WO2023241170A1 - Remote control method for automatic meal selling device - Google Patents

Remote control method for automatic meal selling device Download PDF

Info

Publication number
WO2023241170A1
WO2023241170A1 PCT/CN2023/085022 CN2023085022W WO2023241170A1 WO 2023241170 A1 WO2023241170 A1 WO 2023241170A1 CN 2023085022 W CN2023085022 W CN 2023085022W WO 2023241170 A1 WO2023241170 A1 WO 2023241170A1
Authority
WO
WIPO (PCT)
Prior art keywords
remote control
vending device
automatic
control terminal
message
Prior art date
Application number
PCT/CN2023/085022
Other languages
French (fr)
Chinese (zh)
Inventor
陈合林
陈美荣
张天禄
Original Assignee
爱仕达股份有限公司
浙江爱仕达生活电器有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 爱仕达股份有限公司, 浙江爱仕达生活电器有限公司 filed Critical 爱仕达股份有限公司
Publication of WO2023241170A1 publication Critical patent/WO2023241170A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/0064Coin-freed apparatus for hiring articles; Coin-freed facilities or services for processing of food articles
    • G07F17/0078Food articles which need to be processed for dispensing in a hot or cooked condition, e.g. popcorn, nuts
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F9/00Details other than those peculiar to special kinds or types of apparatus
    • G07F9/002Vending machines being part of a centrally controlled network of vending machines
    • GPHYSICS
    • G08SIGNALLING
    • G08CTRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
    • G08C17/00Arrangements for transmitting signals characterised by the use of a wireless electrical link
    • G08C17/02Arrangements for transmitting signals characterised by the use of a wireless electrical link using a radio link
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/73Access point logical identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the present invention relates to the technical field of remote control, and in particular to a remote control method for an automatic food vending device.
  • the present invention is mainly to solve the problem of potential safety hazards in the traditional remote control method of an automatic meal vending device. It provides a remote control method for an automatic meal vending device, which includes the following steps: 1) Personalized setting of the automatic meal vending device; There is an SE chip in the automatic meal vending device; 2) Connect the automatic meal vending device to the wireless LAN; 3) Establish a binding relationship between the remote control terminal and the automatic meal vending device; 4) Control the automatic meal vending device through the remote control terminal.
  • the present invention uses PKI secret key system technology to realize functions such as network identity identification, network communication confidentiality, communication data anti-tampering, communication subject non-repudiation, etc., and improves the security of the remote control method of the automatic meal vending device; all data used in the communication process are The data is transmitted in ciphertext, and the security of the data is guaranteed by the strength of the encryption algorithm used, thereby avoiding problems such as communication data tampering and information leakage, and solving various security risks in the existing remote control methods of automatic food vending devices. .
  • a remote control method for an automatic food vending device including the following steps:
  • Step S1 Personalize the automatic meal vending device, and the automatic meal vending device is equipped with an SE chip;
  • the basic information includes the equipment certificate, encryption key pair and equipment number of the automatic food vending device; at the same time, the registration system certificate and the registration system Encrypted public key storage Store it in the SE chip of the automatic food vending device; finally, display the equipment number on the automatic food vending device or the user manual related to the automatic food vending device;
  • Step S2 Connect the automatic meal vending device to the wireless LAN;
  • the automatic vending device decrypts the ciphertext data containing the wireless LAN SSID and WIFI access password sent by the remote control terminal, obtains the SSID and WIFI access password, and then connects to the wireless LAN with the SSID and WIFI access password;
  • Step S3 Establish a binding relationship between the remote control terminal and the automatic meal vending device
  • the device certificate is used as the root of trust to establish a binding relationship between the remote control terminal and the automatic food vending device; the App application obtains the device number through the user's manual input or scanning of the barcode;
  • Step S4 Control the automatic meal vending device through the remote control terminal
  • the remote control terminal obtains the status of the automatic meal vending device, organizes a control message and sends it to the automatic meal vending device.
  • the control message includes a digital signature, remote control terminal identity information, control time and control command; the automatic meal vending device verification control Whether the digital signature of the message, the identity information of the remote control terminal, the control time and the control command are legal, if legal, the command is executed; if not, a message indicating that the control information is illegal is sent to the remote control terminal.
  • step S1 includes the following steps:
  • Step A1 Download the basic information of the automatic food vending device into the SE chip of the automatic food vending device.
  • the basic information includes the equipment certificate, encryption key pair and equipment number;
  • Step A2 Store the registration system certificate and the registration system encryption public key in the SE chip of the automatic food vending device;
  • Step A3 Display the equipment number on the automatic food vending device or the user manual related to the automatic food vending device.
  • step S2 includes the following steps:
  • Step B1 The remote control terminal sends the ciphertext containing the wireless LAN SSID and WIFI access password to the automatic meal vending device;
  • Step B2 The automatic food vending device decrypts the ciphertext data and obtains the SSID and WIFI access password;
  • Step B3 The automatic food vending device connects to the wireless LAN using the SSID and WIFI access password;
  • the remote control terminal obtains the basic information of the automatic food vending device that needs to establish a binding connection and the SSID and WIFI access password in the wireless LAN used; the remote control terminal uses the device number in the basic information as the first encryption algorithm key, and uses the first encryption algorithm key.
  • An encryption algorithm encrypts the SSID and WIFI access password of the wireless router to obtain ciphertext data; the remote control terminal pushes the ciphertext data to the automatic food vending device in the form of a UDP message; the automatic food vending device receives all After describing the ciphertext data, use the own device number as the decryption key of the first encryption algorithm, use the first encryption algorithm to decrypt the ciphertext data, and obtain the plaintext data of the SSID of the wireless router and the WIFI access password; the automatic vending machine
  • the meal device uses the plaintext data to configure its own wireless network module, performs an access network operation, and connects the automatic meal vending device to the wireless local area network.
  • the first encryption algorithm is a symmetric encryption and decryption algorithm.
  • step S3 under the coordination of the cloud server, the device certificate is used as the root of trust to establish a binding relationship between the remote control terminal and the automatic meal vending device.
  • the specific process includes the following steps:
  • Step C1 The remote control terminal sends the encrypted binding request message A containing its own signature public key and unique physical information to the automatic meal vending device; the remote control terminal's unique physical information includes the remote control terminal ID, mobile phone number and PAD sequence No.; remote control terminals include smartphones, PCs, and PADs;
  • Step C2 The automatic meal vending device sequentially signs and encrypts the decrypted binding request message A to obtain message B, and sends message B to the registration system of the cloud server through the remote control terminal for decryption and signature verification.
  • the registration system sends the remote control terminal's signature public key and the remote control terminal's unique physical information in the message B that passes the signature verification to the certification system;
  • Step C3 The certification system generates the remote control terminal signature certificate and the remote control terminal encryption key pair and sends them to the registration system;
  • Step C4 The registration system signs and encrypts the message C containing the remote control terminal signature certificate and the remote control terminal encryption key pair, and then sends it to the automatic meal vending device via the remote control terminal;
  • Step C5 The automatic food vending device decrypts and verifies the signature of message C, then re-encrypts the decrypted message C to obtain message D and sends it to the remote control terminal;
  • Step C6 The remote control terminal decrypts the message D to obtain its own signature certificate and encryption key pair and stores them, completing the binding between the remote control terminal and the automatic food vending device.
  • step S4 includes the following steps:
  • Step D1 The remote control terminal obtains the status of the automatic meal vending device, organizes a control message and sends it to the automatic meal vending device.
