interface to the mobile terminal;
在本实施例中,便携式服务器与物联网设备通过数据传输接口连接,用户通过移动终端访问便携式服务器,配置为使便携式服务器通过数据传输接口控制物联网设备,从而实现通过移动终端管理物联网设备的目的。由于便携式服务器是设置为管理物联网设备,因此对于便携式服务器的性能要求较低,便携式服务器可集成于系统级芯片(System on Chip,SoC)中,配置为降低生产成本。由于系统级芯片的体积较小,因此可将便携式服务器内置于物联网设备中,并且用户可随时插入或拔出系统级芯片,使得便携式服务器的应用更加方便。便携式服务器在接收到移动终端发送的访问指令时,便携式服务器将设置界面反馈至移动终端,被配置为用户在移动终端接收到的设置界面中管理物联网设备,其中,设置界面是与便携式服务器连通的物联网设备对应的设备管理界面,并且设置界面预先存储在便携式服务器或物联网设备中。In this embodiment, the portable server and the Internet of Things device are connected through a data transmission interface, and the user accesses the portable server through a mobile terminal, and is configured to enable the portable server to control the Internet of Things device through the data transmission interface, thereby realizing the management of the Internet of Things device through the mobile terminal. purpose. Since the portable server is set to manage the Internet of Things devices, the performance requirements of the portable server are relatively low, and the portable server can be integrated in the system-level chip (System on Chip, SoC), configured to reduce production costs. Due to the small size of the system-level chip, the portable server can be built into the IoT device, and the user can insert or pull out the system-level chip at any time, making the application of the portable server more convenient. When the portable server receives the access instruction sent by the mobile terminal, the portable server feeds back the setting interface to the mobile terminal, and is configured to manage the Internet of Things devices in the setting interface received by the mobile terminal, where the setting interface is connected to the portable server The device management interface corresponding to the Internet of Things device, and the setting interface is pre-stored in the portable server or the Internet of Things device.
步骤S20,接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密;Step S20, after receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypt the encrypted setting data;
在本实施例中,便携式服务器在将设置界面反馈至移动终端后,若接收到移动终端通过设置界面反馈的已加密的设置数据时,对已加密的设置数据进行解密,配置为获取用户对于物联网设备的设置数据。设置数据的加密是基于超文本传输安全协议(Hypertext Transfer Protocol Secure,HTTPS),具体可以采用对称加密或非对称加密。需要说明的是,便携式服务器发送至移动终端的设置界面,以及移动终端发送至便携式服务器的设置数据均可进行加密,配置为使数据传输更加安全,并提高了局域网系统的安全性。In this embodiment, after the portable server feeds back the setting interface to the mobile terminal, if it receives the encrypted setting data fed back by the mobile terminal through the setting interface, it decrypts the encrypted setting data and is configured to obtain the user’s information about the object. Setting data of networked devices. The encryption of the setting data is based on the Hypertext Transfer Security Protocol (Hypertext Transfer Protocol Secure, HTTPS), specifically, symmetric encryption or asymmetric encryption can be used. It should be noted that both the setting interface sent by the portable server to the mobile terminal and the setting data sent by the mobile terminal to the portable server can be encrypted, configured to make data transmission more secure and improve the security of the local area network system.
步骤S30,将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。In step S30, the decrypted setting data is sent to the Internet of Things device connected to the portable server, and the Internet of Things device is configured to perform Internet of Things settings according to the decrypted setting data.
在本实施例中,便携式服务器在将已加密的设置数据解密后,将解密后的设置数据发送至与便携式服务器连通的物联网设备中。物联网设备在接收到解密后的设置数据后,根据解密后的设置数据更改物联网设备中对应的设置,从而实现用户通过移动终端管理物联网设备的目的。In this embodiment, after the portable server decrypts the encrypted setting data, it sends the decrypted setting data to the Internet of Things device connected to the portable server. After the Internet of Things device receives the decrypted setting data, it changes the corresponding settings in the Internet of Things device according to the decrypted setting data, thereby realizing the user's purpose of managing the Internet of Things device through the mobile terminal.
在本实施例公开的技术方案中,在用户通过移动终端与便携式服务器进行数据交互时,通过加密的方式对数据进行传输,使得数据传输更加安全,物联网设备管理更加安全。In the technical solution disclosed in this embodiment, when the user interacts with the portable server through the mobile terminal, the data is transmitted in an encrypted manner, so that the data transmission is safer and the IoT device management is safer.
在另一实施例中,如图3所示,在上述图2所示的实施例基础上,步骤S10包括:In another embodiment, as shown in FIG. 3, on the basis of the embodiment shown in FIG. 2, step S10 includes:
步骤S11,所述便携式服务器将所述便携式服务器存储的数字证书发送至所述移动终端,Step S11, the portable server sends the digital certificate stored in the portable server to the mobile terminal,
其中,所述移动终端根据所述数字证书加密所述移动终端的密钥,并将加密后的密钥发送至所述便携式服务器;Wherein, the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and sends the encrypted key to the portable server;
