WO2022217602A1

WO2022217602A1 - Method for establishing device binding relationship, and device

Info

Publication number: WO2022217602A1
Application number: PCT/CN2021/087878
Authority: WO
Inventors: 包永明; 茹昭
Original assignee: Oppo广东移动通信有限公司
Priority date: 2021-04-16
Filing date: 2021-04-16
Publication date: 2022-10-20
Also published as: CN116547961A

Abstract

A method for establishing a device binding relationship, and a device. The method comprises: a configuration side device obtaining identity information of a controlled device, and obtaining identity information of a control device, wherein the identity information of the controlled device is used to uniquely identify the controlled device, and the identity information of the control device is used to uniquely identify the control device; writing the identity information of the control device into an access control list (ACL) of the controlled device; and sending binding information to the control device, the binding information comprising a binding relationship between device information of the controlled device and device information of the control device, wherein the device information of the controlled device comprises the identity information of the controlled device, and the device information of the control device comprises the identity information of the control device.

Description

Method and device for establishing device binding relationship

technical field

The embodiments of the present application relate to the field of communications, and in particular, to a method and a device for establishing a device binding relationship.

Background technique

In some scenarios, different manufacturers may establish different fabric networks (or management platforms), and a configuration device with management authority in the management platform can configure or manage the devices in the management platform, such as for The device assigns the corresponding node ID (Node ID), and establishes the binding relationship between the devices through the Node ID of the device, but the Node ID assigned to the device by one management platform is invisible to other management platforms, that is, when the device Under other management platforms, the device cannot be effectively controlled based on the binding relationship, so how to realize the effective control of the device under different management platforms is an urgent problem to be solved.

SUMMARY OF THE INVENTION

The present application provides a method and device for establishing a device binding relationship, which can realize effective control of devices under different management platforms.

A first aspect provides a method for establishing a device binding relationship, which is applied to a configuration end of a first management platform, where the configuration end is used to establish a binding relationship between a controlled device and a control device, and the method includes:

Obtain the identity information of the controlled device, and obtain the identity information of the control device, wherein the identity information of the controlled device is used to uniquely identify the controlled device, and the identity of the control device information is used to uniquely identify the control device;

Writing the identity information of the controlling device into the access control list ACL of the controlled device;

Send binding information to the control device, where the binding information includes the binding relationship between the device information of the controlled device and the device information of the control device, wherein the device information of the controlled device includes the device information of the controlled device. The identity information of the controlled device, and the device information of the control device includes the identity information of the control device.

In a second aspect, a method for establishing a device binding relationship is provided, which is applied to a control device. The control device establishes a binding relationship between the control device and the controlled device through a configuration terminal of a first management platform. The method include:

receiving a second read request from the configuration terminal, where the second read request is used to obtain the identity information of the control device, and the identity information of the control device is used to uniquely identify the control device;

sending the identity information of the control device to the configuration terminal;

Receive the binding information sent by the configuration terminal, where the binding information includes the binding relationship between the device information of the controlled device and the device information of the control device, wherein the device information of the controlled device includes the device information of the controlled device. The identity information of the controlled device, and the device information of the control device includes the identity information of the control device.

In a third aspect, a method for establishing a device binding relationship is provided, which is applied to a controlled device, and the controlled device establishes a binding relationship between the control device and the controlled device through a configuration terminal of a first management platform, so that the The methods described include:

receiving a first read request from the configuration terminal, where the first read request is used to obtain the identity information of the controlled device, and the identity information of the controlled device is used to uniquely identify the control device;

sending the identity information of the controlled device to the configuration terminal;

Receive a first write request sent by the configuration terminal, where the first write request is used to write the identity information of the control device into the access control list ACL of the controlled device, where the control device The identity information is used to uniquely identify the control device.

In a fourth aspect, a configuration terminal device is provided, which is used to execute the method in the above-mentioned first aspect or each of its implementations. Specifically, the configuration terminal device includes a functional module for executing the method in the above-mentioned first aspect or each implementation manner thereof.

In a fifth aspect, a control device is provided for executing the method in the second aspect or each of its implementations.

Specifically, the network device includes functional modules for executing the methods in the second aspect or the respective implementation manners thereof.

In a sixth aspect, a controlled device is provided, including a processor and a memory. The memory is used to store a computer program, and the processor is used to call and run the computer program stored in the memory to execute the method in the third aspect or each of its implementations.

In a seventh aspect, a configuration terminal device is provided, including a processor and a memory. The memory is used for storing a computer program, and the processor is used for calling and running the computer program stored in the memory to execute the method in the above-mentioned first aspect or each implementation manner thereof.

In an eighth aspect, a control device is provided, including a processor and a memory. The memory is used to store a computer program, and the processor is used to call and run the computer program stored in the memory to execute the method in the second aspect or each of its implementations.

In a ninth aspect, a controlled device is provided, including a processor and a memory. The memory is used to store a computer program, and the processor is used to call and run the computer program stored in the memory to execute the method in the third aspect or each of its implementations.

In a tenth aspect, a chip is provided for implementing any one of the above-mentioned first to third aspects or the method in each implementation manner thereof.

Specifically, the chip includes: a processor for invoking and running a computer program from a memory, so that a device in which the device is installed executes any one of the above-mentioned first to third aspects or each of its implementations method.

In an eleventh aspect, a computer-readable storage medium is provided for storing a computer program, and the computer program causes a computer to execute the method in any one of the above-mentioned first aspect to the third aspect or each implementation manner thereof.

In a twelfth aspect, a computer program product is provided, comprising computer program instructions, the computer program instructions causing a computer to execute the method in any one of the above-mentioned first to third aspects or the implementations thereof.

A thirteenth aspect provides a computer program that, when run on a computer, causes the computer to perform the method of any one of the above-mentioned first to third aspects or the respective implementations thereof.

Through the above technical solutions, the embodiment of the present application adds identity information that is visible to different management platforms for the control device and the controlled device, that is, for different management platforms, it can be determined as the same device according to the identity information, Further write the identity information of the control device into the ACL information of the controlled device, and write the binding relationship based on the identity information of the control device and the identity information of the controlled device into the control device, which is beneficial to ensure different The management platform has the same understanding of the control parties, so that different management platforms can effectively control the equipment.

Description of drawings

FIG. 1 is a schematic structural diagram of a management platform provided by an embodiment of the present application.

FIG. 2 is a schematic interaction diagram of a method for establishing a device binding relationship according to an embodiment of the present application.

FIG. 3 is a schematic interaction diagram of another method for establishing a device binding relationship according to an embodiment of the present application.

Figure 4 is a schematic interaction diagram for adding another management platform to a node through one management platform.

Figure 5 is a schematic interaction diagram for establishing a CASE connection between a node and a management device.

FIG. 6 is a schematic block diagram of a configuration terminal device according to an embodiment of the present application.

Fig. 7 is a schematic block diagram of a control device provided according to an embodiment of the present application.

FIG. 8 is a schematic block diagram of a controlled device according to an embodiment of the present application.

FIG. 9 is a schematic block diagram of a communication device provided according to an embodiment of the present application.

FIG. 10 is a schematic block diagram of a chip provided according to an embodiment of the present application.

FIG. 11 is a schematic block diagram of a communication system provided according to an embodiment of the present application.

Detailed ways

The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, not all of the embodiments. With regard to the embodiments in the present application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.

FIG. 1 shows an exemplary structural diagram of a management platform 10 provided by an embodiment of the present application. The management platform 10 includes a Connected Home over IP Working Group (CHIP) device 12 , a platform cloud 14 and a configuration device 18 under the Zigbee alliance. The configuration device 18 can act as an administrator (Admin) in the management platform 10 .

In some scenarios, such as the Internet of Things field, different manufacturers can establish different management platforms, or different fabric networks (Fabrics), and configure one or more CHIP devices in the same Fabric through the configuration device 18 in the management platform. For management or control, for example, the configuration device 18 may establish binding relationships of different CHIP devices under the same Fabric, or configure the operation authority of the CHIP devices, and the like.

For example, the Apple Home APP can be used as one management platform, and the Google Home APP can be another management platform.

Each CHIP device 12 in the management platform can be regarded as a node, and the CHIP device 12 can access the management platform through the configuration device 18 . The configuration device 18 is operable by the user to configure the device accessing the management platform. For example, a user can use an application (Application) to control the device accessing the management platform.

In some embodiments, the CHIP device 12 is a smart device (such as virtual reality (Virtual Reality, VR) glasses, a smart wearable device, etc.), a terminal device, or other device with network access capability, which is an embodiment of the present application. This is not limited.

In an example, in a scenario where the CHIP device is applied to a smart home life, the CHIP device 12 may be smart home devices such as smart TVs, smart speakers, smart air conditioners, smart lights, smart doors and windows, smart curtains, smart sockets, and smart switches.