  • the control message includes a digital signature, remote control terminal identity information, control time and control command;
  • Step D2 The automatic meal vending device verifies whether the digital signature of the control message, the identity information of the remote control terminal, the control time and the control command are legal. If legal, the command is executed; if not, a message indicating that the control information is illegal is sent to Remote control terminal;
  • the remote control terminal logs in to the cloud server through the App application installed on itself, and finds the automatic food vending device that needs to be controlled; the App application receives the control information input by the user and organizes the control data according to the preset communication protocol Finally, use the signature private key of the remote control terminal to sign the control data, and then use the encrypted public key of the automatic meal vending device to encapsulate the control data message into a digital envelope and send it to the automatic meal vending device; the instruction digital envelope includes the control command , time information and remote control terminal identity information; the automatic vending device uses its own encrypted private key to unlock the instruction digital envelope, and then uses the remote control terminal's public key stored in the binding list to perform signature verification on the digital signature of the instruction digital envelope.
  • step C1 the specific process of step C1 is: the remote control terminal generates its own signature key pair, and uses its own signature public key and unique physical information as the data of the binding request message A, and then uses the automatic vending device's
  • the device number is the symmetric encryption key that encrypts the binding request message A, and finally sends the encrypted binding request message A to the automatic meal vending device.
  • step C2 includes the following steps:
  • Step C21 The automatic meal vending device uses its own device number as the symmetric decryption key, decrypts the encrypted binding request message A sent by the remote control terminal, obtains the plain text of the binding request message A, and then the automatic meal vending device Use your own signing private key to sign the plain text, and the registration system's encrypted public key to encrypt the signed plain text to obtain message B containing the remote control end's signature public key and the remote control end's unique physical information;
  • Step C22 The automatic meal vending device sends message B to the remote control terminal, and then the remote control terminal sends it to the registration system of the cloud server;
  • Step C23 The registration system first uses its own encryption private key to decrypt message B, and then uses the automatic vending device signature public key to perform signature verification on the decrypted message B; if either decryption or signature verification fails, the registration system will Terminate the binding process and send an error code to the automatic meal vending device; if the decryption and signature verification are passed, the registration system will forward the signature public key and unique physical information of the remote control end obtained from message B to the certification system.
  • the certificate production system generates the signature certificate and encryption key pair of the remote control terminal based on the signature public key and physical unique information of the remote control terminal, and then sends the generated signature certificate and encryption key pair to the registration system.
  • step C4 includes the following steps:
  • Step C41 The registration system stores the remote control terminal's signature certificate, encryption key pair and remote control terminal's unique physical information sent by the certification system, and records the binding relationship between the remote control terminal and the automatic meal vending device;
  • Step C42 Use the registration system's own signature private key to sign the message C containing the remote control terminal's signature certificate and encryption key pair, and then use the encryption public key of the automatic vending device to encrypt the signed message C;
  • Step C43 Send the encrypted message C to the remote control terminal, and the remote control terminal sends the encrypted message C to the automatic meal vending device.
  • step C5 includes the following steps:
  • Step C51 The automatic vending device uses the private key of its own encryption key pair to decrypt the encrypted message C, and then uses the signature public key of the registration system stored in the SE chip to perform signature verification on the decrypted message C. If If either decryption or signature verification fails, the binding process will be terminated and an error code will be returned to the remote control terminal; if both decryption and signature verification pass, the remote control terminal's signature certificate and encryption key pair will be stored in the SE chip;
  • Step C52 The automatic food vending device uses its own device number to encrypt the message D containing the signature certificate and encryption key pair of the remote control terminal, and then sends the encrypted message D to the remote control terminal.
  • step C6 the remote control terminal decrypts the received encrypted message D using the equipment number of the automatic meal vending device as the symmetric decryption key, obtains its own signature certificate and encryption key pair, and finally converts its own The signing certificate and encryption key pair are stored in the corresponding directory.
  • Figure 1 is a flow chart of a remote control method for an automatic food vending device in Embodiment 1 of the present invention.
  • Figure 2 is a schematic structural diagram of an automatic food vending device in Embodiment 2 of the present invention.
  • a remote control method for an automatic food vending device includes the following steps:
  • Step S1 Personalize the automatic meal vending device, and the automatic meal vending device is equipped with an SE chip;
  • the basic information includes the equipment certificate, encryption key pair and equipment number of the automatic food vending device; at the same time, store the registration system certificate and registration system encryption public key. into the SE chip of the automatic food vending device; finally, display the device number on the automatic food vending device or the user manual related to the automatic food vending device;
  • Step S2 Connect the automatic meal vending device to the wireless LAN;
  • the automatic vending device decrypts the ciphertext data containing the wireless LAN SSID and WIFI access password sent by the remote control terminal, obtains the SSID and WIFI access password, and then connects to the wireless LAN with the SSID and WIFI access password;
  • Step S3 Establish a binding relationship between the remote control terminal and the automatic meal vending device
  • the device certificate is used as the root of trust to establish a binding relationship between the remote control terminal and the automatic meal vending device;
  • the App obtains the device number through the user's manual input or scanning of the barcode;
  • Step S4 Control the automatic meal vending device through the remote control terminal
  • the remote control terminal obtains the status of the automatic meal vending device, organizes the control message and sends it to the automatic meal vending device.
  • the control message includes digital signature, remote control terminal identity information, control time and control command; the automatic meal vending device verifies the control message.
  • the digital signature, remote control end identity information, control time and control command are legal. If they are legal, the command is executed; if not, a message indicating that the control information is illegal is sent to the remote control end.
  • step S2 The specific process of step S2:
  • the remote control terminal obtains the basic information of the automatic food vending device that needs to establish a binding connection and the SSID and WIFI access password in the wireless LAN used;
  • the remote control terminal uses the device number in the basic information as the first encryption algorithm secret key, uses the first encryption algorithm to encrypt the SSID and WIFI access password of the wireless router, and obtains the ciphertext data;
  • the first encryption algorithm is a symmetric encryption and decryption algorithm. ;
  • the remote control terminal pushes the ciphertext data to the automatic meal vending device in the form of UDP messages;
  • the automatic food vending device After the automatic food vending device receives the ciphertext data, it uses its own device number as the decryption key of the first encryption algorithm, uses the first encryption algorithm to decrypt the ciphertext data, and obtains the plaintext data of the SSID of the wireless router and the WIFI access password. ;
  • the automatic food vending device uses plain text data to configure its own wireless network module, performs access network operations, and connects the automatic food vending device to the wireless LAN.
  • step S3 The specific process of step S3:
  • the remote control terminal sends the encrypted binding request message A containing its own signature public key and unique physical information to the automatic meal vending device;
  • the unique physical information of the remote control terminal includes the remote control terminal ID, mobile phone number and PAD serial number;
  • the remote control terminal Control terminals include smartphones, PCs, and PADs;
  • the automatic meal vending device sequentially signs and encrypts the decrypted binding request message A to obtain message B, and sends message B to the registration system of the cloud server through the remote control terminal for decryption and signature verification.