在本实施例中,便携式服务器与移动终端的通信加密方式可以是对称加密或者非对称加密。例如,在采用非对称加密时,便携式服务器在接收到移动终端发送的访问指令时,将便携式服务器中存储的数字证书发送至移动终端。其中,数据证书可以是SSL(Secure socket layer)证书,并且该数字证书与传统的数字证书不同,该数字证书是根据便携式服务器预存的设备证书生成,从而避免需要向证书颁发机构(CA,Certificate Authority)申请数字证书并支付相关费用,配置为进一步降低便携式服务器的生产成本。由于传统的数字证书存在有效期的限制,因此在使用传统的数字证书时还需支付较多的管理维护成本,而通过根据便携式服务器预存的设备证书生成的数字证书则无需支付管理维护成本,从而降低了便携式服务器的维护成本。移动终端在接收到便携式服务器发送的数字证书时,获取移动终端的密钥,并根据接收到的数字证书加密移动终端的密钥,并加密后的密钥发送至便携式服务器。在对称加密中,在后续便携式服务器与移动终端的数据通信均可通过移动终端的密钥进行加密,配置为确保数据传输的安全性。In this embodiment, the communication encryption method between the portable server and the mobile terminal may be symmetric encryption or asymmetric encryption. For example, when using asymmetric encryption, the portable server sends the digital certificate stored in the portable server to the mobile terminal when receiving the access instruction sent by the mobile terminal. Among them, the data certificate can be SSL (Secure socket layer) certificate, and the digital certificate is different from the traditional digital certificate. The digital certificate is generated based on the device certificate pre-stored in the portable server, thus avoiding the need to apply to the certificate authority (CA, Certificate). Authority) apply for a digital certificate and pay related fees, configured to further reduce the production cost of the portable server. Due to the limitation of the validity period of traditional digital certificates, it is necessary to pay more management and maintenance costs when using traditional digital certificates, while the digital certificates generated based on the device certificates stored in the portable server do not need to pay management and maintenance costs, thereby reducing The maintenance cost of the portable server is reduced. When the mobile terminal receives the digital certificate sent by the portable server, it obtains the key of the mobile terminal, encrypts the key of the mobile terminal according to the received digital certificate, and sends the encrypted key to the portable server. In symmetric encryption, subsequent data communication between the portable server and the mobile terminal can be encrypted by the key of the mobile terminal, which is configured to ensure the security of data transmission.
此外,在便携式服务器第一次连接局域网时,即便携式服务器启用时,可确定便携式服务器中存储有数字证书,若未存储有数字证书,则在便携式服务器内生成证书请求文件(Certificate Signing Request,CSR),并获取便携式服务器预先存储的设备证书,调用便携式服务器的设备私钥,根据证书请求文件生成数字证书,并存储数字证书,其中,数字证书中还可嵌入设备证书以及特殊的证书链,该特殊的证书链通过调用设备私钥根据设备证书生成。在数字证书生成后,将数字证书存储在便携式服务器中,配置为便于后续便携式服务器与移动终端进行数据传输时使用。数字证书中还可包括预设标识和便携式服务器的互联网协议地址(Internet Protocol Address,IP)等,其中,预设标识设置为与传统的数字证书区别开来,互联网协议地址设置为验证设备证书的有效性。设备证书和设备私钥均预先存储于便携式服务器中,并且不允许进行更改、导出和删除,使得可通过设备证书中设备私钥的签名来识别该便携式服务器,并且该便携式服务器执行的操作均可进行追溯。In addition, when the portable server is connected to the local area network for the first time, that is, when the portable server is activated, it can be determined that the portable server has a digital certificate. If no digital certificate is stored, a certificate request file (Certificate Signing Request, CSR), and obtain the device certificate stored in advance by the portable server, call the device private key of the portable server, generate a digital certificate according to the certificate request file, and store the digital certificate. Among them, the digital certificate can also be embedded in the device certificate and special certificates The special certificate chain is generated according to the device certificate by calling the device private key. After the digital certificate is generated, the digital certificate is stored in the portable server and configured to facilitate subsequent data transmission between the portable server and the mobile terminal. The digital certificate can also include the preset logo and the Internet protocol address of the portable server (Internet Protocol Address, IP), etc., where the preset identification is set to distinguish it from the traditional digital certificate, and the Internet protocol address is set to verify the validity of the device certificate. Both the device certificate and the device private key are pre-stored in the portable server and are not allowed to be changed, exported, or deleted, so that the portable server can be identified by the signature of the device private key in the device certificate, and the operations performed by the portable server can be Perform retrospective.
步骤S12,根据所述数字证书解密接收到的所述加密后的密钥,并存储解密得到的密钥,Step S12, decrypt the received encrypted key according to the digital certificate, and store the decrypted key,
其中,通过存储的所述密钥对所述已加密的设置数据进行解密;Wherein, decrypt the encrypted setting data by using the stored key;
在本实施例中,由于加密后的密钥是根据便携式服务器的数字证书加密的,因此便携式服务器在接收到移动终端发送的加密后的密钥时,可根据便携式服务器中的数字证书解密接收到的加密后的密钥,从而得到移动终端的密钥,并存储解密得到的密钥,配置为便于便携式服务器根据该密钥加密和解密便携式服务器与移动终端之间传输的加密数据。例如,便携式服务器在接收到移动终端反馈的已加密的设置数据后,可通过存储的密钥对已加密的数据进行解密。In this embodiment, since the encrypted key is encrypted according to the digital certificate of the portable server, when the portable server receives the encrypted key sent by the mobile terminal, it can decrypt the received key according to the digital certificate in the portable server. The encrypted key of the mobile terminal is obtained, and the decrypted key is stored, which is configured to facilitate the portable server to encrypt and decrypt the encrypted data transmitted between the portable server and the mobile terminal according to the key. For example, after receiving the encrypted setting data fed back by the mobile terminal, the portable server can decrypt the encrypted data using the stored key.
步骤S13,根据存储的所述密钥加密所述设置界面,并将加密后的设置界面发送至所述移动终端。Step S13: Encrypt the setting interface according to the stored key, and send the encrypted setting interface to the mobile terminal.