Optionally, the number of CHIP devices 12 is one, or the number of CHIP devices 12 is multiple, which is not limited in this embodiment of the present application.

The platform cloud 14 is a cloud server corresponding to the configuration device 18 . The configuration device 18 is connected to the platform cloud 14 through a wired or wireless network. The platform cloud 14 may be a cloud computing resource pool in the field of cloud technology, and multiple types of virtual resources are deployed in the resource pool for external customers to choose and use. The cloud computing resource pool mainly includes: computing devices (which are virtualized machines, including operating systems), storage devices, and network devices. It can be an independent physical server, or a server cluster or distributed system composed of multiple physical servers, or it can provide cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communications, intermediate Cloud servers for basic cloud computing services such as software services, domain name services, security services, Content Delivery Network (CDN), and big data and artificial intelligence platforms.

In some embodiments, the configuration device 18 with administrator rights in the same Fabric can add a new management platform for CHIP devices under the Fabric, that is, add a new administrator (Admin). 4, the configuration terminal A under the management platform A adds the management platform B to the node under the management platform A as an example to describe the specific process of adding a new management platform. That is, add Admin B to the node through Admin A.

The configuration terminal A may be a configuration device with management authority of management platform A, such as application A, and the user may add management platform B to the node by operating application A.

As shown in Figure 4, the following steps may be included:

S401, the configuration terminal A determines to add a management platform B for the node;

For example, the user can add management platform B to the node by operating the configuration terminal A.

S402 , the configuration terminal A generates data required for device pairing for the management platform B, such as information such as a discriminator (Discriminator, D), a version identifier (ID), and a product ID.

S403, the configuration terminal A sends a pairing command request to the node, where the configuration command request carries configuration data and/or verification data.

For example, the configuration command request may include the following information: pairing timeout, Discriminator (for example, D=OPG), Password Authenticated Session Establishment (PASE) verification value (verifier) based on key authentication, PASE iteration count value (Iterator Count), PASE salt value (Salt).

S404, the node returns the request status to the configuration terminal A.

The request status is used to indicate whether the node successfully initiates pairing.

S405, the node publishes a Domain Name System (Domain Name System, DNS) service discovery (Service Discovery).

Optionally, the data published by the DNS-DS includes Discriminator information, where D=OPG.

S406, the configuration terminal A generates a manufacturer paring code (Manufacture Paring Code) or a QR code corresponding to the node according to the data (such as OPG and other data) published by the DNS-DS, and shares it with the configuration terminal B of the configuration platform B.

S407, the configuration terminal B obtains the manufacturer paring code (Manufacture Paring Code) or the two-dimensional code.

For example, the user manually enters the Manufacture Paring Code or scans the QR code to obtain the node's OPG and other content.

Optionally, the user can obtain a manufacturer paring code (Manufacture Paring Code) or a QR code by operating application B, that is, the configuration terminal B can be application B.

S408, the configuration end B performs device discovery according to DNS-SD.

For example, the configuration end B can use D=OPG to search for the corresponding device, that is, to discover the node.

S409, after the configuration end B discovers the node, resolves the IP address or port number of the node.

S410, the configuration end B establishes a PASE connection with the node.

The configuration end B uses pakeid=OPG as the new PIN code (PIN Code), and the node verifies the validity of the OPG of the configuration end B through the PASE verifier.

S411, after the configuration end B establishes a PASE connection with the node, performs device authentication on the node.

S412, the node sends a certificate signing request (Certificate Signing Request, CSR) to the configuration terminal B, where the CSR includes the device authentication certificate, the device public key and signature and other related information, and the certification declaration (Certification Declaration, CD) information.

S413, the configuration end B performs device authentication according to the CSR pair of the node.

If the device is authenticated, a woven network identification (Fabric ID) is generated, for example, Fabric ID=FID-ABC.

S414, the configuration terminal B sends the CSR information of the node to the certificate authority (Certificate Authority, CA) (referred to as CA B) corresponding to the configuration platform B, for example, including the device certification certificate, device public key and signature and other related information and certification Declaration (Certification Declaration, CD) information.

S415, CA B generates an operation certificate (Operational Credential, OC or OpCred) according to the CSR information, and returns the OC and the root certificate (referred to as RC.B) corresponding to the configuration platform B to the configuration terminal B, wherein the OC includes interoperability Identifier (Operational Identifier, OpID) information and interoperability certificate (Operational Certificate, OpCert) information.

S416, the configuration terminal B returns configuration information to the node, wherein the configuration information includes: OC (including the Node ID (NodeID) information, FabricID information, and operation certificate information generated by the configuration terminal B for the node), RC.B root certificate, and the device defaults The access control list (Access Control List, ACL) information, OpID information.

S417, add information related to the configuration platform B in the paring table (Paring Table) of the node.

For example, create a Pairing Table: Admin-TB:[

Admin A:<OPID:FID-XYZ,NID-1234;OC-1234;ACL-1234>;

Admin B: <OPID:FID-ABC,NID-7890;OC-7890;ACL-7890>.

S418, add information related to the configuration platform B in the ACL of the Node.

For example, ACL-TB:[

ACL-1234: [<privilege,auth,subjects,targets>;<privilege,auth,subjects,targets>];

ACL-7890: [<privilege,auth,subjects,targets>;<privilege,auth,subjects,targets>]

].

After the configuration platform B is successfully added, a certificate authentication-based secure session establishment (Certificate Authenticated Session Establishment, CASE) connection between the node and the configuration terminal B can also be established.

It should be understood that, in this embodiment of the present application, the premise of establishing a CASE between the configuration end and the device is that the device has been successfully configured to the network, and the device and the configuration end are in the same network, that is, the two can communicate.

As shown in Figure 5, the following steps may be included:

S501, the configuration terminal B assigns a key ID (Key ID) to the node, for example, Key ID=K2.

Among them, the configuration terminal B plays the role of the controller, and the node is a CHIP device.

S502, the configuration end B sends a SigmaR1 data request to the node, carrying the data root ID (for example, RootID-2) and K2.

S503 , after the node receives the SigmaR1 request, it searches for the OpCert information matching it through RootID-2, and finds the certificate information of the node corresponding to the configuration platform B.

S504, node allocation Key ID=K12-2;

S505, the node returns a SigmaR2 message to the configuration terminal B, carrying data (OC-7890, representing the operation certificate corresponding to the Node and the configuration platform B, NID-7890 representing the Node ID allocated by the configuration platform B for the node, K12-2);

S506, configure end B to map the CASE session (Session), and establish a <K2, OPID:{FID-ABC,NID-7890}>:<K12-2,Admin B,Session key> mapping table;

S507, the configuration terminal B sends a SigmaR3 message to the node, carrying data (OC-2, which represents the certificate information of the controller);

S508, the node maps the CASE session, and establishes the <K12-2, OPID:{FID-ABC,NID-2}>:<K2,Admin B,Session key> mapping table.

In subsequent data transmission, the configuration terminal B uses K2 to encrypt the data when sending messages to the node, the node uses K2 to decrypt the data, the node uses K12-2 encryption when sending messages to the configuration terminal B, and the controller uses K2-2 to decrypt.

In some scenarios, the configuration end of the management platform may establish a binding relationship between two devices accessing the management platform. For example, the configuration end may write the binding relationship into the control device, and the binding relationship is the control device The binding relationship between the Node ID of the control device and the Node ID of the controlled device, wherein the Node ID of the control device and the Node ID of the controlled device are the IDs allocated by the management platform for the control device and the controlled device, and are not applicable to other management platforms. It can be seen that other management platforms cannot identify the corresponding device according to the Node ID assigned by the management platform. Therefore, when both devices are under other management platforms, the other management platform cannot effectively control the controlled device based on the binding relationship.

In view of this, an embodiment of the present application provides a method for establishing a device binding relationship, by configuring the device with identity information that is visible to different management platforms, and further establishing a binding relationship between the two through the identity information of the device, In this way, even if the controlled device and the control device are under other management platforms than the management platform that establishes the binding relationship, the control device can effectively control the controlled device.

FIG. 2 is a schematic interaction diagram of a method for establishing a device binding relationship according to an embodiment of the present application. As shown in FIG. 2 , the method 200 may include at least some of the following contents:

S201, the configuration terminal obtains the identity information of the controlled device, and the identity information of the controlled device is used to uniquely identify the controlled device;

S202, the configuration end acquires the identity information of the control device, where the identity information of the control device is used to uniquely identify the control device.

In some embodiments of the present application, the configuration terminal is the configuration terminal or the control terminal of the first management platform, that is, the first management platform can configure or control the device connected to the first management platform through the configuration terminal, for example, configure The operation authority of the device, the establishment of the binding relationship of the device, etc.

Optionally, the configuration terminal may be an application on the first management platform, or a terminal device on which the application is installed, such as a mobile phone, a tablet computer, a computer, a wearable device, etc., which is not limited in this application. For example, the user can configure the device by operating the application A of the first management platform, for example, configure the binding relationship between the devices, the operation authority of the device, and the like. That is, the application A can serve as the configurator of the first management platform.