  • the registration system will The remote control terminal's signature public key and the remote control terminal's unique physical information in message B that passes the signature verification are sent to the certification system;
  • the certification system generates the remote control terminal signature certificate and the remote control terminal encryption key pair and sends them to the registration system;
  • the registration system signs and encrypts the message C containing the remote control terminal signature certificate and the remote control terminal encryption key pair, and then sends it to the automatic meal vending device via the remote control terminal;
  • the automatic meal vending device decrypts and verifies the signature of message C, then re-encrypts the decrypted message C to obtain message D and sends it to the remote control terminal;
  • the remote control end decrypts the message D to obtain its own signature certificate and encryption key pair and stores them, completing the binding between the remote control end and the automatic food vending device.
  • step S4 The specific process of step S4:
  • the remote control terminal logs in to the cloud server through the App installed on itself, and finds the automatic food vending device that needs to be controlled;
  • the App application After the App application receives the control information input by the user and organizes the control data according to the preset communication protocol, it uses the signature private key of the remote control terminal to sign the control data, and then uses the encrypted public key of the automatic vending device to control the data. After the data message is encapsulated into a digital envelope, it is sent to the automatic meal vending device; the instruction digital envelope includes control commands, time information and remote control terminal identity information;
  • the automatic vending device unlocks the instruction digital envelope with its own encrypted private key, and then uses the public key of the remote control terminal stored in the binding list to perform signature verification on the digital signature of the instruction digital envelope. If the signature verification is valid, proceed to the next step; if If the signature verification is invalid, a prompt message indicating that the information is illegal will be sent to the APP application;
  • step C1 The specific process of step C1:
  • the remote control end generates its own signature key pair, and uses its own signature public key and unique physical information as the data of the binding request message A, and then uses the device number of the automatic vending device as the symmetric encryption key to encrypt and bind request message A, and finally send the encrypted binding request message A to the automatic meal vending device.
  • the automatic food vending device uses its own device number as the symmetric decryption key, decrypts the encrypted binding request message A sent by the remote control terminal, and obtains the plain text of the binding request message A. Then the automatic food vending device uses its own The signature private key signs the plain text, and the registration system's encrypted public key encrypts the signed plain text to obtain message B containing the remote control end's signature public key and the remote control end's unique physical information;
  • the automatic meal vending device sends message B to the remote control terminal, and then the remote control terminal sends it to the registration system of the cloud server; the registration system first uses its own encryption private key to decrypt message B, and then uses the automatic meal vending device signature public key Perform signature verification on decrypted message B; if either decryption or signature verification fails, the registration system will terminate the binding process and send an error code to the vending device; if both decryption and signature verification pass, the registration system will The remote control terminal's signature public key and unique physical information obtained from message B are forwarded to the certification system;
  • the certificate production system generates the signature certificate and encryption key pair of the remote control terminal based on the signature public key and physical unique information of the remote control terminal, and then sends the generated signature certificate and encryption key pair to the registration system.
  • step C4 The specific process of step C4:
  • the registration system stores the remote control terminal’s signature certificate, encryption key pair and the remote control terminal’s unique physical identity sent by the certification system. information, and record the binding relationship between the remote control terminal and the automatic meal vending device;
  • the encrypted message C is sent to the remote control terminal, and the remote control terminal sends the encrypted message C to the automatic meal vending device.
  • the automatic vending device uses the private key of its own encryption key pair to decrypt the encrypted message C, and then uses the signature public key of the registration system stored in the SE chip to perform signature verification on the decrypted message C. If the decryption and signature If any verification process fails, the binding process will be terminated and an error code will be returned to the remote control terminal; if both decryption and signature verification pass, the remote control terminal's signature certificate and encryption key pair will be stored in the SE chip;
  • the automatic vending device uses its own device number to encrypt the message D containing the remote control terminal's signature certificate and encryption key pair, and then sends the encrypted message D to the remote control terminal;
  • the remote control end decrypts the received encrypted message D using the equipment number of the automatic meal vending device as the symmetric decryption key, obtains its own signature certificate and encryption key pair, and finally stores its own signature certificate and encryption key pair in the corresponding in the directory.
  • An automatic meal vending device includes a prefabricated meal heating and insulation meal dispensing assembly 1 and a transportation component 3.
  • the prefabricated meal heating and insulation meal dispensing assembly 1 includes three layers of meal storage chambers, each layer Different types of fast food are stored in the meal storage cavity.
  • the prefabricated meal heating and insulation meal delivery assembly 1 is provided with a meal outlet on the outer wall;
  • the transportation component 3 includes a conveyor belt tabletop and a tabletop conveyor belt electric roller. There is a delivery belt on the conveyor belt tabletop.
  • the dining trolley 2 has a trolley drive motor and a trolley drive rod.
  • the food delivery trolley 2 is equipped with an ordering screen; it is also equipped with a dustbin, a garbage conveyor belt, a garbage conveyor belt power roller, a garbage compression screw and a garbage compression rod drive assembly.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Food Science & Technology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Selective Calling Equipment (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)

Abstract

Disclosed in the present invention is a remote control method for an automatic meal selling device, comprising the following steps: 1) performing personalization on an automatic meal selling device, the automatic meal selling device being internally provided with an SE chip; 2) enabling the automatic meal selling device to access a wireless local area network; 3) establishing a binding relationship between a remote control end and the automatic meal selling device; and 4) controlling the automatic meal selling device by means of the remote control end. According to the present invention, functions of network identity identification, network communication secrecy, communication data tamper-proofing, and non-repudiation of a communication subject are achieved by using a PKI key system technique, so as to improve the safety of the remote control method for an automatic meal selling device; all pieces of data used in a communication process are transmitted in a ciphertext mode, and the security of the data is ensured by the strength of an encryption algorithm used, such that the problems such as tampering of communication data and leakage of information are avoided, and multiple security risks present in existing remote control methods for an automatic meal selling device are eliminated.

Description

一种用于自动售餐装置的远程控制方法A remote control method for automatic food vending device 技术领域Technical field
本发明涉及远程控制技术领域,具体涉及一种用于自动售餐装置的远程控制方法。The present invention relates to the technical field of remote control, and in particular to a remote control method for an automatic food vending device.
背景技术Background technique
随着现代社会生活、工作节奏的加快,快餐已经成为很多人解决用餐的主要途径,对于上班族解决工作餐尤其需要。传统快餐行业模式一般是商家租店铺并雇用人工提供服务,这样的模式对于商家来说面临着门店租金高、人工成本高、食品安全难以保障等问题,对于顾客来说则面临着用餐高峰时段需要排队等候、非用餐时间无法解决用餐等诸多问题。针对上述问题,自动售餐装置应运而生,实现无人自助售餐,节省人工成本,避免高峰期排队等候给客户造成不愉快的消费体验。类似于共享单车,服务商通常采用多点投放自动售餐装置的运营模式,这就需要对多个自动售餐装置实行远程控制管理,而现有的远程控制方法在提供智能化、便利性的同时,也为远程入侵提供了可能,比如,黑客通过入侵掌握自动售餐装置的控制权后,损害服务商权益,给服务商造成经济损失。在现有的智能电力设备远程控制技术方案中,由于需要不断地进行数据交换,需要在公网上传输大量的明文数据,比如,需要传输智能电力设备的状态信息、接入口令、控制数据等,这些敏感数据在公网上传输时有可能被截取或被恶意篡改,从而埋下严重的安全隐患。With the accelerated pace of life and work in modern society, fast food has become the main way for many people to have meals, especially for office workers. The traditional fast food industry model generally involves merchants renting stores and employing labor to provide services. This model faces problems such as high store rents, high labor costs, and difficulty in ensuring food safety for merchants. For customers, it also faces the need for food during peak dining hours. There are many problems such as waiting in line and being unable to eat during non-meal hours. In response to the above problems, automatic food vending devices came into being to realize unmanned self-service food vending, save labor costs, and avoid waiting in line during peak periods to cause unpleasant consumption experiences for customers. Similar to shared bicycles, service providers usually adopt an operating model of placing automatic meal vending devices at multiple points, which requires remote control and management of multiple automatic meal vending devices. However, existing remote control methods provide intelligent and convenient services. At the same time, it also provides the possibility of remote intrusion. For example, after hackers gain control of the automatic food vending device through intrusion, they damage the rights and interests of the service provider and cause economic losses to the service provider. In the existing remote control technical solutions for smart power equipment, due to the need for continuous data exchange, a large amount of plain text data needs to be transmitted over the public network. For example, status information, access passwords, control data, etc. of smart power equipment need to be transmitted. These sensitive data may be intercepted or maliciously tampered with when transmitted over the public network, thus posing serious security risks.