在本实施例中,在接收到移动终端发送的访问指令时,便携式服务器若已获取到移动终端的密钥,则根据密钥加密设置界面,并将加密后的设置界面发送至移动终端,配置为实现便携式服务器与移动终端的加密传输。In this embodiment, when receiving the access instruction sent by the mobile terminal, if the portable server has obtained the key of the mobile terminal, it encrypts the setting interface according to the key, and sends the encrypted setting interface to the mobile terminal to configure In order to realize the encrypted transmission between the portable server and the mobile terminal.
在本实施例公开的技术方案中,通过便携式服务器发送数字证书至移动终端,配置为使移动终端反馈密钥,便携式服务器与移动终端通过密钥进行加密数据传输,从而使得局域网系统数据传输更加安全。In the technical solution disclosed in this embodiment, the portable server sends the digital certificate to the mobile terminal, and is configured to enable the mobile terminal to feed back the key. The portable server and the mobile terminal use the key to encrypt data, thereby making the LAN system data transmission more secure .
在再一实施例中,如图4所示,应用于移动终端,所述物联网设备的管理方法包括以下步骤:In yet another embodiment, as shown in FIG. 4, applied to a mobile terminal, the method for managing the Internet of Things device includes the following steps:
步骤S40,确定检测到用户触发的访问指令,将所述访问指令发送至便携式服务器,其中,所述便携式服务器与所述物联网设备通过数据传输接口连接;Step S40: Determine that an access instruction triggered by a user is detected, and send the access instruction to a portable server, where the portable server and the Internet of Things device are connected through a data transmission interface;
在本实施例中,便携式服务器与物联网设备通过数据传输接口连接,用户通过移动终端访问便携式服务器,配置为使便携式服务器通过数据传输接口控制物联网设备,从而实现通过移动终端管理物联网设备的目的。移动终端在检测到用户触发的访问指令时,将访问指令发送至便携式服务器,配置为使便携式反馈物联网设备对应的设置界面。具体的,移动终端访问便携式服务器一般采用浏览器网页界面的方式,使得用户在通过移动终端管理物联网设备时更加高效。在移动终端将访问指令发送至便携式服务器后,便携式服务器向移动终端反馈便携式服务器存储的数字证书,配置为便于移动终端根据数字证书加密移动终端的密钥,并将已加密的密钥反馈至便携式服务器。便携式服务器根据数字证书对接收到的已加密的密钥解密,得到移动终端的密钥。需要说明的是,移动终端发送至便携式服务器的设置数据可根据该密钥加密,便携式服务器接收到的已加密的设置数据也可根据该密钥解密。In this embodiment, the portable server and the Internet of Things device are connected through a data transmission interface, and the user accesses the portable server through a mobile terminal, and is configured to enable the portable server to control the Internet of Things device through the data transmission interface, thereby realizing the management of the Internet of Things device through the mobile terminal. purpose. When detecting the access instruction triggered by the user, the mobile terminal sends the access instruction to the portable server, and is configured to make the portable feedback the setting interface corresponding to the Internet of Things device. Specifically, a mobile terminal generally uses a browser web interface to access a portable server, which makes it more efficient for users to manage IoT devices through the mobile terminal. After the mobile terminal sends the access instruction to the portable server, the portable server feeds back the digital certificate stored in the portable server to the mobile terminal, which is configured to facilitate the mobile terminal to encrypt the key of the mobile terminal according to the digital certificate and feed back the encrypted key to the portable server. The portable server decrypts the received encrypted key according to the digital certificate to obtain the key of the mobile terminal. It should be noted that the setting data sent by the mobile terminal to the portable server can be encrypted according to the key, and the encrypted setting data received by the portable server can also be decrypted according to the key.
步骤S50,确定接收到所述便携式服务器反馈的设置界面,显示所述设置界面,并根据所述用户基于所述设置界面的操作获取设置数据;Step S50: Determine the setting interface fed back by the portable server, display the setting interface, and obtain setting data according to the operation of the user based on the setting interface;
在本实施例中,在移动终端将访问指令发送至便携式服务器后,若接收到便携式服务器反馈的设置界面,则在移动终端的浏览器网页中显示设置界面,被配置为用户在设置界面中更改针对物联网设备的设置。移动终端通过检测用户在设置界面中的操作,生成对应的设置数据。In this embodiment, after the mobile terminal sends the access instruction to the portable server, if the setting interface fed back by the portable server is received, the setting interface is displayed in the browser webpage of the mobile terminal, and the setting interface is configured to be changed by the user in the setting interface. Settings for IoT devices. The mobile terminal generates corresponding setting data by detecting the user's operation in the setting interface.
步骤S60,对所述设置数据进行加密,并将已加密的设置数据反馈给所述便携式服务器,Step S60, encrypting the setting data, and feeding back the encrypted setting data to the portable server,
其中,所述便携式服务器对所述已加密的设置数据进行解密,并将解密后的设置数据发送至连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。Wherein, the portable server decrypts the encrypted setting data, and sends the decrypted setting data to the connected Internet of Things device, and is configured such that the Internet of Things device is configured according to the decrypted setting data Set up the Internet of Things.
在本实施例中,移动终端在获取到设置数据后,对设置数据进行加密,并将加密后的设置数据发送至便携式服务器。便携式服务器在接收到移动终端发送的已加密的设置数据时,对已加密的设置数据解密,并将解密后的数据发送至与便携式服务器连通的物联网设备,配置为实现通过移动终端管理物联网设备的目的。设置数据的加密是基于超文本传输安全协议(Hypertext Transfer Protocol Secure,HTTPS),具体可以采用对称加密或非对称加密。需要说明的是,便携式服务器发送至移动终端的设置界面,以及移动终端发送至便携式服务器的设置数据均可进行加密,配置为使数据传输更加安全,并提高了局域网系统的安全性。In this embodiment, after acquiring the setting data, the mobile terminal encrypts the setting data, and sends the encrypted setting data to the portable server. When the portable server receives the encrypted setting data sent by the mobile terminal, it decrypts the encrypted setting data, and sends the decrypted data to the IoT device connected to the portable server, and is configured to realize the management of the Internet of Things through the mobile terminal The purpose of the device. The encryption of the setting data is based on the Hypertext Transfer Security Protocol (Hypertext Transfer Protocol Secure, HTTPS), specifically, symmetric encryption or asymmetric encryption can be used. It should be noted that both the setting interface sent by the portable server to the mobile terminal and the setting data sent by the mobile terminal to the portable server can be encrypted, configured to make data transmission more secure and improve the security of the local area network system.