In some embodiments, the controlling device may be a CHIP device, and the controlled device may also be a CHIP device. For example, the control device is a switching device, and the controlled device is a light device.

In some embodiments, the controlling device and the controlled device are devices that access the first management platform, for example, the controlling device and the controlled device may use a wireless fidelity access point (Wireless Fidelity Access Point). , WiFi) network or Bluetooth (Bluetooth) network to access the first management platform.

That is to say, the paring table of the controlling device includes relevant information of the first management platform, the ACL of the controlling device includes relevant information of the first management platform, and the controlled device includes relevant information of the first management platform. The pairing list (Paring Table) of the device includes the relevant information of the first management platform, the Access Control List of the controlled device, and the ACL include the relevant information of the first management platform.

In some embodiments of the present application, the configuration terminal may obtain the identity information of the control device, or obtain other information of the control device, such as a Fabric list, when a CASE connection is established with the control device. information, Interoperable Identity Identifier (OpID) information, etc.

In some embodiments of the present application, the configuration terminal may obtain the identity information of the controlled device, or obtain other information of the controlled device, when a CASE connection is established with the controlled device, For example, Fabric list information, OpID information, etc.

The identification information in the embodiments of the present application is identification information that can be recognized by different management platforms, and different management platforms can determine which device corresponds to the identification information according to the identification information. That is, for different management platforms, The identity information of the controlling device and the controlled device are the same, so that any management platform that has management authority over the device can configure or control the device based on the identity information of the device.

In some embodiments, the management platform with management rights to the device includes the management platform in the ACL of the device, or the management platform in the pairing list.

Optionally, in some embodiments, the identification information of the device may be a 64-bit integer value, or other identification information that can uniquely identify the device, which is not limited in this application.

In some embodiments of the present application, the identification information of the device can be changed. For example, a management platform with the right to modify the identification information can be set up, and the configuration end of the management platform can modify the identification information of the device. After the identification information of the device is obtained, the configuration end of the management platform can notify other management platforms of the device, so that the other management platforms can obtain the modified identification information of the device.

In some embodiments of the present application, after acquiring the identity information of the device, the configuration terminal can store the identity information of the device. When a binding relationship between the device and other devices needs to be established, it is not necessary to obtain the device from the device again. The identification information of the device, or, when the identification information of the device is changed, the identification information of the device is obtained again.

In some embodiments of the present application, the identity information of the controlled device may be stored in a cluster (cluster) of the controlled device. For example, it is stored in the first cluster of the first endpoint (ep) of the controlled device. The first endpoint may be ep0, ep1, or other eps, and the first cluster may be a basic cluster (basic cluster), a dedicated cluster for carrying identity information, or other clusters.

In some embodiments of the present application, the identity information of the control device may be stored in a cluster (cluster) of the control device. For example, stored in the second cluster of the second endpoint of the control device. Wherein, the second endpoint may be ep0, ep1, or other eps, and the second cluster may be a basic cluster (basic cluster), a dedicated cluster for carrying identity information, or other clusters.

In some embodiments of the present application, the S201 may include:

The configuration terminal sends a first read request to the controlled device, where the first read request includes storage path information of the identity information of the controlled device on the controlled device;

Receive the identity information of the controlled device returned by the controlled device.

In some embodiments of the present application, the S202 may include:

The configuration terminal sends a second read request to the control device, where the second read request may include storage path information of the identity information of the control device;

Receive the identity information of the control device returned by the control device.

It should be understood that the embodiment of the present application does not limit the sequence in which the configuration terminal obtains the identification information of the control device and the controlled device. For example, the identity information of the controlled device is obtained first, and then the identity information of the control device is obtained, or the identity information of the control device is obtained first, and then the identity information of the controlled device is obtained, or the control device and the control device are obtained at the same time. Identity information of the controlled device, etc.

In some embodiments of the present application, the configuration end may acquire the identity information of the controlled device after acquiring the woven network list information and the interoperability identification information of the controlled device.

In some embodiments, the configuration end may send a request for obtaining the fabric network list to the controlled device to obtain the fabric list of the controlled device. Assuming that the storage path of the weave list of the controlled device is: ep0/opcred-cluster/fabric_list, the configuration end can send the following read request to the controlled device: Read: ep0/opcred-cluster/fabric_list to obtain the information of the controlled device. Weave the network list.

Further, the controlled device may return the information of the woven network list to the configuration terminal, wherein the woven network list includes the information of the management platform of the controlled device, for example, the management platform that has the management authority to the controlled device, or , all the management platforms that have been added on the controlled device, etc.

In some embodiments, the configuration end may send an interoperability identity acquisition request to the controlled device to acquire the OpID of the controlled device. Assuming that the storage path of the interoperable identity of the controlled device is: ep0/opcred-cluster/opid_list, the configuration end can send the following read request to the controlled device: Read: ep0/opcred-cluster/opid_list to obtain the controlled device A list of interoperable identities for the device.

Further, the controlled device may return OpID list information to the configuration terminal, where the OpID list includes the OpID allocated to the controlled device by the management platform of the controlled device.

In some embodiments of the present application, the configuration end may acquire the identity information of the control device after acquiring the woven network list information and the interoperability identity information of the control device.

In some embodiments, the configuration end may send a request for obtaining the fabric network list to the control device to obtain the fabric list of the control device. Assuming that the storage path of the woven network list of the control device on the control device is: ep0/opcred-cluster/fabric_list, the configuration end can send the following read request to the control device: Read: ep0/opcred-cluster/fabric_list request to obtain A list of braided nets that control the device.

Further, the control device may return the information of the braided network list to the configuration terminal, wherein the braided network list includes the information of the management platform of the control device, for example, the management platform that has the management authority for the control device, or the Control all management platforms and more that have been added on the device.

In some embodiments, the configuration end may send an interoperability identity identification acquisition request to the control device to obtain the OpID of the controlled device. It is assumed that the storage path of the OpID list of the control device on the control device is: ep0/opcred-cluster/opid_list, Then, the configuration end can send the following read request to the control device: Read: ep0/opcred-cluster/opid_list request to obtain the list of interoperability identities of the control device.

Further, the control device may return OpID list information to the configuration terminal, where the OpID list includes the OpID allocated to the control device by the management platform of the control device.

In this embodiment of the present application, continuing to refer to FIG. 2 , the method 200 further includes:

S203: The configuration end writes the identity information of the controlling device into the ACL of the controlled device.

For example, the configuration terminal can add operation permissions for the control device on the controlled device.

In some embodiments of the present application, the S203 may include:

The configuration end may send a first write request to the controlled device, where the first write request is used to write the identity information of the controlling device into the ACL of the controlled device.

In some embodiments, the first write request may include the storage path of the ACL of the controlled device and the identity information of the controlling device.

In some embodiments, the configuration end may write the identity information of the controlling device into the control source list (Subject) of the ACL of the controlled device. That is, the first write request is used to write the identity information of the controlling device into the Subject in the ACL of the controlled device.

Optionally, in some embodiments, the configuration terminal may also write the Node ID information of the controlling device into the Subject of the ACL of the controlled device, wherein the Node ID of the controlling device is that the first management platform is the control device. The Node ID assigned by the device, the Node ID is only visible to the first management platform, and other management platforms cannot identify which physical device corresponds to the Node ID.

For example, the first write request may also include the Node ID of the control device.

Taking the control device as the switch device, the controlled device as the lamp device, and the first management platform as Admin A as an example to illustrate the specific implementation of writing ACL.

Assuming that the storage path of the ACL of the light device on the light device is ep0/ACL-cluster/ACLEntry, the identity information of the switch device is DID-2, and the Node ID assigned by Admin A to the switch device is NID-1234, then the configuration end can Send the following write request to the light device to add operation permissions for the switch device on the light device: write:ep0/ACL-cluster/ACLEntry, the written data is: admin=Admin A,privilege=operate,AuthMode=CASE,Subject =[<NID-1234:DID-2>,],target=[ep2,on/off cluster], where privilege represents the permission level, target represents the target cluster list, and Subject represents the target control device list, that is, it can control the control A list of devices for the device.

S204: Send binding information to the control device, where the binding information includes a binding relationship between the device information of the controlled device and the device information of the control device, wherein the device information of the controlled device It includes the identification information of the controlled device, and the device information of the controlling device includes the identification information of the controlling device.

Since the identification information of the device can uniquely identify the device, different management platforms can identify which device is controlled according to the identification information. Therefore, establishing a binding relationship based on the identity information of the device is beneficial to ensure that different management platforms have a consistent understanding of the binding relationship.

In some embodiments of the present application, the binding relationship may be a binding relationship between the identity information of the controlling device and the identity information of the controlled device.