发明内容Contents of the invention
本发明主要是为了解决传统的自动售餐装置远程控制方法存在安全隐患的问题,提供了一种用于自动售餐装置的远程控制方法,包括以下步骤:1)个性化设置自动售餐装置,自动售餐装置内设有SE芯片;2)将自动售餐装置接入无线局域网;3)建立远程控制端与自动售餐装置的绑定关系;4)通过远程控制端控制自动售餐装置。本发明采用PKI秘钥体系技术实现网络身份识别、网络通信保密、通信数据防篡改、通信主体不可抵赖等功能,提高自动售餐装置远程控制方法的安全性;通信过程中所使用的数据全部以密文的方式传输,数据的安全性由所采用的加密算法的强度来保证,从而避免通信数据被篡改和信息泄露等问题,解决了现有自动售餐装置远程控制方法中的多种安全风险。The present invention is mainly to solve the problem of potential safety hazards in the traditional remote control method of an automatic meal vending device. It provides a remote control method for an automatic meal vending device, which includes the following steps: 1) Personalized setting of the automatic meal vending device; There is an SE chip in the automatic meal vending device; 2) Connect the automatic meal vending device to the wireless LAN; 3) Establish a binding relationship between the remote control terminal and the automatic meal vending device; 4) Control the automatic meal vending device through the remote control terminal. The present invention uses PKI secret key system technology to realize functions such as network identity identification, network communication confidentiality, communication data anti-tampering, communication subject non-repudiation, etc., and improves the security of the remote control method of the automatic meal vending device; all data used in the communication process are The data is transmitted in ciphertext, and the security of the data is guaranteed by the strength of the encryption algorithm used, thereby avoiding problems such as communication data tampering and information leakage, and solving various security risks in the existing remote control methods of automatic food vending devices. .
为了实现上述目的,本发明采用以下技术方案:In order to achieve the above objects, the present invention adopts the following technical solutions:
一种用于自动售餐装置的远程控制方法,包括以下步骤:A remote control method for an automatic food vending device, including the following steps:
步骤S1:个性化设置自动售餐装置,所述自动售餐装置内设有SE芯片;Step S1: Personalize the automatic meal vending device, and the automatic meal vending device is equipped with an SE chip;
下载自动售餐装置的基本信息到所述自动售餐装置的SE芯片内,所述基本信息包括自动售餐装置的设备证书、加密秘钥对和设备编号;同时,将注册系统证书和注册系统加密公钥存 储到所述自动售餐装置的SE芯片内;最后将设备编号展示在自动售餐装置或与所述自动售餐装置相关的用户手册上;Download the basic information of the automatic food vending device into the SE chip of the automatic food vending device. The basic information includes the equipment certificate, encryption key pair and equipment number of the automatic food vending device; at the same time, the registration system certificate and the registration system Encrypted public key storage Store it in the SE chip of the automatic food vending device; finally, display the equipment number on the automatic food vending device or the user manual related to the automatic food vending device;
步骤S2:将自动售餐装置接入无线局域网;Step S2: Connect the automatic meal vending device to the wireless LAN;
自动售餐装置解密远程控制端发送的包含无线局域网SSID和WIFI接入口令的密文数据,获得SSID和WIFI接入口令,然后以SSID和WIFI接入口令连接到无线局域网;The automatic vending device decrypts the ciphertext data containing the wireless LAN SSID and WIFI access password sent by the remote control terminal, obtains the SSID and WIFI access password, and then connects to the wireless LAN with the SSID and WIFI access password;
步骤S3:建立远程控制端与自动售餐装置的绑定关系;Step S3: Establish a binding relationship between the remote control terminal and the automatic meal vending device;
在云服务器的协调下,以设备证书为信任根,建立远程控制端与自动售餐装置的绑定关系;App应用程序通过用户手动输入或扫描条形码的方式,获取设备编号;Under the coordination of the cloud server, the device certificate is used as the root of trust to establish a binding relationship between the remote control terminal and the automatic food vending device; the App application obtains the device number through the user's manual input or scanning of the barcode;
步骤S4:通过远程控制端控制自动售餐装置;Step S4: Control the automatic meal vending device through the remote control terminal;
远程控制端获取自动售餐装置的状态,组织控制报文并发送给自动售餐装置,所述控制报文包括数字签名、远程控制端身份信息、控制时间和控制命令;自动售餐装置验证控制报文的数字签名、远程控制端身份信息、控制时间和控制命令是否合法,如果合法,则执行命令;如果不合法,则将控制信息不合法的消息发送到远程控制端。The remote control terminal obtains the status of the automatic meal vending device, organizes a control message and sends it to the automatic meal vending device. The control message includes a digital signature, remote control terminal identity information, control time and control command; the automatic meal vending device verification control Whether the digital signature of the message, the identity information of the remote control terminal, the control time and the control command are legal, if legal, the command is executed; if not, a message indicating that the control information is illegal is sent to the remote control terminal.
作为优选,步骤S1的具体过程,包括以下步骤:Preferably, the specific process of step S1 includes the following steps:
步骤A1:下载自动售餐装置的基本信息到所述自动售餐装置的SE芯片内,所述基本信息包括设备证书、加密秘钥对和设备编号;Step A1: Download the basic information of the automatic food vending device into the SE chip of the automatic food vending device. The basic information includes the equipment certificate, encryption key pair and equipment number;
步骤A2:将注册系统证书和注册系统加密公钥存储到所述自动售餐装置的SE芯片内;Step A2: Store the registration system certificate and the registration system encryption public key in the SE chip of the automatic food vending device;
步骤A3:将设备编号展示在自动售餐装置或与所述自动售餐装置相关的用户手册上。Step A3: Display the equipment number on the automatic food vending device or the user manual related to the automatic food vending device.