在本实施例公开的技术方案中,在用户通过移动终端与便携式服务器进行数据交互时,通过加密的方式对数据进行传输,使得数据传输更加安全,物联网设备管理更加安全。In the technical solution disclosed in this embodiment, when the user interacts with the portable server through the mobile terminal, the data is transmitted in an encrypted manner, so that the data transmission is safer and the IoT device management is safer.
在又一实施例中,如图5所示,在上述图4所示的实施例基础上,步骤S20之后,还包括:In another embodiment, as shown in FIG. 5, on the basis of the embodiment shown in FIG. 4, after step S20, the method further includes:
步骤S70,确定接收到所述便携式服务器发送的数字证书时,根据所述数字证书中的证书链验证所述数字证书的有效性,Step S70: When it is determined that the digital certificate sent by the portable server is received, verify the validity of the digital certificate according to the certificate chain in the digital certificate,
其中,所述便携式服务器确定第一次连接局域网,调用所述便携式服务器的设备私钥根据设备证书生成所述证书链,调用所述设备私钥根据所述证书链和所述设备证书生成所述数字证书;Wherein, the portable server determines to connect to the local area network for the first time, calls the device private key of the portable server to generate the certificate chain according to the device certificate, and calls the device private key to generate the certificate chain according to the certificate chain and the device certificate. Digital certificate
在本实施例中,便携式服务器与移动终端的通信加密方式可以是对称加密或者非对称加密。例如,在对称加密时,便携式服务器在接收到移动终端的访问指令后,需要发送便携式服务器的数字证书至移动终端,配置为获取移动终端的密钥,进而根据密钥实现数据的加密传输。移动终端在接收到便携式服务器发送的数字证书时,需要对便携式服务器的身份进行验证,即验证数字证书的有效性。由于该数字证书与传统的数字证书不同,因此,在验证数字证书有效性时,可以先确定该数字证书中存在预设标识,若存在,则标识该数字证书不是传统的数字证书,应按照新的规则验证数字证书有效性,否则按照传统数字证书的验证过程进行验证。其中,预设标识可以是任意友好名称,设置为与传统数字证书区别开来。由于物联网设备在接入局域网后会分配到一个内网地址,作为物联网设备的地址,而且由于物联网设备一般会长期使用,因此其内网地址通常也是固定的,因此内网地址也可作为预设标识。In this embodiment, the communication encryption method between the portable server and the mobile terminal may be symmetric encryption or asymmetric encryption. For example, in symmetric encryption, after receiving an access instruction from the mobile terminal, the portable server needs to send the digital certificate of the portable server to the mobile terminal, configure it to obtain the key of the mobile terminal, and then realize the encrypted transmission of data according to the key. When the mobile terminal receives the digital certificate sent by the portable server, it needs to verify the identity of the portable server, that is, verify the validity of the digital certificate. Because the digital certificate is different from the traditional digital certificate, when verifying the validity of the digital certificate, you can first determine that there is a preset identifier in the digital certificate. If it exists, it indicates that the digital certificate is not a traditional digital certificate. The rules verify the validity of the digital certificate, otherwise it will be verified according to the verification process of the traditional digital certificate. Among them, the preset identifier can be any friendly name, which is set to be distinguished from the traditional digital certificate. Since the Internet of Things device will be assigned an intranet address after being connected to the local area network as the address of the Internet of Things device, and because the Internet of Things devices are generally used for a long time, their intranet address is usually fixed, so the intranet address can also be used. As a preset logo.
在按照新的规则验证数字证书有效性时,解析出数字证书中的证书链,从而根据证书链验证数字证书有效性,即可以通过证书链确定证书签名未被篡改。当然,还可根据移动终端浏览器中的根证书确定数字证书中的设备证书受信任,以及确定便携式服务器的互联网协议地址(Internet Protocol Address,IP)与数字证书中的地址匹配等。其中,在根据移动终端浏览器中的根证书确认数字证书中的设备证书受信任之前,可将设备证书预置于移动终端浏览器中的根证书中,配置为便于验证设备证书是受信任的。并且,便携式服务器在第一次连接局域网时,获取便携式服务器中预存的设备证书,并调用便携式服务器的设备私钥,根据设备证书生成一个特殊的证书链。便携式服务器可通过调用设备私钥根据设备证书生成数字证书,而避免向证书颁发机构(CA,Certificate Authority)申请数字证书并支付相关费用,从而降低便携式服务器的生产成本。并且可在数字证书中嵌入证书链,设置为在移动终端的浏览器中根据证书链验证数字证书的有效性,配置为达到移动终端的浏览器可以正常识别数字证书的目的。When verifying the validity of the digital certificate in accordance with the new rules, the certificate chain in the digital certificate is parsed, and the validity of the digital certificate is verified according to the certificate chain, that is, the certificate chain can be used to determine that the certificate signature has not been tampered with. Of course, the root certificate in the browser of the mobile terminal can also be used to determine that the device certificate in the digital certificate is trusted, and to determine the Internet protocol address of the portable server (Internet Protocol Address, IP) matches the address in the digital certificate, etc. Among them, before confirming that the device certificate in the digital certificate is trusted according to the root certificate in the mobile terminal browser, the device certificate can be preset in the root certificate in the mobile terminal browser and configured to facilitate verification that the