In some embodiments of the present application, the S204 may include:

The configuration end may send a second write request to the controlled device, where the second write request is used to request to write the binding information to the control device.

In some embodiments, the second write request may include a retransmission path of the binding information list of the control device on the control device and the binding information.

In other embodiments of the present application, the device information of the controlled device further includes the OpId of the controlled device, and the device information of the controlling device further includes the OpId of the controlling device, then the controlling device and the controlled device The binding relationship of the controlling device may be embodied as a binding relationship between the OpId of the controlling device and the identity information and the OpId of the controlled device and the identity information.

In some embodiments, the OpID of the controlled device includes a Node ID allocated to the controlled device by the first management platform and a Fabric Identify (FID) of the first management platform.

In some embodiments, the OpID of the control device includes the Node ID allocated to the control device by the first management platform and the FID of the first management platform.

Taking the control device as the switch device, the controlled device as the lamp device, and the first management platform as Admin A as an example, the specific implementation of establishing the binding relationship is described.

Assume that the FID of Admin A is FID-XYZ, the identification information of the switchgear is DID-2, the identification information of the lamp device is DID-1, the Node ID assigned by Admin A to the switchgear is NID-1234, and Admin A is the lamp If the Node ID assigned by the device is NID-ABCD, the configuration terminal can establish the following binding relationship for the switch device and the light device:

Binding-TB:(Local:Admin A,<OpID:FID-XYZ,NID-1234>:<DID-2>,ep2,OnOff Cluster)<->(Remote:Admin A,<OpID:FID-XYZ,NID -ABCD>:<DID-1>,ep2,On/Off Cluster).

In some embodiments of the present application, after the first management platform establishes the binding relationship between the control device and the controlled device through the configuration terminal, if the second management platform (Admin B) also establishes a binding between the control device and the controlled device relationship, the configuration end of the second management platform can first query the binding relationship list (or binding information list) in the control device to determine whether there is a binding relationship between the control device and the controlled device. If the binding relationship of the controlled device is established through the identity information, the binding relationship between the controlling device and the controlled device is not established, or the information of the second management platform can also be added to the binding relationship between the controlling device and the controlled device. .

For example, in the foregoing example, the binding information of the controlling device and the controlled device can be updated as:

Binding-TB:(Local:Admin A&Admin B,<OpID:FID-XYZ,NID-1234>:<DID-2>,ep2,OnOff Cluster)<->(Remote:Admin A&Admin B,<OpID:FID-XYZ , NID-ABCD>:<DID-1>,ep2,On/Off Cluster).

In some embodiments of the present application, the configuration end sends the binding information to the control device in the case of receiving the first state information replied by the controlled device, where the first state information is used for Instructing the configuration end to successfully write the identity information of the controlling device into the ACL of the controlled device.

That is, the configuration end writes the binding information to the control device when the identity information of the control device is successfully written into the ACL of the controlled device.

In some embodiments of the present application, the configuration end sends the binding information to the controlling device in the case that the binding relationship between the controlled device and the controlling device is not saved on the controlling device.

For example, before writing binding information to the control device, the configuration end first sends a binding information acquisition request to the control device. Assuming that the binding information list of the control device is stored in the path ep1/binding-cluster/binding_tb, the configuration end can Send the following read request to the control device: Read:ep1/binding-cluster/binding_tb to obtain the binding information list of the control device, and further, the control device can return the binding information list to the configuration end.

After obtaining the binding information list, the configuration end can determine whether there is binding information between the controlling device and the controlled device in the binding information list, if there is no binding relationship between the two, or if there is binding information, but The binding information is established with the Node ID of the device, and the binding information established according to the identification information of the device is sent to the control device.

Optionally, after the configuration end writes the binding information to the control device, the control device may send second state information to the configuration end, where the second state information is used to indicate whether the binding information is successfully set.

In some embodiments of the present application, the configuration end successfully writes the identity information of the control device into the ACL of the controlled device, and the configuration end successfully writes binding information to the control device, that is, the first state information indicates that the configuration end The identity information of the controlling device is successfully written into the ACL of the controlled device, and the second state information is used to indicate that the binding information is set successfully, and it can be considered that the binding between the controlling device and the controlled device is successful. The relationship is established successfully.

In some embodiments of the present application, the configuration end fails to write the identity information of the control device into the ACL of the controlled device, or the configuration end fails to write binding information to the control device, that is, the first state information indicates that the configuration end If the identity information of the controlling device fails to be written into the ACL of the controlled device, or the second status information is used to indicate that the setting of the binding information fails, it can be considered that the binding between the controlling device and the controlled device fails. Relationship establishment failed.

Optionally, after the binding relationship between the controlling device and the controlled device is successfully established, the controlling device can control the controlled device under any management platform in the first Fabric list, where the first Fabric list The intersection or union of the fabric list of the controlling device and the fabric list of the controlled device may be included.

For example, the control device may search for the identity information corresponding to the OpID in the binding information list according to the OpID of the controlled device in combination with the binding information list, and further generate a control message according to the identity information of the controlled device, for example, The source address of the control message is set as the identity information of the controlling device, and the destination address is set as the identity information of the controlled device, and the control message is further sent to the controlled device.

To sum up, in this embodiment of the present application, by adding identity information to the device that is visible to different management platforms, that is, for different management platforms, it can be determined as the same device according to the identity information, and further based on the identity information. The binding relationship between the control device and the controlled device is beneficial to ensure that different management platforms have the same understanding of the control parties, so as to achieve effective control of the device.

With reference to FIG. 3 , the overall flow of the method for establishing a device binding relationship according to an embodiment of the present application is described by taking the control device as a switch device and the controlled device as a light device as an example.

Wherein, the identification information of the lamp device stored in the cluster of the lamp device is denoted as DID-1, and the identification information of the switch device stored in the cluster of the switch device is denoted as DID-2.

In this embodiment, the configuration terminal acts as a configurator of the management platform (Admin A) to establish the binding relationship between the switch device and the lamp device, that is, the configuration terminal acts as an intermediate configuration role for establishing the binding relationship between the switch device and the lamp device.

The Node ID assigned by Admin A to the switchgear is NID-1234, and the Node ID assigned by Admin A to the switchgear is NID-ABCD.

Before the configuration end communicates with the switch device and the light device, the configuration end has established a CASE session with the switch device and the light device. The specific process of establishing a CASE session refers to the relevant process in FIG. 5 , which is not repeated here for brevity.

As shown in Figure 3, the following steps may be included:

S301 , the configuration end acquires the fabric network (Fabric) list information of the lamp device.

For example, the configuration end can send a request to obtain the fabric network list to the controlled device. Assuming that the storage path of the fabric list of the controlled device is: ep0/opcred-cluster/fabric_list, the configuration end can send the following read request to the controlled device: Read: ep0/opcred-cluster/fabric_list to get the fabric network list of the controlled device.

S302, the light device returns the Fabric list of the light device to the configuration end.

For example, the Fabric list includes the information of the management platform of the light device, for example, the information of the management platform that has the management authority to the light device, or the information of all the management platforms that have been added on the light device, and so on.

S303 , the configuration end acquires the interoperability identification (OpID) information of the lamp device.

For example, the configuration end can send an OpID acquisition request to the light device. Assuming that the storage path of the OpID of the light device is: ep0/opcred-cluster/opid_list, the configuration end can send the following read request to the light device: Read: ep0/opcred- cluster/opid_list to get the OpID list information of the light device.

S304, the light device returns the OpID list information to the configuration terminal.

Optionally, the OpID list includes the OpIDs assigned to the lamp equipment by each management platform of the lamp equipment.

Optionally, the OpID of the light device may include the Node ID of the light device, and the FID of the management platform that assigns the Node Id.

S305, the configuration terminal obtains the identification information of the lamp device.

For example, the configuration end can send an identity identification acquisition request to the lamp device. Assuming that the storage path of the identification information of the lamp device is: ep-x/cluster-y/devid, the configuration end can send the following read request to the lamp device: Read : ep-x/cluster-y/did request to get the identity information of the lamp device.

Optionally, ep-x can be an ep of the light device, such as ep0, ep1 or other eps, and cluster-y can be, for example, a basic cluster, a dedicated cluster for storing DIDs, or other clusters. The application is not limited in this regard.

S306, the lamp device returns the identity information to the configuration terminal.

S307, the configuration end acquires the Fabric list information, OpID list information and identity information of the switch device in a similar manner as in S301-S306.

S308, the switch device returns the Fabric list information, the OpID list information and the identity information to the configuration end.

S309, the configuration end adds an operation authority for the switch device on the light device.

For example, the storage path of the ACL of the light device is ep0/ACL-cluster/ACLEntry, the configuration end can send the following write request to the light device to add the operation permission for the switch device on the light device: write:ep0/ACL-cluster/ACLEntry , the written data is: admin=Admin A, privilege=operate, AuthMode=CASE, Subject=[<NID-1234:DID-2>,], target=[ep2, on/off cluster].