作为优选,步骤S2的具体过程:包括以下步骤:Preferably, the specific process of step S2 includes the following steps:
步骤B1:远程控制端发送包含无线局域网SSID和WIFI接入口令的密文给自动售餐装置;Step B1: The remote control terminal sends the ciphertext containing the wireless LAN SSID and WIFI access password to the automatic meal vending device;
步骤B2:自动售餐装置解密密文数据,获得SSID和WIFI接入口令;Step B2: The automatic food vending device decrypts the ciphertext data and obtains the SSID and WIFI access password;
步骤B3:自动售餐装置以SSID和WIFI接入口令连接到无线局域网;Step B3: The automatic food vending device connects to the wireless LAN using the SSID and WIFI access password;
远程控制端获取需建立绑定连接的自动售餐装置的基本信息及所用无线局域网中的SSID和WIFI接入口令;远程控制端以基本信息中的设备编号为第一加密算法秘钥,采用第一加密算法对无线路由器的SSID和WIFI接入口令进行加密,得到密文数据;远程控制端将所述密文数据以UDP报文的方式推送给自动售餐装置;自动售餐装置接收到所述密文数据后,以自身设备编号为第一加密算法的解密秘钥,采用第一加密算法对所述密文数据进行解密,得到无线路由器的SSID和WIFI接入口令的明文数据;自动售餐装置使用所述明文数据配置自身无线网络模块,执行接入网络操作,将自动售餐装置连接到无线局域网中。第一加密算法为对称加解密算法。 The remote control terminal obtains the basic information of the automatic food vending device that needs to establish a binding connection and the SSID and WIFI access password in the wireless LAN used; the remote control terminal uses the device number in the basic information as the first encryption algorithm key, and uses the first encryption algorithm key. An encryption algorithm encrypts the SSID and WIFI access password of the wireless router to obtain ciphertext data; the remote control terminal pushes the ciphertext data to the automatic food vending device in the form of a UDP message; the automatic food vending device receives all After describing the ciphertext data, use the own device number as the decryption key of the first encryption algorithm, use the first encryption algorithm to decrypt the ciphertext data, and obtain the plaintext data of the SSID of the wireless router and the WIFI access password; the automatic vending machine The meal device uses the plaintext data to configure its own wireless network module, performs an access network operation, and connects the automatic meal vending device to the wireless local area network. The first encryption algorithm is a symmetric encryption and decryption algorithm.
作为优选,步骤S3中,在云服务器的协调下,以设备证书为信任根,建立远程控制端与自动售餐装置的绑定关系,具体过程包括以下步骤:Preferably, in step S3, under the coordination of the cloud server, the device certificate is used as the root of trust to establish a binding relationship between the remote control terminal and the automatic meal vending device. The specific process includes the following steps:
步骤C1:远程控制端将包含自身签名公钥和唯一物理信息并经过加密的绑定请求报文A发送给自动售餐装置;远程控制端的唯一物理信息包括远程控制端ID、手机号码和PAD序列号;远程控制端包括智能手机、PC、PAD;Step C1: The remote control terminal sends the encrypted binding request message A containing its own signature public key and unique physical information to the automatic meal vending device; the remote control terminal's unique physical information includes the remote control terminal ID, mobile phone number and PAD sequence No.; remote control terminals include smartphones, PCs, and PADs;
步骤C2:自动售餐装置对解密后的绑定请求报文A依次进行签名和加密,得到报文B,并将报文B经远程控制端发送给云服务器的注册系统进行解密和签名验证,注册系统将签名验证通过的报文B中的远程控制端签名公钥和远程控制端唯一物理信息发送给制证系统;Step C2: The automatic meal vending device sequentially signs and encrypts the decrypted binding request message A to obtain message B, and sends message B to the registration system of the cloud server through the remote control terminal for decryption and signature verification. The registration system sends the remote control terminal's signature public key and the remote control terminal's unique physical information in the message B that passes the signature verification to the certification system;
步骤C3:制证系统生成远程控制端签名证书和远程控制端加密秘钥对并发送给注册系统;Step C3: The certification system generates the remote control terminal signature certificate and the remote control terminal encryption key pair and sends them to the registration system;
步骤C4:注册系统将包含远程控制端签名证书和远程控制端加密秘钥对的报文C进行签名和加密后,经远程控制端发送给自动售餐装置;Step C4: The registration system signs and encrypts the message C containing the remote control terminal signature certificate and the remote control terminal encryption key pair, and then sends it to the automatic meal vending device via the remote control terminal;
步骤C5:自动售餐装置对报文C进行解密和签名验证,然后对解密后的报文C重新加密,得到报文D并发送给远程控制端;Step C5: The automatic food vending device decrypts and verifies the signature of message C, then re-encrypts the decrypted message C to obtain message D and sends it to the remote control terminal;
步骤C6:远程控制端解密报文D得到自身的签名证书和加密秘钥对并存储,完成远程控制端与自动售餐装置之间的绑定。Step C6: The remote control terminal decrypts the message D to obtain its own signature certificate and encryption key pair and stores them, completing the binding between the remote control terminal and the automatic food vending device.
作为优选,步骤S4的具体过程,包括以下步骤:Preferably, the specific process of step S4 includes the following steps:
步骤D1:远程控制端获取自动售餐装置的状态,组织控制报文并发送给自动售餐装置,所述控制报文包括数字签名、远程控制端身份信息、控制时间和控制命令;Step D1: The remote control terminal obtains the status of the automatic meal vending device, organizes a control message and sends it to the automatic meal vending device. The control message includes a digital signature, remote control terminal identity information, control time and control command;
步骤D2:自动售餐装置验证控制报文的数字签名、远程控制端身份信息、控制时间及控制命令是否合法,如果合法,则执行命令;如果不合法,则将控制信息不合法的消息发送到远程控制端;Step D2: The automatic meal vending device verifies whether the digital signature of the control message, the identity information of the remote control terminal, the control time and the control command are legal. If legal, the command is executed; if not, a message indicating that the control information is illegal is sent to Remote control terminal;
远程控制端通过安装在自身的App应用程序登录到云服务器,并查找到需要控制的自动售餐装置;App应用程序接收到用户输入的控制信息,并按预先设置的通信协议对控制数据进行组织后,利用远程控制端的签名私钥对控制数据进行签名,再以自动售餐装置的加密公钥将控制数据报文封装成数字信封后,发送给自动售餐装置;指令数字信封中包括控制命令、时间信息和远程控制端身份信息;自动售餐装置以自身的加密私钥解开指令数字信封,再以绑定列表中存储的远程控制端的公钥对指令数字信封的数字签名进行签名验证,如果签名验证有效,验证控制数据中的控制命令和控制时间信息是否合法,如果合法,则执行命令;如果不合法,则向APP应用程序发送信息不合法的提示消息;如果签名验证无效,则向APP应用程序发送信息不合法的提示消息。 The remote control terminal logs in to the cloud server through the App application installed on itself, and finds the automatic food vending device that needs to be controlled; the App application receives the control information input by the user and organizes the control data according to the preset communication protocol Finally, use the signature private key of the remote control terminal to sign the control data, and then use the encrypted public key of the automatic meal vending device to encapsulate the control data message into a digital envelope and send it to the automatic meal vending device; the instruction digital envelope includes the control command , time information and remote control terminal identity information; the automatic vending device uses its own encrypted private key to unlock the instruction digital envelope, and then uses the remote control terminal's public key stored in the binding list to perform signature verification on the digital signature of the instruction digital envelope. If the signature verification is valid, verify whether the control command and control time information in the control data are legal. If it is legal, execute the command; if it is not legal, send an illegal prompt message to the APP application; if the signature verification is invalid, send a message to the APP application. The APP application sends a message indicating that the information is illegal.
作为优选,步骤C1的具体过程为:远程控制端生成自身的签名秘钥对,并将包含自身的签名公钥和唯一物理信息作为绑定请求报文A的数据,然后以自动售餐装置的设备编号为对称加密秘钥加密绑定请求报文A,最后将加密后的绑定请求报文A发送给自动售餐装置。Preferably, the specific process of step C1 is: the remote control terminal generates its own signature key pair, and uses its own signature public key and unique physical information as the data of the binding request message A, and then uses the automatic vending device's The device number is the symmetric encryption key that encrypts the binding request message A, and finally sends the encrypted binding request message A to the automatic meal vending device.