device certificate is trusted . In addition, when the portable server connects to the local area network for the first time, it obtains the device certificate pre-stored in the portable server, calls the device private key of the portable server, and generates a special certificate chain based on the device certificate. The portable server can generate a digital certificate based on the device certificate by calling the private key of the device, and avoid submitting the certificate to the certification authority (CA, Certificate). Authority) apply for digital certificates and pay related fees, thereby reducing the production cost of portable servers. In addition, a certificate chain can be embedded in the digital certificate, and it can be set to verify the validity of the digital certificate according to the certificate chain in the browser of the mobile terminal, and it can be configured to achieve the purpose that the browser of the mobile terminal can recognize the digital certificate normally.
步骤S80,确定所述数字证书有效,根据所述数字证书加密所述移动终端的密钥。Step S80: It is determined that the digital certificate is valid, and the key of the mobile terminal is encrypted according to the digital certificate.
在本实施例中,移动终端在验证数字证书有效时,根据验证有效的数字证书加密移动终端的密钥,配置为将加密后的密钥发送至便携式服务器,从而实现根据密钥进行数据加密传输的目的。其中,移动终端的密钥可由在移动终端中随机生成并进行存储。In this embodiment, when the mobile terminal verifies that the digital certificate is valid, it encrypts the key of the mobile terminal according to the verified digital certificate, and is configured to send the encrypted key to the portable server, thereby realizing data encryption transmission based on the key the goal of. Among them, the key of the mobile terminal can be randomly generated and stored in the mobile terminal.
在本实施例公开的技术方案中,在接收到便携式服务器发送的数字证书时,验证数字证书的有效性,并在数字证书有效时,反馈密钥至便携式服务器,从而保证移动终端与便携式服务器之间数据传输的安全性。In the technical solution disclosed in this embodiment, when the digital certificate sent by the portable server is received, the validity of the digital certificate is verified, and when the digital certificate is valid, the key is fed back to the portable server, so as to ensure the communication between the mobile terminal and the portable server. The security of data transmission between.
此外,本申请实施例还提出一种物联网设备的管理装置,所述物联网设备的管理装置包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的数据的传输方法程序,所述数据的传输方法程序被所述处理器执行时实现如上各个实施例所述的数据的传输方法的步骤。In addition, an embodiment of the present application also proposes a management device for Internet of Things equipment. The management device for Internet of Things equipment includes: a memory, a processor, and a data storage device that is stored on the memory and can run on the processor. The transmission method program, when the data transmission method program is executed by the processor, implements the steps of the data transmission method described in each of the above embodiments.
可选地,所述物联网设备的管理装置为便携式服务器或移动终端。Optionally, the management device of the Internet of Things device is a portable server or a mobile terminal.
可选地,便携式服务器集成于系统级芯片中,所述系统级芯片内置于所述物联网设备。Optionally, the portable server is integrated in a system-on-chip, and the system-on-chip is built in the Internet of Things device.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者系统不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者系统所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者系统中还存在另外的相同要素。It should be noted that in this article, the terms "include", "include" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, article or system including a series of elements not only includes those elements, It also includes other elements that are not explicitly listed, or elements inherent to the process, method, article, or system. Without more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the process, method, article, or system that includes the element.
上述本申请实施例序号仅仅为了描述,不代表实施例的优劣。The serial numbers of the foregoing embodiments of the present application are only for description, and do not represent the superiority or inferiority of the embodiments.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在如上所述的一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiments can be implemented by means of software plus the necessary general hardware platform. Of course, it can also be implemented by hardware, but in many cases the former is better.的实施方式。 Based on this understanding, the technical solution of this application essentially or the part that contributes to the existing technology can be embodied in the form of a software product, and the computer software product is stored in a storage medium (such as ROM/RAM) as described above. , Magnetic disks, optical disks), including several instructions to make a terminal device (which can be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the method described in each embodiment of the present application.
以上仅为本申请的优选实施例,并非因此限制本申请的专利范围,凡是利用本申请说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本申请的专利保护范围内。The above are only the preferred embodiments of the application, and do not limit the scope of the patent for this application. Any equivalent structure or equivalent process transformation made using the content of the description and drawings of the application, or directly or indirectly applied to other related technical fields , The same reason is included in the scope of patent protection of this application.