S310, the light device returns a status of whether the ACL operation is successful to the configuration terminal. That is, whether the write operation in S309 is successful.

S311, the configuration end reads the binding information list of the switch device.

For example, if the binding information list of the switch device is stored in the path ep1/binding-cluster/binding_tb, the configuration end can send the following read request to the switch device: Read:ep1/binding-cluster/binding_tb to obtain the binding of the switch device list of information.

In some embodiments, the configuration terminal reads the binding information list of the switch device when the state in S310 is that the operation is successful.

S312, the switch device returns a binding information list to the configuration.

S313 , the configuration end queries whether the binding information of the light device and the switch device exists in the binding information list.

If it does not exist, or, there is binding information between the light device and the switch device, but the binding information is represented by the Node ID of the device, then perform the following steps to establish the binding relationship between the two through the identification information of the device. .

S314, the configuration end updates the binding information list to the switch device.

For example, if the binding information list of the switch device is stored in the path ep1/binding-cluster/binding_tb, the configuration end can send a write request to the switch device: Write:ep1/binding-cluster/binding_tb+updated binding information to update the switch A list of binding information for the device.

S315, the switch device returns to the configuration end whether the update binding information table column is set successfully.

If the binding information is updated successfully, the updated binding information can be expressed as:

It should be understood that the binding information in this embodiment of the present application may be established through the identification information of the device, or established through the OpID and identification information of the device.

In some embodiments, if the result of S315 is that the setting is successful, and the result of S310 is that the operation is successful, it is determined that the binding relationship between the light device and the switch device is established successfully.

In the case that the binding relationship between the light device and the switch device is successfully established, the light device and the switch device establish a CASE connection. Further switchgear can control the light device based on the CASE connection

S316, the switch device controls the light device according to the binding information list.

For example, when it is necessary to control a light device, the switch device can search for the identity information corresponding to the OpID in the binding information list according to the OpID of the light device in combination with the binding information list, and further send a control message to the light device, wherein, The source address of the control message is set to the identity information of the switch device, namely DID-2, and the destination address is set to the identity information of the lamp device, namely DID-1.

The method embodiments of the present application are described in detail above with reference to FIGS. 2 to 5 , and the device embodiments of the present application are described in detail below with reference to FIGS. 6 to 7 . It should be understood that the device embodiments and method embodiments correspond to each other, and are similar to each other. For the description, refer to the method embodiment.

FIG. 6 shows a schematic block diagram of a configuration terminal device 400 according to an embodiment of the present application. The management platform corresponding to the configuration terminal device 400 is the first management platform. As shown in FIG. 6 , the configuration terminal device 400 includes:

The communication unit 410 is configured to obtain the identity information of the controlled device and obtain the identity information of the control device, wherein the identity information of the controlled device is used to uniquely identify the controlled device, and the control device's identity information is used to uniquely identify the controlled device. The identity information is used to uniquely identify the control device;

Writing the identity information of the controlling device into the access control list ACL of the controlled device; and

In some embodiments of this application, the communication unit 410410 is further used for:

The identity information of the control device is written into the control source list in the ACL of the controlled device, where the control source list is used to store information of devices that can control the controlled device.

Write the node identification ID assigned by the first management platform to the control device into the control source list in the ACL of the controlled device, where the identification information of the control device is the same as the first management platform corresponds to the node ID assigned to the control device.

In some embodiments of the present application, the device information of the controlled device further includes the interoperability identifier of the controlled device, and the device information of the control device further includes the interoperability identifier of the control device;

The interoperability identifier of the controlled device includes the node ID allocated by the first management platform to the controlled device and the woven network identifier of the first management platform;

The interoperability identifier of the control device includes a node ID allocated to the control device by the first management platform and a woven network identifier of the first management platform.

In some embodiments of the present application, the communication unit 410 is further configured to:

In the case of receiving the first state information replied by the controlled device, the binding information is sent to the control device, wherein the first state information is used to indicate that the configuration end device is in the controlled device. The identity information of the control device is successfully written into the ACL of the control device.

If the binding relationship between the controlled device and the controlling device is not saved on the controlling device, the binding information is sent to the controlling device.

The identity information of the controlled device is acquired from the cluster of the controlled device.

sending a first read request to the controlled device, where the first read request includes a storage path of the identity information of the controlled device on the controlled device;

In some embodiments of the present application, the identity information of the controlled device is stored in a first cluster of the controlled device, where the first cluster is a basic cluster or is used to store the controlled device A dedicated cluster of identifying information.

The identification information of the control device is acquired from the cluster of the control device.

sending a second read request to the control device, where the second read request includes a storage path of the identity information of the control device on the control device;

In some embodiments of the present application, the identity information of the control device is stored in a second cluster of the control device, where the second cluster is a basic cluster or is used to store the identity of the control device A dedicated cluster of information.

In the case that the configuration terminal establishes a CASE connection based on a certificate authentication-based secure session with the controlled device, the identity information of the controlled device is acquired from the controlled device.

When the configuration end device establishes a CASE connection with the control device, the identity information of the control device is acquired from the control device.

Send a first write request to the controlled device, where the first write request includes the storage path of the ACL of the controlled device and the identity information of the controlling device.

In some embodiments of the present application, the first write request further includes a node ID allocated by the first management platform to the control device.

Send a second write request to the control device, where the second write request includes a storage path of the binding information list on the control device and the binding information.

Optionally, in some embodiments, the above-mentioned communication unit may be a communication interface or a transceiver, or an input/output interface of a communication chip or a system-on-chip. The aforementioned processing unit may be one or more processors.

It should be understood that the configuration terminal device 400 according to the embodiment of the present application may correspond to the configuration terminal or the configuration device in the method embodiment of the present application, and the above and other operations and/or functions of each unit in the configuration terminal device 400 are for the purpose of realizing The corresponding processes of the configuration terminal or the configuration device in the method embodiments shown in FIG. 2 to FIG. 5 are not repeated here for brevity.

FIG. 7 is a schematic block diagram of a control device according to an embodiment of the present application. The control device 500 of FIG. 7 includes:

The communication unit 510 is configured to receive a second read request from the configuration end of the first management platform, where the second read request is used to obtain the identity information of the control device, and the identity information of the control device is used to uniquely identify the the control equipment;

sending the identity information of the control device to the configuration terminal; and

Receive binding information sent by the configuration terminal, where the binding information includes the binding relationship between the device information of the controlled device and the device information of the controlling device, wherein the device information of the controlled device includes the device information of the controlled device Identity information of the control device, where the device information of the control device includes the identity information of the control device.

Wherein, the interoperability identity of the controlled device includes the node ID allocated by the first management platform to the controlled device and the woven network identity of the first management platform;

In some embodiments of the present application, the control device 500 further includes:

a processing unit, configured to generate a control message according to the binding information, wherein the source address of the control message is set to the identity message of the control device, and the destination address of the control message is set to the controlled device the identification message;

The communication unit 510 is further configured to: send the control message to the controlled device.

In some embodiments of the present application, the second read request includes a storage path of the identity information of the control device on the control device.

In some embodiments of the present application, the communication unit 510 is further configured to:

A second write request sent by the configuration terminal is received, where the second write request includes a storage path of the binding information list on the control device and the binding information.

It should be understood that the control device 500 according to the embodiment of the present application may correspond to the control device in the method embodiment of the present application, and the above-mentioned and other operations and/or functions of each unit in the control device 500 are for the purpose of realizing FIGS. 2 to 5 respectively. For the sake of brevity, the corresponding flow of the control device in the illustrated method embodiment will not be repeated here.

FIG. 8 is a schematic block diagram of a controlled device according to an embodiment of the present application. The controlled device 800 of FIG. 8 includes:

The communication unit 810 is configured to receive a first read request from the configuration end of the first management platform, where the first read request is used to obtain the identity information of the controlled device, and the identity information of the controlled device is used to uniquely identifying the control device;

Receive the identity information of the control device written by the configuration terminal into the access control list ACL of the controlled device, where the identity information of the control device is used to uniquely identify the control device.

In some embodiments of the present application, the communication unit 810 is further configured to:

Receive the identity information of the control device written by the configuration end into the control source list in the ACL of the controlled device, where the control source list is used to store the devices that can control the controlled device Information.

Receive the node identification ID assigned to the control device by the first management platform and written in the control source list in the ACL of the controlled device by the configuration end, wherein the identification information of the control device is the same as that of the control device. The first management platform corresponds to the node ID allocated to the control device.

receiving a control message sent by the control device, where the source address of the control message is the identity message of the control device, and the destination address of the control message is the identity message of the controlled device;

Return the control result to the control device.

In some embodiments of the present application, the identity information of the controlled device is stored in a first cluster of the controlled device, where the first cluster is a basic cluster or is used to store the controlled device A private cluster of identification information.