作为优选,步骤C2的具体过程,包括以下步骤:Preferably, the specific process of step C2 includes the following steps:
步骤C21:自动售餐装置以自身的设备编号为对称解密秘钥,解密远程控制端发送来的加密后的绑定请求报文A,获得绑定请求报文A的明文,然后自动售餐装置利用自身的签名私钥对明文签名,注册系统的加密公钥对签名后的明文加密,得到包含远程控制端签名公钥和远程控制端唯一物理信息的报文B;Step C21: The automatic meal vending device uses its own device number as the symmetric decryption key, decrypts the encrypted binding request message A sent by the remote control terminal, obtains the plain text of the binding request message A, and then the automatic meal vending device Use your own signing private key to sign the plain text, and the registration system's encrypted public key to encrypt the signed plain text to obtain message B containing the remote control end's signature public key and the remote control end's unique physical information;
步骤C22:自动售餐装置将报文B发送给远程控制端,再由远程控制端发送给云服务器的注册系统;Step C22: The automatic meal vending device sends message B to the remote control terminal, and then the remote control terminal sends it to the registration system of the cloud server;
步骤C23:注册系统先利用自身的加密私钥解密报文B,再利用自动售餐装置签名公钥对解密后的报文B进行签名验证;如果解密和签名验证任意一个过程失败,注册系统将终止绑定流程,并向自动售餐装置发送错误码;如果解密和签名验证均通过,注册系统将从报文B中获得的远程控制端的签名公钥、唯一物理信息转发给制证系统。制证系统根据远程控制端的签名公钥、物理唯一信息生成远程控制端的签名证书和加密秘钥对,然后将生成的签名证书、加密秘钥对发送给注册系统。Step C23: The registration system first uses its own encryption private key to decrypt message B, and then uses the automatic vending device signature public key to perform signature verification on the decrypted message B; if either decryption or signature verification fails, the registration system will Terminate the binding process and send an error code to the automatic meal vending device; if the decryption and signature verification are passed, the registration system will forward the signature public key and unique physical information of the remote control end obtained from message B to the certification system. The certificate production system generates the signature certificate and encryption key pair of the remote control terminal based on the signature public key and physical unique information of the remote control terminal, and then sends the generated signature certificate and encryption key pair to the registration system.
作为优选,步骤C4的具体过程,包括以下步骤:Preferably, the specific process of step C4 includes the following steps:
步骤C41:注册系统存储制证系统发送的远程控制端的签名证书、加密秘钥对和远程控制端的唯一物理信息,并记录远程控制端与自动售餐装置的绑定关系;Step C41: The registration system stores the remote control terminal's signature certificate, encryption key pair and remote control terminal's unique physical information sent by the certification system, and records the binding relationship between the remote control terminal and the automatic meal vending device;
步骤C42:利用注册系统自身的签名私钥对包含远程控制端的签名证书和加密秘钥对的报文C进行签名,然后利用自动售餐装置的加密公钥对签名后的报文C进行加密;Step C42: Use the registration system's own signature private key to sign the message C containing the remote control terminal's signature certificate and encryption key pair, and then use the encryption public key of the automatic vending device to encrypt the signed message C;
步骤C43:将加密后的报文C发送给远程控制端,远程控制端再将加密后的报文C发送给自动售餐装置。Step C43: Send the encrypted message C to the remote control terminal, and the remote control terminal sends the encrypted message C to the automatic meal vending device.
作为优选,步骤C5的具体过程,包括以下步骤:Preferably, the specific process of step C5 includes the following steps:
步骤C51:自动售餐装置利用自身的加密秘钥对的私钥解密加密后的报文C,然后利用SE芯片内存储的注册系统的签名公钥对解密后的报文C进行签名验证,如果解密和签名验证任意一个过程失败,则终止绑定流程,并向远程控制端返回错误码;如果解密和签名验证均通过,则将远程控制端的签名证书和加密秘钥对存储于SE芯片;Step C51: The automatic vending device uses the private key of its own encryption key pair to decrypt the encrypted message C, and then uses the signature public key of the registration system stored in the SE chip to perform signature verification on the decrypted message C. If If either decryption or signature verification fails, the binding process will be terminated and an error code will be returned to the remote control terminal; if both decryption and signature verification pass, the remote control terminal's signature certificate and encryption key pair will be stored in the SE chip;
步骤C52:自动售餐装置利用自身的设备编号对包含远程控制端的签名证书和加密秘钥对的报文D加密,然后将加密后的报文D发送到远程控制端。 Step C52: The automatic food vending device uses its own device number to encrypt the message D containing the signature certificate and encryption key pair of the remote control terminal, and then sends the encrypted message D to the remote control terminal.
作为优选,步骤C6的具体过程为:远程控制端以自动售餐装置的设备编号为对称解密秘钥解密收到的加密报文D,获得自身的签名证书和加密秘钥对,最后将自身的签名证书和加密秘钥对存入相应的目录中。Preferably, the specific process of step C6 is: the remote control terminal decrypts the received encrypted message D using the equipment number of the automatic meal vending device as the symmetric decryption key, obtains its own signature certificate and encryption key pair, and finally converts its own The signing certificate and encryption key pair are stored in the corresponding directory.
因此,本发明的优点是:Therefore, the advantages of the present invention are:
(1)采用PKI秘钥体系技术实现网络身份识别、网络通信保密、通信数据防篡改、通信主体不可抵赖等功能,提高自动售餐装置远程控制方法的安全性;(1) Use PKI key system technology to realize functions such as network identity identification, network communication confidentiality, communication data anti-tampering, and communication subject non-repudiation, etc., to improve the security of remote control methods for automatic food vending devices;
(2)利用数字证书建立通信主体之间的信任关系,所有的通信过程都可以确定通信主体的身份,不但可以对通信主体的身份进行鉴别和权限控制,而且可以防止通信主体的“事后抵赖”行为;(2) Use digital certificates to establish a trust relationship between communication subjects. All communication processes can determine the identity of the communication subject. Not only can the identity of the communication subject be identified and authority controlled, but also the "post-denial" of the communication subject can be prevented. Behavior;
(3)通信过程中所使用的数据全部以密文的方式传输,数据的安全性由所采用的加密算法的强度来保证,从而避免通信数据被篡改和信息泄露等问题,解决了现有自动售餐装置远程控制方法中的多种安全风险。(3) All data used in the communication process is transmitted in ciphertext, and the security of the data is guaranteed by the strength of the encryption algorithm used, thereby avoiding problems such as tampering of communication data and information leakage, and solving the existing automatic problem. Various security risks in remote control methods for food vending devices.
附图说明Description of the drawings
图1是本发明实施例一中一种用于自动售餐装置的远程控制方法的流程图。Figure 1 is a flow chart of a remote control method for an automatic food vending device in Embodiment 1 of the present invention.
图2是本发明实施例二中一种自动售餐装置的结构示意图。Figure 2 is a schematic structural diagram of an automatic food vending device in Embodiment 2 of the present invention.
1、预制餐食加热保温出餐总成 2、送餐小车 3、运输组件。1. Prefabricated meal heating and insulation serving assembly 2. Meal delivery trolley 3. Transport components.
具体实施方式Detailed ways
下面结合附图与具体实施方式对本发明做进一步的描述。The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.