Claims (14)

  1. 一种物联网设备的管理方法,其中,应用于便携式服务器,所述便携式服务器与所述物联网设备通过数据传输接口连接,所述物联网设备的管理方法包括以下步骤: A method for managing the Internet of Things device, which is applied to a portable server, and the portable server is connected to the Internet of Things device through a data transmission interface. The method for managing the Internet of Things device includes the following steps:
    确定接收到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面;It is determined that the access instruction of the mobile terminal is received, and the portable server feeds back the setting interface to the mobile terminal;
    接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密;以及After receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypt the encrypted setting data; and
    将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The decrypted setting data is sent to the Internet of Things device connected to the portable server, and the Internet of Things device is configured to perform Internet of Things settings according to the decrypted setting data.
  2. 如权利要求1所述的物联网设备的管理方法,其中,所述便携式服务器向所述移动终端反馈设置界面的步骤包括:The method for managing the Internet of Things device according to claim 1, wherein the step of feeding back a setting interface by the portable server to the mobile terminal comprises:
    所述便携式服务器将所述便携式服务器存储的数字证书发送至所述移动终端,其中,所述移动终端根据所述数字证书加密所述移动终端的密钥,并将加密后的密钥发送至所述便携式服务器;The portable server sends the digital certificate stored in the portable server to the mobile terminal, wherein the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and sends the encrypted key to the mobile terminal. The portable server;
    根据所述数字证书解密接收到的所述加密后的密钥,并存储解密得到的密钥,其中,通过存储的所述密钥对所述已加密的设置数据进行解密;以及Decrypt the received encrypted key according to the digital certificate, and store the decrypted key, wherein the encrypted setting data is decrypted by the stored key; and
    根据存储的所述密钥加密所述设置界面,并将加密后的设置界面发送至所述移动终端。Encrypting the setting interface according to the stored key, and sending the encrypted setting interface to the mobile terminal.
  3. 如权利要求2所述的物联网设备的管理方法,其中,所述数字证书为安全套接层证书。3. The method for managing IoT devices according to claim 2, wherein the digital certificate is a secure socket layer certificate.
  4. 如权利要求2所述的物联网设备的管理方法,其中,所述便携式服务器将所述便携式服务器存储的数字证书发送至所述移动终端的步骤之前,所述物联网设备的管理方法还包括:3. The method for managing the Internet of Things device according to claim 2, wherein before the step of the portable server sending the digital certificate stored in the portable server to the mobile terminal, the method for managing the Internet of Things device further comprises:
    确定所述便携式服务器第一次连接局域网,获取所述便携式服务器的设备证书;Determine that the portable server is connected to the local area network for the first time, and obtain the device certificate of the portable server;
    调用所述便携式服务器的设备私钥根据所述设备证书生成证书链;以及Invoking the device private key of the portable server to generate a certificate chain based on the device certificate; and
    调用所述设备私钥根据所述证书链和所述设备证书生成所述数字证书,并存储所述数字证书。Invoking the device private key to generate the digital certificate according to the certificate chain and the device certificate, and storing the digital certificate.
  5. 如权利要求4所述的物联网设备的管理方法,其中,所述根据所述证书链、所述设备证书和所述设备私钥生成所述数字证书的步骤包括:The method for managing the Internet of Things device according to claim 4, wherein the step of generating the digital certificate according to the certificate chain, the device certificate, and the device private key comprises:
    获取所述便携式服务器对应的预设标识;以及Obtaining a preset identifier corresponding to the portable server; and
    调用所述设备私钥根据所述预设标识、所述证书链和所述设备证书生成所述数字证书。Invoking the device private key to generate the digital certificate according to the preset identifier, the certificate chain, and the device certificate.
  6. 如权利要求1所述的物联网设备的管理方法,其中,所述便携式服务器向所述移动终端反馈设置界面的步骤之前,还包括:The method for managing the Internet of Things device according to claim 1, wherein before the step of feeding back the setting interface of the portable server to the mobile terminal, the method further comprises:
    获取与所述物联网设备对应的设置界面。Acquire a setting interface corresponding to the Internet of Things device.
  7. 一种物联网设备的管理方法,其中,应用于移动终端,所述物联网设备的管理方法包括以下步骤:A method for managing the Internet of Things equipment, wherein, applied to a mobile terminal, the method for managing the Internet of Things equipment includes the following steps:
    确定检测到用户触发的访问指令,将所述访问指令发送至便携式服务器,其中,所述便携式服务器与所述物联网设备通过数据传输接口连接;Determining that an access instruction triggered by a user is detected, and sending the access instruction to a portable server, where the portable server and the Internet of Things device are connected through a data transmission interface;
    确定接收到所述便携式服务器反馈的设置界面,显示所述设置界面,并根据所述用户基于所述设置界面的操作获取设置数据;以及Determine the setting interface that receives feedback from the portable server, display the setting interface, and obtain setting data according to the user's operation based on the setting interface; and
    对所述设置数据进行加密,并将已加密的设置数据反馈给所述便携式服务器,其中,所述便携式服务器对所述已加密的设置数据进行解密,并将解密后的设置数据发送至连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The setting data is encrypted, and the encrypted setting data is fed back to the portable server, wherein the portable server decrypts the encrypted setting data and sends the decrypted setting data to the connected The Internet of Things device is configured such that the Internet of Things device performs Internet of Things settings according to the decrypted setting data.
  8. 如权利要求7所述的物联网设备的管理方法,其中,所述物联网设备的管理方法还包括:8. The method for managing the Internet of Things device according to claim 7, wherein the method for managing the Internet of Things device further comprises:
    确定接收到所述便携式服务器发送的数字证书,根据所述数字证书加密所述移动终端的密钥,其中,所述设置数据通过所述密钥加密;以及Determine that the digital certificate sent by the portable server is received, and encrypt the key of the mobile terminal according to the digital certificate, wherein the setting data is encrypted by the key; and