In some embodiments of the present application, the first read request includes a storage path of the identity information of the controlled device on the controlled device.

It should be understood that the controlled device 800 according to the embodiment of the present application may correspond to the control device in the method embodiment of the present application, and the above-mentioned and other operations and/or functions of the various units in the controlled device 800 are for the purpose of realizing FIGS. 2 to 2 , respectively. The corresponding flow of the controlled device in the method embodiment shown in FIG. 3 is not repeated here for brevity.

FIG. 9 is a schematic structural diagram of a communication device 600 provided by an embodiment of the present application. The communication device 600 shown in FIG. 9 includes a processor 610, and the processor 610 can call and run a computer program from a memory to implement the method in the embodiment of the present application.

Optionally, as shown in FIG. 9 , the communication device 600 may further include a memory 620 . The processor 610 may call and run a computer program from the memory 620 to implement the methods in the embodiments of the present application.

The memory 620 may be a separate device independent of the processor 610 , or may be integrated in the processor 610 .

Optionally, as shown in FIG. 9 , the communication device 600 may further include a transceiver 630, and the processor 610 may control the transceiver 630 to communicate with other devices, specifically, may send information or data to other devices, or receive other Information or data sent by a device.

Among them, the transceiver 630 may include a transmitter and a receiver. The transceiver 630 may further include antennas, and the number of the antennas may be one or more.

Optionally, the communication device 600 may specifically be the configuration terminal device in this embodiment of the present application, and the communication device 600 may implement the corresponding processes implemented by the configuration terminal device in each method in the embodiment of the present application. Repeat.

In some embodiments, the transceiver 630 in the communication device 600 may be configured to perform related operations of the communication unit 410 in the configuration terminal device 400 in FIG. 6 , which will not be repeated here for brevity.

Optionally, the communication device 600 may specifically be the control device of this embodiment of the present application, and the communication device 600 may implement the corresponding processes implemented by the control device in each method of the embodiment of the present application, which is not repeated here for brevity. .

In some embodiments, the transceiver 630 in the communication device 600 may be used to perform related operations of the communication unit 510 in the control device 500 in FIG. 7 , which are not repeated here for brevity.

Optionally, the communication device 600 may specifically be the controlled device in this embodiment of the present application, and the communication device 600 may implement the corresponding processes implemented by the controlled device in each method in the embodiment of the present application. Repeat.

In some embodiments, the transceiver 630 in the communication device 600 may be used to perform the related operations of the communication unit 810 in the controlled device 800 in FIG. 8 , which will not be repeated here for brevity.

FIG. 10 is a schematic structural diagram of a chip according to an embodiment of the present application. The chip 700 shown in FIG. 10 includes a processor 710, and the processor 710 can call and run a computer program from a memory, so as to implement the method in this embodiment of the present application.

Optionally, as shown in FIG. 10 , the chip 700 may further include a memory 720 . The processor 710 may call and run a computer program from the memory 720 to implement the methods in the embodiments of the present application.

The memory 720 may be a separate device independent of the processor 710 , or may be integrated in the processor 710 .

Optionally, the chip 700 may further include an input interface 730 . The processor 710 may control the input interface 730 to communicate with other devices or chips, and specifically, may acquire information or data sent by other devices or chips.

Optionally, the chip 700 may further include an output interface 740 . The processor 710 can control the output interface 740 to communicate with other devices or chips, and specifically, can output information or data to other devices or chips.

Optionally, the chip 700 may specifically be the configuration terminal device of the embodiment of the present application, and the chip 700 may implement the corresponding processes implemented by the configuration terminal device in each method of the embodiment of the present application. For the sake of brevity, details are not repeated here. .

In some embodiments, the input interface 730 and the output interface 740 in the chip 700 may be used to perform related operations of the communication unit 410 in the configuration terminal device 400 in FIG. 6 , which are not repeated here for brevity.

Optionally, the chip 700 may specifically be the control device of the embodiment of the present application, and the chip 700 may implement the corresponding processes implemented by the control device in each method of the embodiment of the present application, which is not repeated here for brevity.

In some embodiments, the input interface 730 and the output interface 740 in the chip 700 may be used to perform related operations of the communication unit 510 in the control device 500 in FIG. 7 , which are not repeated here for brevity.

Optionally, the chip 700 may specifically be the controlled device of the embodiment of the present application, and the chip 700 may implement the corresponding processes implemented by the controlled device in each method of the embodiment of the present application. For the sake of brevity, details are not repeated here. .

In some embodiments, the input interface 730 and the output interface 740 in the chip 700 may be used to perform related operations of the communication unit 810 in the controlled device 800 in FIG. 8 , which are not repeated here for brevity.

It should be understood that the chip mentioned in the embodiments of the present application may also be referred to as a system-on-chip, a system-on-chip, a system-on-chip, or a system-on-a-chip, or the like.

FIG. 11 is a schematic block diagram of a communication system 900 provided by an embodiment of the present application. As shown in FIG. 11 , the communication system 900 includes a configuration end device 910 , a control device 920 and a controlled device 930 .

Wherein, the configuration terminal device 910 can be used to implement the corresponding function implemented by the configuration terminal, the configuration device or the configuration terminal device in the above method, and the control device 920 can be used to implement the corresponding function implemented by the control device in the above method, The controlled device 930 may be used to implement the corresponding functions implemented by the controlled device in the above method, which is not repeated here for brevity.

It should be understood that the processor in this embodiment of the present application may be an integrated circuit chip, which has a signal processing capability. In the implementation process, each step of the above method embodiments may be completed by a hardware integrated logic circuit in a processor or an instruction in the form of software. The above-mentioned processor can be a general-purpose processor, a digital signal processor (Digital Signal Processor, DSP), an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), an off-the-shelf programmable gate array (Field Programmable Gate Array, FPGA) or other available Programming logic devices, discrete gate or transistor logic devices, discrete hardware components. The methods, steps, and logic block diagrams disclosed in the embodiments of this application can be implemented or executed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in conjunction with the embodiments of the present application may be directly embodied as executed by a hardware decoding processor, or executed by a combination of hardware and software modules in the decoding processor. The software modules may be located in random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers and other storage media mature in the art. The storage medium is located in the memory, and the processor reads the information in the memory, and completes the steps of the above method in combination with its hardware.

It can be understood that the memory in this embodiment of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory. Wherein, the non-volatile memory may be a read-only memory (Read-Only Memory, ROM), a programmable read-only memory (Programmable ROM, PROM), an erasable programmable read-only memory (Erasable PROM, EPROM), an electrically programmable read-only memory (Erasable PROM, EPROM). Erase programmable read-only memory (Electrically EPROM, EEPROM) or flash memory. Volatile memory may be Random Access Memory (RAM), which acts as an external cache. By way of illustration and not limitation, many forms of RAM are available, such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (Double Data Rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (Enhanced SDRAM, ESDRAM), synchronous link dynamic random access memory (Synchlink DRAM, SLDRAM) ) and direct memory bus random access memory (Direct Rambus RAM, DR RAM). It should be noted that the memory of the systems and methods described herein is intended to include, but not be limited to, these and any other suitable types of memory.

It should be understood that the above memory is an example but not a limitative description, for example, the memory in the embodiment of the present application may also be a static random access memory (static RAM, SRAM), a dynamic random access memory (dynamic RAM, DRAM), Synchronous dynamic random access memory (synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (double data rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (enhanced SDRAM, ESDRAM), synchronous connection Dynamic random access memory (synch link DRAM, SLDRAM) and direct memory bus random access memory (Direct Rambus RAM, DR RAM) and so on. That is, the memory in the embodiments of the present application is intended to include but not limited to these and any other suitable types of memory.

Embodiments of the present application further provide a computer-readable storage medium for storing a computer program.

Optionally, the computer-readable storage medium can be applied to the configuration terminal or the configuration terminal device in the embodiment of the present application, and the computer program enables the computer to execute the configuration terminal or the configuration terminal device in each method of the embodiment of the present application. For the sake of brevity, the corresponding process is not repeated here.

Optionally, the computer-readable storage medium can be applied to the control device in the embodiments of the present application, and the computer program enables the computer to execute the corresponding processes implemented by the control device in the various methods of the embodiments of the present application. For brevity, here No longer.

Optionally, the computer-readable storage medium can be applied to the controlled device in the embodiments of the present application, and the computer program enables the computer to execute the corresponding processes implemented by the controlled device in each method of the embodiments of the present application. For brevity, It is not repeated here.

Embodiments of the present application also provide a computer program product, including computer program instructions.

Optionally, the computer program product can be applied to the configuration terminal or the configuration terminal device in the embodiment of the present application, and the computer program instructions cause the computer to execute the corresponding configuration implemented by the configuration terminal or the configuration terminal device in each method of the embodiment of the present application. The process, for the sake of brevity, will not be repeated here.