实施例一:Example 1:
一种用于自动售餐装置的远程控制方法,如图1所示,包括以下步骤:A remote control method for an automatic food vending device, as shown in Figure 1, includes the following steps:
步骤S1:个性化设置自动售餐装置,自动售餐装置内设有SE芯片;Step S1: Personalize the automatic meal vending device, and the automatic meal vending device is equipped with an SE chip;
下载自动售餐装置的基本信息到自动售餐装置的SE芯片内,基本信息包括自动售餐装置的设备证书、加密秘钥对和设备编号;同时,将注册系统证书和注册系统加密公钥存储到自动售餐装置的SE芯片内;最后将设备编号展示在自动售餐装置或与自动售餐装置相关的用户手册上;Download the basic information of the automatic food vending device into the SE chip of the automatic food vending device. The basic information includes the equipment certificate, encryption key pair and equipment number of the automatic food vending device; at the same time, store the registration system certificate and registration system encryption public key. into the SE chip of the automatic food vending device; finally, display the device number on the automatic food vending device or the user manual related to the automatic food vending device;
步骤S2:将自动售餐装置接入无线局域网;Step S2: Connect the automatic meal vending device to the wireless LAN;
自动售餐装置解密远程控制端发送的包含无线局域网SSID和WIFI接入口令的密文数据,获得SSID和WIFI接入口令,然后以SSID和WIFI接入口令连接到无线局域网;The automatic vending device decrypts the ciphertext data containing the wireless LAN SSID and WIFI access password sent by the remote control terminal, obtains the SSID and WIFI access password, and then connects to the wireless LAN with the SSID and WIFI access password;
步骤S3:建立远程控制端与自动售餐装置的绑定关系;Step S3: Establish a binding relationship between the remote control terminal and the automatic meal vending device;
在云服务器的协调下,以设备证书为信任根,建立远程控制端与自动售餐装置的绑定关系; App应用程序通过用户手动输入或扫描条形码的方式,获取设备编号;Under the coordination of the cloud server, the device certificate is used as the root of trust to establish a binding relationship between the remote control terminal and the automatic meal vending device; The App obtains the device number through the user's manual input or scanning of the barcode;
步骤S4:通过远程控制端控制自动售餐装置;Step S4: Control the automatic meal vending device through the remote control terminal;
远程控制端获取自动售餐装置的状态,组织控制报文并发送给自动售餐装置,控制报文包括数字签名、远程控制端身份信息、控制时间和控制命令;自动售餐装置验证控制报文的数字签名、远程控制端身份信息、控制时间和控制命令是否合法,如果合法,则执行命令;如果不合法,则将控制信息不合法的消息发送到远程控制端。The remote control terminal obtains the status of the automatic meal vending device, organizes the control message and sends it to the automatic meal vending device. The control message includes digital signature, remote control terminal identity information, control time and control command; the automatic meal vending device verifies the control message. The digital signature, remote control end identity information, control time and control command are legal. If they are legal, the command is executed; if not, a message indicating that the control information is illegal is sent to the remote control end.
步骤S2的具体过程:The specific process of step S2:
远程控制端获取需建立绑定连接的自动售餐装置的基本信息及所用无线局域网中的SSID和WIFI接入口令;The remote control terminal obtains the basic information of the automatic food vending device that needs to establish a binding connection and the SSID and WIFI access password in the wireless LAN used;
远程控制端以基本信息中的设备编号为第一加密算法秘钥,采用第一加密算法对无线路由器的SSID和WIFI接入口令进行加密,得到密文数据;第一加密算法为对称加解密算法;The remote control terminal uses the device number in the basic information as the first encryption algorithm secret key, uses the first encryption algorithm to encrypt the SSID and WIFI access password of the wireless router, and obtains the ciphertext data; the first encryption algorithm is a symmetric encryption and decryption algorithm. ;
远程控制端将密文数据以UDP报文的方式推送给自动售餐装置;The remote control terminal pushes the ciphertext data to the automatic meal vending device in the form of UDP messages;
自动售餐装置接收到密文数据后,以自身设备编号为第一加密算法的解密秘钥,采用第一加密算法对密文数据进行解密,得到无线路由器的SSID和WIFI接入口令的明文数据;After the automatic food vending device receives the ciphertext data, it uses its own device number as the decryption key of the first encryption algorithm, uses the first encryption algorithm to decrypt the ciphertext data, and obtains the plaintext data of the SSID of the wireless router and the WIFI access password. ;
自动售餐装置使用明文数据配置自身无线网络模块,执行接入网络操作,将自动售餐装置连接到无线局域网中。The automatic food vending device uses plain text data to configure its own wireless network module, performs access network operations, and connects the automatic food vending device to the wireless LAN.
步骤S3的具体过程:The specific process of step S3:
远程控制端将包含自身签名公钥和唯一物理信息并经过加密的绑定请求报文A发送给自动售餐装置;远程控制端的唯一物理信息包括远程控制端ID、手机号码和PAD序列号;远程控制端包括智能手机、PC、PAD;The remote control terminal sends the encrypted binding request message A containing its own signature public key and unique physical information to the automatic meal vending device; the unique physical information of the remote control terminal includes the remote control terminal ID, mobile phone number and PAD serial number; the remote control terminal Control terminals include smartphones, PCs, and PADs;
自动售餐装置对解密后的绑定请求报文A依次进行签名和加密,得到报文B,并将报文B经远程控制端发送给云服务器的注册系统进行解密和签名验证,注册系统将签名验证通过的报文B中的远程控制端签名公钥和远程控制端唯一物理信息发送给制证系统;The automatic meal vending device sequentially signs and encrypts the decrypted binding request message A to obtain message B, and sends message B to the registration system of the cloud server through the remote control terminal for decryption and signature verification. The registration system will The remote control terminal's signature public key and the remote control terminal's unique physical information in message B that passes the signature verification are sent to the certification system;
制证系统生成远程控制端签名证书和远程控制端加密秘钥对并发送给注册系统;The certification system generates the remote control terminal signature certificate and the remote control terminal encryption key pair and sends them to the registration system;
注册系统将包含远程控制端签名证书和远程控制端加密秘钥对的报文C进行签名和加密后,经远程控制端发送给自动售餐装置;The registration system signs and encrypts the message C containing the remote control terminal signature certificate and the remote control terminal encryption key pair, and then sends it to the automatic meal vending device via the remote control terminal;
自动售餐装置对报文C进行解密和签名验证,然后对解密后的报文C重新加密,得到报文D并发送给远程控制端;The automatic meal vending device decrypts and verifies the signature of message C, then re-encrypts the decrypted message C to obtain message D and sends it to the remote control terminal;
远程控制端解密报文D得到自身的签名证书和加密秘钥对并存储,完成远程控制端与自动售餐装置之间的绑定。 The remote control end decrypts the message D to obtain its own signature certificate and encryption key pair and stores them, completing the binding between the remote control end and the automatic food vending device.