    将加密后的密钥发送至所述便携式服务器,其中,所述便携式服务器根据所述数字证书解密接收到的所述加密后的密钥,并存储解密得到的密钥,通过存储的所述密钥对所述已加密的设置数据进行解密。The encrypted key is sent to the portable server, where the portable server decrypts the received encrypted key according to the digital certificate, and stores the decrypted key, and uses the stored secret The key decrypts the encrypted setting data.
  9. 如权利要求8所述的物联网设备的管理方法,其中,所述数字证书为安全套接层证书。8. The method for managing IoT devices according to claim 8, wherein the digital certificate is a secure socket layer certificate.
  10. 如权利要求8所述的物联网设备的管理方法,其中,所述物联网设备的管理方法还包括:The method for managing the Internet of Things device according to claim 8, wherein the method for managing the Internet of Things device further comprises:
    确定接收到所述便携式服务器发送的数字证书,根据所述数字证书中的证书链验证所述数字证书的有效性,其中,所述便携式服务器确定第一次连接局域网,调用所述便携式服务器的设备私钥根据设备证书生成所述证书链,调用所述设备私钥根据所述证书链和所述设备证书生成所述数字证书;以及It is determined that the digital certificate sent by the portable server is received, and the validity of the digital certificate is verified according to the certificate chain in the digital certificate. The portable server determines that it is connected to the local area network for the first time and calls the portable server's equipment The private key generates the certificate chain based on the device certificate, and calls the device private key to generate the digital certificate based on the certificate chain and the device certificate; and
    确定所述数字证书有效,根据所述数字证书加密所述移动终端的密钥。It is determined that the digital certificate is valid, and the key of the mobile terminal is encrypted according to the digital certificate.
  11. 如权利要求10所述的物联网设备的管理方法,其中,所述数字证书还包括预设标识,所述物联网设备的管理方法还包括:The method for managing the Internet of Things device according to claim 10, wherein the digital certificate further includes a preset identifier, and the method for managing the Internet of Things device further includes:
    确定接收到所述便携式服务器发送的数字证书,其中,所述便携式服务器调用所述设备私钥根据所述便携式服务器对应的预设标识、所述证书链和所述设备证书生成所述数字证书;以及Determining to receive the digital certificate sent by the portable server, wherein the portable server invokes the device private key to generate the digital certificate according to the preset identifier corresponding to the portable server, the certificate chain, and the device certificate; as well as
    确定所述数字证书中存在所述预设标识,执行所述根据所述数字证书中的证书链验证所述数字证书的有效性的步骤。It is determined that the preset identifier exists in the digital certificate, and the step of verifying the validity of the digital certificate according to the certificate chain in the digital certificate is executed.
  12. 一种物联网设备的管理装置,其中,所述物联网设备的管理装置包括:存储器、处理器及存储在所述存储器上并可在所述处理器上运行的数据的传输方法程序,所述数据的传输方法程序被所述处理器执行时实现以下步骤:A management device for the Internet of Things equipment, wherein the management device for the Internet of Things equipment includes: a memory, a processor, and a data transmission method program that is stored on the memory and can run on the processor. When the data transmission method program is executed by the processor, the following steps are implemented:
    确定接收到移动终端的访问指令,所述便携式服务器向所述移动终端反馈设置界面;It is determined that the access instruction of the mobile terminal is received, and the portable server feeds back the setting interface to the mobile terminal;
    接收所述移动终端通过所述设置界面反馈的已加密的设置数据后,对所述已加密的设置数据进行解密;以及After receiving the encrypted setting data fed back by the mobile terminal through the setting interface, decrypt the encrypted setting data; and
    将解密后的设置数据发送至所述便携式服务器连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置;Sending the decrypted setting data to the Internet of Things device connected to the portable server, and the Internet of Things device is configured to perform Internet of Things settings according to the decrypted setting data;
    或者,所述数据的传输方法程序被所述处理器执行时实现以下步骤:Or, when the program of the data transmission method is executed by the processor, the following steps are implemented:
    确定检测到用户触发的访问指令,将所述访问指令发送至便携式服务器,其中,所述便携式服务器与所述物联网设备通过数据传输接口连接;Determining that an access instruction triggered by a user is detected, and sending the access instruction to a portable server, where the portable server and the Internet of Things device are connected through a data transmission interface;
    确定接收到所述便携式服务器反馈的设置界面,显示所述设置界面,并根据所述用户基于所述设置界面的操作获取设置数据;以及Determine the setting interface that receives feedback from the portable server, display the setting interface, and obtain setting data according to the user's operation based on the setting interface; and
    对所述设置数据进行加密,并将已加密的设置数据反馈给所述便携式服务器,其中,所述便携式服务器对所述已加密的设置数据进行解密,并将解密后的设置数据发送至连接的所述物联网设备,被配置为所述物联网设备根据所述解密后的设置数据进行物联网设置。The setting data is encrypted, and the encrypted setting data is fed back to the portable server, wherein the portable server decrypts the encrypted setting data and sends the decrypted setting data to the connected The Internet of Things device is configured such that the Internet of Things device performs Internet of Things settings according to the decrypted setting data.
  13. 如权利要求12所述的物联网设备的管理装置,其中,所述物联网设备的管理装置为便携式服务器或移动终端。The device for managing the Internet of Things equipment according to claim 12, wherein the device for managing the Internet of Things equipment is a portable server or a mobile terminal.
  14. 如权利要求13所述的物联网设备的管理装置,其中,便携式服务器集成于系统级芯片中,所述系统级芯片内置于所述物联网设备。 The device for managing the Internet of Things device according to claim 13, wherein the portable server is integrated in a system-on-chip, and the system-on-chip is built in the Internet of Things device. To
PCT/CN2019/108202 2019-09-11 2019-09-26 Method and apparatus for managing internet of things device WO2021046926A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910874320.2 2019-09-11
CN201910874320.2A CN110505242A (en) 2019-09-11 2019-09-11 The management method of internet of things equipment, apparatus and system