Optionally, the computer program product can be applied to the control device in the embodiments of the present application, and the computer program instructions cause the computer to execute the corresponding processes implemented by the control device in each method of the embodiments of the present application. Repeat.

Optionally, the computer program product can be applied to the controlled device in the embodiments of the present application, and the computer program instructions cause the computer to execute the corresponding processes implemented by the controlled device in the various methods of the embodiments of the present application. This will not be repeated here.

The embodiments of the present application also provide a computer program.

Optionally, the computer program can be applied to the configuration terminal or the configuration terminal device in the embodiments of the present application. When the computer program is run on the computer, the computer program is executed by the configuration terminal or the configuration terminal in each method of the embodiments of the present application. For the sake of brevity, the corresponding process implemented by the device will not be repeated here.

Optionally, the computer program can be applied to the control device in the embodiments of the present application. When the computer program is run on the computer, the computer executes the corresponding processes implemented by the control device in each method of the embodiments of the present application. For the sake of brevity. , and will not be repeated here.

Optionally, the computer program may be applied to the controlled device in the embodiments of the present application, and when the computer program is run on the computer, the computer executes the corresponding processes implemented by the controlled device in each method of the embodiments of the present application, For brevity, details are not repeated here.

Those of ordinary skill in the art can realize that the units and algorithm steps of each example described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each particular application, but such implementations should not be considered beyond the scope of this application.

Those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working process of the above-described systems, devices and units may refer to the corresponding processes in the foregoing method embodiments, which will not be repeated here.

In the several embodiments provided in this application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.

The units described as separate components may or may not be physically separated, and components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit.

The functions, if implemented in the form of software functional units and sold or used as independent products, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program codes .

The above are only specific embodiments of the present application, but the protection scope of the present application is not limited to this. should be covered within the scope of protection of this application. Therefore, the protection scope of the present application should be based on the protection scope of the claims.

Claims

A method for establishing a device binding relationship, characterized in that it is applied to a configuration end of a first management platform, and the configuration end is used to establish a binding relationship between a controlled device and a control device, and the method includes:

Obtain the identity information of the controlled device, and obtain the identity information of the control device, wherein the identity information of the controlled device is used to uniquely identify the controlled device, and the identity of the control device information is used to uniquely identify the control device;

Writing the identity information of the controlling device into the access control list ACL of the controlled device;

Send binding information to the control device, where the binding information includes the binding relationship between the device information of the controlled device and the device information of the control device, wherein the device information of the controlled device includes the device information of the controlled device. The identity information of the controlled device, and the device information of the control device includes the identity information of the control device.
The method according to claim 1, wherein the writing the identity information of the controlling device into the access control list (ACL) of the controlled device comprises:

The identity information of the control device is written into the control source list in the ACL of the controlled device, where the control source list is used to store information of devices that can control the controlled device.
The method according to claim 2, wherein the method further comprises:

Write the node identification ID assigned by the first management platform to the control device into the control source list in the ACL of the controlled device, where the identification information of the control device is the same as the first management platform corresponds to the node ID assigned to the control device.
The method according to any one of claims 1-3, wherein the device information of the controlled device further includes an interoperability identity of the controlled device, and the device information of the controlling device further includes the the interoperable identity of the control device;

The interoperability identifier of the controlled device includes the node ID allocated by the first management platform to the controlled device and the woven network identifier of the first management platform;

The interoperability identifier of the control device includes a node ID allocated to the control device by the first management platform and a woven network identifier of the first management platform.
The method according to any one of claims 1-4, wherein the sending the binding information to the control device comprises:

In the case of receiving the first state information replied by the controlled device, the binding information is sent to the control device, wherein the first state information is used to indicate that the configuration end is in the controlled device The identity information of the control device is successfully written into the ACL of the device.
The method according to any one of claims 1-5, wherein the sending the binding information to the control device comprises:

If the binding relationship between the controlled device and the controlling device is not saved on the controlling device, the binding information is sent to the controlling device.
The method according to any one of claims 1-6, wherein the acquiring the identity information of the controlled device comprises:

The identity information of the controlled device is acquired from the cluster of the controlled device.
The method according to claim 7, wherein the acquiring the identity information of the controlled device from the cluster of the controlled device comprises:

sending a first read request to the controlled device, where the first read request includes a storage path of the identity information of the controlled device on the controlled device;

Receive the identity information of the controlled device returned by the controlled device.
The method according to claim 7 or 8, wherein the identity information of the controlled device is stored in a first cluster of the controlled device, wherein the first cluster is a basic cluster, or a A dedicated cluster for storing the identity information of the controlled device.
The method according to any one of claims 1-9, wherein the acquiring the identity information of the control device comprises:

The identification information of the control device is acquired from the cluster of the control device.
The method according to claim 10, wherein the acquiring the identity information of the control device comprises:

sending a second read request to the control device, where the second read request includes a storage path of the identity information of the control device on the control device;

Receive the identity information of the control device returned by the control device.
The method according to claim 10 or 11, wherein the identity information of the control device is stored in a second cluster of the control device, wherein the second cluster is a basic cluster, or is used for storing A dedicated cluster of identification information of the control device.
The method according to any one of claims 1-12, wherein the acquiring the identity information of the controlled device comprises:

In the case that the configuration terminal establishes a CASE connection based on a certificate authentication-based secure session with the controlled device, the identity information of the controlled device is acquired from the controlled device.
The method according to any one of claims 1-13, wherein the acquiring the identity information of the control device comprises:

When the configuration terminal establishes a CASE connection with the control device, the identity information of the control device is acquired from the control device.
The method according to any one of claims 1-14, wherein the writing the identity information of the controlling device into the access control list ACL of the controlled device comprises:

The configuration terminal sends a first write request to the controlled device, where the first write request includes the storage path of the ACL of the controlled device and the identity information of the controlling device.
The method according to claim 15, wherein the first write request further comprises a node ID allocated by the first management platform to the control device.
The method according to any one of claims 1-16, wherein the sending the binding information to the control device comprises:

The configuration end sends a second write request to the control device, where the second write request includes a storage path of the binding information list on the control device and the binding information.
A method for establishing a device binding relationship, characterized in that it is applied to a control device, and the control device establishes a binding relationship between the control device and a controlled device through a configuration terminal of a first management platform, and the method includes:

receiving a second read request from the configuration terminal, where the second read request is used to obtain the identity information of the control device, and the identity information of the control device is used to uniquely identify the control device;

sending the identity information of the control device to the configuration terminal;

Receive the binding information sent by the configuration terminal, where the binding information includes the binding relationship between the device information of the controlled device and the device information of the control device, wherein the device information of the controlled device includes the device information of the controlled device. The identity information of the controlled device, and the device information of the control device includes the identity information of the control device.
The method according to claim 18, wherein the device information of the controlled device further includes an interoperability identifier of the controlled device, and the device information of the controlling device further includes the interoperability of the control device. identification;

Wherein, the interoperability identity of the controlled device includes the node ID allocated by the first management platform to the controlled device and the woven network identity of the first management platform;

The interoperability identifier of the control device includes a node ID allocated to the control device by the first management platform and a woven network identifier of the first management platform.
The method according to claim 18 or 19, wherein the method further comprises:

generating a control message according to the binding information, wherein the source address of the control message is set to the identity message of the control device, and the destination address of the control message is set to the identity message of the controlled device;

The control message is sent to the controlled device.
The method according to any one of claims 18-20, wherein the identity information of the control device is stored in a second cluster of the control device, wherein the second cluster is a basic cluster, Or a dedicated cluster for storing the identification information of the control device.
The method according to any one of claims 18-21, wherein the second read request includes a storage path of the identity information of the control device on the control device.
The method according to any one of claims 18-22, wherein the receiving the binding information sent by the configuration terminal comprises:

A second write request sent by the configuration terminal is received, where the second write request includes a storage path of the binding information list on the control device and the binding information.
A method for establishing a device binding relationship, characterized in that it is applied to a controlled device, and the controlled device establishes a binding relationship between the control device and the controlled device through a configuration terminal of a first management platform, and the method include:

receiving a first read request from the configuration terminal, where the first read request is used to obtain the identity information of the controlled device, and the identity information of the controlled device is used to uniquely identify the control device;

sending the identity information of the controlled device to the configuration terminal;

Receive a first write request sent by the configuration terminal, where the first write request is used to write the identity information of the control device into the access control list ACL of the controlled device, where the control device The identity information is used to uniquely identify the control device.
The method according to claim 24, wherein the first write request is used to write the identity information of the control device into the control source list in the ACL of the controlled device, or, the The first write request is used to write the identity information of the control device and the node identity ID allocated to the control device by the first management platform into the control source list in the ACL of the controlled device;

Wherein, the control source list is used to store information of devices that can control the controlled device.
The method according to claim 24 or 25, wherein the method further comprises:

receiving a control message sent by the control device, where the source address of the control message is the identity message of the control device, and the destination address of the control message is the identity message of the controlled device;