Publications (1)

Publication Number Publication Date
WO2021046926A1 true WO2021046926A1 (en) 2021-03-18

Family

ID=68591989

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/108202 WO2021046926A1 (en) 2019-09-11 2019-09-26 Method and apparatus for managing internet of things device

Country Status (2)

Country Link
CN (1) CN110505242A (en)
WO (1) WO2021046926A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100318791A1 (en) * 2009-06-12 2010-12-16 General Instrument Corporation Certificate status information protocol (csip) proxy and responder
CN105791359A (en) * 2014-12-24 2016-07-20 慧贤网智有限公司 Internet of things system and data interaction method
CN108833101A (en) * 2018-09-28 2018-11-16 腾讯科技(深圳)有限公司 Data transmission method, internet of things equipment and the authentication platform of internet of things equipment
CN109347813A (en) * 2018-09-27 2019-02-15 广州邦讯信息系统有限公司 Internet of things equipment login method, system, computer equipment and storage medium
US20190123901A1 (en) * 2017-10-19 2019-04-25 Autnhive Corporation System and method for generating and depositing keys for multi-point authentication

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571804B (en) * 2012-01-20 2014-12-03 美的集团股份有限公司 Method for first logging in Internet of Things centre based on product identification code
CN105635174A (en) * 2016-02-03 2016-06-01 武汉天梯极客网络科技有限公司 Intelligent device sharing method
WO2018136059A1 (en) * 2017-01-19 2018-07-26 Nokia Technologies Oy IoT GATEWAY AND DESTINATION CLOUD SERVER
CN107094107A (en) * 2017-05-09 2017-08-25 捷开通讯(深圳)有限公司 Intelligent domestic system and control method, mobile terminal, with store function device
CN108600183A (en) * 2018-03-28 2018-09-28 湖南东方华龙信息科技有限公司 Target device control method
CN108833422A (en) * 2018-06-25 2018-11-16 无锡南理工科技发展有限公司 A kind of information sharing system based on Internet of Things

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100318791A1 (en) * 2009-06-12 2010-12-16 General Instrument Corporation Certificate status information protocol (csip) proxy and responder
CN105791359A (en) * 2014-12-24 2016-07-20 慧贤网智有限公司 Internet of things system and data interaction method
US20190123901A1 (en) * 2017-10-19 2019-04-25 Autnhive Corporation System and method for generating and depositing keys for multi-point authentication
CN109347813A (en) * 2018-09-27 2019-02-15 广州邦讯信息系统有限公司 Internet of things equipment login method, system, computer equipment and storage medium
CN108833101A (en) * 2018-09-28 2018-11-16 腾讯科技(深圳)有限公司 Data transmission method, internet of things equipment and the authentication platform of internet of things equipment

Also Published As

Publication number Publication date
CN110505242A (en) 2019-11-26

Similar Documents

Publication Publication Date Title
WO2020147383A1 (en) Process examination and approval method, device and system employing blockchain system, and non-volatile storage medium
WO2021003975A1 (en) Gateway interface test method, terminal device, storage medium and apparatus
WO2013025085A2 (en) Apparatus and method for supporting family cloud in cloud computing system
WO2014069783A1 (en) Password-based authentication method, and apparatus for performing same
WO2016169410A1 (en) Login method and device, server and login system
WO2015126124A1 (en) Method and device for transmitting and receiving authentication information in wireless communication system
WO2022102930A1 (en) Did system using browser-based security pin authentication and control method thereof
WO2011153714A1 (en) Method, device and system for supporting multiple international mobile subscriber identities (imsis)
WO2020224246A1 (en) Block chain-based data management method and apparatus, device and storage medium
WO2014008858A1 (en) Method for implementing cross-domain jump, browser, and domain name server
WO2015020360A1 (en) Method and device for registering and certifying device in wireless communication system
WO2018145357A1 (en) Email encryption method and system
WO2019024126A1 (en) Blockchain-based knowledge management method, and terminal and server
WO2020253120A1 (en) Webpage registration method, system and device, and computer storage medium
WO2018233352A1 (en) Data transmission method, device, terminal and computer-readable storage medium
WO2020186775A1 (en) Service data providing method, apparatus and device, and computer-readable storage medium
WO2013191325A1 (en) Method for authenticating trusted platform-based open id, and apparatus and system therefor
WO2018090481A1 (en) Method and system for verifying digital certificate of mobile terminal application
WO2021072881A1 (en) Object storage-based request processing method, apparatus and device, and storage medium
WO2012149717A1 (en) License dynamic management method, device and system based on tcm or tpm
WO2017111483A1 (en) Biometric data-based authentication device, control server and application server linked to same, and method for operating same
WO2019161598A1 (en) Method, apparatus and device for interacting instant messaging with mail, and storage medium
WO2017016272A1 (en) Method, apparatus and system for processing virtual resource data
WO2016126023A1 (en) Broadcast apparatus and method of authenticating broadcast data
WO2021020918A1 (en) Method for providing logical internal network, and mobile terminal and application for implementing same

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19945303

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19945303

Country of ref document: EP

Kind code of ref document: A1