Return the control result to the control device.
The method according to any one of claims 24-26, wherein the identity information of the controlled device is stored in a first cluster of the controlled device, wherein the first cluster is a basic cluster, or a dedicated cluster for storing the identity information of the controlled device.
A configuration end device, characterized in that the management platform corresponding to the configuration end device is a first management platform, comprising:

a communication unit, used to obtain the identity information of the controlled device, and obtain the identity information of the control device, wherein the identity information of the controlled device is used to uniquely identify the controlled device, and the identity of the control device The identification information is used to uniquely identify the control device;

Writing the identity information of the controlling device into the access control list ACL of the controlled device; and

Send binding information to the control device, where the binding information includes the binding relationship between the device information of the controlled device and the device information of the control device, wherein the device information of the controlled device includes the device information of the controlled device. The identity information of the controlled device, and the device information of the control device includes the identity information of the control device.
The configuration terminal device according to claim 28, wherein the communication unit is further used for:

The identity information of the control device is written into the control source list in the ACL of the controlled device, where the control source list is used to store information of devices that can control the controlled device.
The configuration terminal device according to claim 29, wherein the communication unit is further used for:

Write the node identification ID assigned by the first management platform to the control device into the control source list in the ACL of the controlled device, where the identification information of the control device is the same as the first management platform corresponds to the node ID assigned to the control device.
The configuration terminal device according to any one of claims 28 to 30, wherein the device information of the controlled device further includes an interoperability identifier of the controlled device, and the device information of the control device further includes including the interoperable identity of the control device;

The interoperability identifier of the controlled device includes the node ID allocated by the first management platform to the controlled device and the woven network identifier of the first management platform;

The interoperability identifier of the control device includes a node ID allocated to the control device by the first management platform and a woven network identifier of the first management platform.
The configuration terminal device according to any one of claims 28-31, wherein the communication unit is further configured to:

In the case of receiving the first state information replied by the controlled device, the binding information is sent to the controlling device, wherein the first state information is used to indicate that the configuration end device is in the controlled device. The identity information of the control device is successfully written into the ACL of the control device.
The configuration terminal device according to any one of claims 28-32, wherein the communication unit is further configured to:

If the binding relationship between the controlled device and the controlling device is not saved on the controlling device, the binding information is sent to the controlling device.
The configuration terminal device according to any one of claims 28-33, wherein the communication unit is further configured to:

The identity information of the controlled device is acquired from the cluster of the controlled device.
The configuration terminal device according to claim 34, wherein the communication unit is further used for:

sending a first read request to the controlled device, where the first read request includes a storage path of the identity information of the controlled device on the controlled device;

Receive the identity information of the controlled device returned by the controlled device.
The configuration terminal device according to claim 34 or 35, wherein the identity information of the controlled device is stored in a first cluster of the controlled device, wherein the first cluster is a basic cluster, Or a dedicated cluster for storing the identity information of the controlled device.
The configuration terminal device according to any one of claims 28-36, wherein the communication unit is further configured to:

The identification information of the control device is acquired from the cluster of the control device.
The configuration terminal device according to claim 37, wherein the communication unit is further used for:

sending a second read request to the control device, where the second read request includes a storage path of the identity information of the control device on the control device;

Receive the identity information of the control device returned by the control device.
The configuration terminal device according to claim 37 or 38, wherein the identity information of the control device is stored in a second cluster of the control device, wherein the second cluster is a basic cluster or a A dedicated cluster for storing the identification information of the control device.
The configuration terminal device according to any one of claims 28-39, wherein the communication unit is further configured to:

In the case that the configuration terminal establishes a CASE connection based on a certificate authentication-based secure session with the controlled device, the identity information of the controlled device is acquired from the controlled device.
The configuration terminal device according to any one of claims 28-40, wherein the communication unit is further configured to:

When the configuration end device establishes a CASE connection with the control device, the identity information of the control device is acquired from the control device.
The configuration terminal device according to any one of claims 28-41, wherein the communication unit is further configured to:

Send a first write request to the controlled device, where the first write request includes the storage path of the ACL of the controlled device and the identity information of the controlling device.
The configuration terminal device according to claim 42, wherein the first write request further includes a node ID allocated by the first management platform to the control device.
The configuration terminal device according to any one of claims 28-43, wherein the communication unit is further configured to:

Send a second write request to the control device, where the second write request includes a storage path of the binding information list on the control device and the binding information.
A control device, characterized in that it includes:

A communication unit, configured to receive a second read request from the configuration end of the first management platform, where the second read request is used to obtain the identity information of the control device, and the identity information of the control device is used to uniquely identify the controlling device;

sending the identity information of the control device to the configuration terminal; and

Receive binding information sent by the configuration terminal, where the binding information includes the binding relationship between the device information of the controlled device and the device information of the controlling device, wherein the device information of the controlled device includes the device information of the controlled device Identity information of the control device, where the device information of the control device includes the identity information of the control device.
The control device according to claim 45, wherein the device information of the controlled device further includes an interoperability identifier of the controlled device, and the device information of the control device further includes an interoperability identifier of the control device. Operational identification;

Wherein, the interoperability identity of the controlled device includes the node ID allocated by the first management platform to the controlled device and the woven network identity of the first management platform;

The interoperability identifier of the control device includes a node ID allocated to the control device by the first management platform and a woven network identifier of the first management platform.
The control device according to claim 45 or 46, wherein the control device further comprises:

a processing unit, configured to generate a control message according to the binding information, wherein the source address of the control message is set to the identity message of the control device, and the destination address of the control message is set to the controlled device identity message;

The communication unit is further configured to: send the control message to the controlled device.
The control device according to any one of claims 45-47, wherein the identity information of the control device is stored in a second cluster of the control device, wherein the second cluster is a basic cluster , or a dedicated cluster for storing the identity information of the control device.
The control device according to any one of claims 45-48, wherein the second read request includes a storage path of the identification information of the control device on the control device.
The control device according to any one of claims 45-49, wherein the communication unit is further configured to:

A second write request sent by the configuration terminal is received, where the second write request includes a storage path of the binding information list on the control device and the binding information.
A controlled device, characterized in that it includes:

A communication unit, configured to receive a first read request from the configuration end of the first management platform, where the first read request is used to obtain the identity information of the controlled device, and the identity information of the controlled device is used to uniquely identify the control device;

sending the identity information of the controlled device to the configuration terminal;

Receive a first write request sent by the configuration terminal, where the first write request is used to write the identity information of the control device into the access control list ACL of the controlled device, where the control device The identity information is used to uniquely identify the control device.
The controlled device according to claim 51, wherein the first write request is used to write the identity information of the controlling device into a control source list in an ACL of the controlled device, or, The first write request is used to write the identity information of the control device and the node identity ID assigned to the control device by the first management platform into the control source list in the ACL of the controlled device;

Wherein, the control source list is used to store information of devices that can control the controlled device.
The controlled device according to claim 52, wherein the communication unit is further used for:

receiving a control message sent by the control device, where the source address of the control message is the identity message of the control device, and the destination address of the control message is the identity message of the controlled device;

Return the control result to the control device.
The controlled device according to any one of claims 51-53, wherein the identity information of the controlled device is stored in a first cluster of the controlled device, wherein the first cluster is a basic cluster, or a dedicated cluster for storing the identity information of the controlled device.
A configuration terminal device, characterized in that it includes: a processor and a memory, the memory is used to store a computer program, the processor is used to call and run the computer program stored in the memory, and execute the program as claimed in claims 1 to 17 The method of any one.
A control device, characterized in that it comprises: a processor and a memory, the memory is used to store a computer program, the processor is used to call and run the computer program stored in the memory, and execute any one of claims 18 to 23. one of the methods described.
A controlled device is characterized in that it comprises: a processor and a memory, the memory is used for storing a computer program, the processor is used for calling and running the computer program stored in the memory, and executes the program as claimed in claims 24 to 27 The method of any one.
A chip, characterized by comprising: a processor for invoking and running a computer program from a memory, so that a device installed with the chip executes the method according to any one of claims 1 to 17, or as in The method of any one of claims 18 to 23, or the method of any one of claims 24 to 27.
A computer-readable storage medium, characterized by being used for storing a computer program, the computer program causing a computer to execute the method according to any one of claims 1 to 17, or any one of claims 18 to 23. A method as claimed in claim 1, or a method as claimed in any one of claims 24 to 27.
A computer program product comprising computer program instructions that cause a computer to perform the method of any one of claims 1 to 17, or the method of any one of claims 18 to 23 , or as claimed in any one of claims 24 to 27.
A computer program, characterized in that the computer program causes a computer to perform the method according to any one of claims 1 to 17, or the method according to any one of claims 18 to 23, or the The method of any one of claims 24 to 27.