步骤S4的具体过程:The specific process of step S4:
远程控制端通过安装在自身的App应用程序登录到云服务器,并查找到需要控制的自动售餐装置;The remote control terminal logs in to the cloud server through the App installed on itself, and finds the automatic food vending device that needs to be controlled;
App应用程序接收到用户输入的控制信息,并按预先设置的通信协议对控制数据进行组织后,利用远程控制端的签名私钥对控制数据进行签名,再以自动售餐装置的加密公钥将控制数据报文封装成数字信封后,发送给自动售餐装置;指令数字信封中包括控制命令、时间信息和远程控制端身份信息;After the App application receives the control information input by the user and organizes the control data according to the preset communication protocol, it uses the signature private key of the remote control terminal to sign the control data, and then uses the encrypted public key of the automatic vending device to control the data. After the data message is encapsulated into a digital envelope, it is sent to the automatic meal vending device; the instruction digital envelope includes control commands, time information and remote control terminal identity information;
自动售餐装置以自身的加密私钥解开指令数字信封,再以绑定列表中存储的远程控制端的公钥对指令数字信封的数字签名进行签名验证,如果签名验证有效,进行下一步;如果签名验证无效,则向APP应用程序发送信息不合法的提示消息;The automatic vending device unlocks the instruction digital envelope with its own encrypted private key, and then uses the public key of the remote control terminal stored in the binding list to perform signature verification on the digital signature of the instruction digital envelope. If the signature verification is valid, proceed to the next step; if If the signature verification is invalid, a prompt message indicating that the information is illegal will be sent to the APP application;
验证控制数据中的控制命令和控制时间信息是否合法,如果合法,则执行命令;如果不合法,则向APP应用程序发送信息不合法的提示消息。Verify whether the control command and control time information in the control data are legal. If it is legal, execute the command; if it is illegal, send a prompt message to the APP application that the information is illegal.
步骤C1的具体过程:The specific process of step C1:
远程控制端生成自身的签名秘钥对,并将包含自身的签名公钥和唯一物理信息作为绑定请求报文A的数据,然后以自动售餐装置的设备编号为对称加密秘钥加密绑定请求报文A,最后将加密后的绑定请求报文A发送给自动售餐装置。The remote control end generates its own signature key pair, and uses its own signature public key and unique physical information as the data of the binding request message A, and then uses the device number of the automatic vending device as the symmetric encryption key to encrypt and bind request message A, and finally send the encrypted binding request message A to the automatic meal vending device.
步骤C2和C3的具体过程:The specific process of steps C2 and C3:
自动售餐装置以自身的设备编号为对称解密秘钥,解密远程控制端发送来的加密后的绑定请求报文A,获得绑定请求报文A的明文,然后自动售餐装置利用自身的签名私钥对明文签名,注册系统的加密公钥对签名后的明文加密,得到包含远程控制端签名公钥和远程控制端唯一物理信息的报文B;The automatic food vending device uses its own device number as the symmetric decryption key, decrypts the encrypted binding request message A sent by the remote control terminal, and obtains the plain text of the binding request message A. Then the automatic food vending device uses its own The signature private key signs the plain text, and the registration system's encrypted public key encrypts the signed plain text to obtain message B containing the remote control end's signature public key and the remote control end's unique physical information;
自动售餐装置将报文B发送给远程控制端,再由远程控制端发送给云服务器的注册系统;注册系统先利用自身的加密私钥解密报文B,再利用自动售餐装置签名公钥对解密后的报文B进行签名验证;如果解密和签名验证任意一个过程失败,注册系统将终止绑定流程,并向自动售餐装置发送错误码;如果解密和签名验证均通过,注册系统将从报文B中获得的远程控制端的签名公钥、唯一物理信息转发给制证系统;The automatic meal vending device sends message B to the remote control terminal, and then the remote control terminal sends it to the registration system of the cloud server; the registration system first uses its own encryption private key to decrypt message B, and then uses the automatic meal vending device signature public key Perform signature verification on decrypted message B; if either decryption or signature verification fails, the registration system will terminate the binding process and send an error code to the vending device; if both decryption and signature verification pass, the registration system will The remote control terminal's signature public key and unique physical information obtained from message B are forwarded to the certification system;
制证系统根据远程控制端的签名公钥、物理唯一信息生成远程控制端的签名证书和加密秘钥对,然后将生成的签名证书、加密秘钥对发送给注册系统。The certificate production system generates the signature certificate and encryption key pair of the remote control terminal based on the signature public key and physical unique information of the remote control terminal, and then sends the generated signature certificate and encryption key pair to the registration system.
步骤C4的具体过程:The specific process of step C4:
注册系统存储制证系统发送的远程控制端的签名证书、加密秘钥对和远程控制端的唯一物理 信息,并记录远程控制端与自动售餐装置的绑定关系;The registration system stores the remote control terminal’s signature certificate, encryption key pair and the remote control terminal’s unique physical identity sent by the certification system. information, and record the binding relationship between the remote control terminal and the automatic meal vending device;
利用注册系统自身的签名私钥对包含远程控制端的签名证书和加密秘钥对的报文C进行签名,然后利用自动售餐装置的加密公钥对签名后的报文C进行加密;Use the registration system's own signature private key to sign the message C containing the remote control terminal's signature certificate and encryption key pair, and then use the encryption public key of the automatic vending device to encrypt the signed message C;
将加密后的报文C发送给远程控制端,远程控制端再将加密后的报文C发送给自动售餐装置。The encrypted message C is sent to the remote control terminal, and the remote control terminal sends the encrypted message C to the automatic meal vending device.
步骤C5和C6的具体过程:The specific process of steps C5 and C6:
自动售餐装置利用自身的加密秘钥对的私钥解密加密后的报文C,然后利用SE芯片内存储的注册系统的签名公钥对解密后的报文C进行签名验证,如果解密和签名验证任意一个过程失败,则终止绑定流程,并向远程控制端返回错误码;如果解密和签名验证均通过,则将远程控制端的签名证书和加密秘钥对存储于SE芯片;The automatic vending device uses the private key of its own encryption key pair to decrypt the encrypted message C, and then uses the signature public key of the registration system stored in the SE chip to perform signature verification on the decrypted message C. If the decryption and signature If any verification process fails, the binding process will be terminated and an error code will be returned to the remote control terminal; if both decryption and signature verification pass, the remote control terminal's signature certificate and encryption key pair will be stored in the SE chip;
自动售餐装置利用自身的设备编号对包含远程控制端的签名证书和加密秘钥对的报文D加密,然后将加密后的报文D发送到远程控制端;The automatic vending device uses its own device number to encrypt the message D containing the remote control terminal's signature certificate and encryption key pair, and then sends the encrypted message D to the remote control terminal;
远程控制端以自动售餐装置的设备编号为对称解密秘钥解密收到的加密报文D,获得自身的签名证书和加密秘钥对,最后将自身的签名证书和加密秘钥对存入相应的目录中。The remote control end decrypts the received encrypted message D using the equipment number of the automatic meal vending device as the symmetric decryption key, obtains its own signature certificate and encryption key pair, and finally stores its own signature certificate and encryption key pair in the corresponding in the directory.
实施例二:Example 2:
一种自动售餐装置,如图2所示,包括预制餐食加热保温出餐总成1和运输组件3,预制餐食加热保温出餐总成1包括三层餐食储存腔,每一层餐食储存腔内储存有不同种类快餐,预制餐食加热保温出餐总成1外壁上设有出餐口;运输组件3包括输送带桌面和桌面输送带电力滚筒,输送带桌面上设有送餐小车2、小车驱动电机和小车驱动杆,送餐小车2上设有点餐屏;还设有垃圾箱、垃圾输送带、垃圾输送带动力滚筒、垃圾压缩螺杆和垃圾压缩杆驱动总成。An automatic meal vending device, as shown in Figure 2, includes a prefabricated meal heating and insulation meal dispensing assembly 1 and a transportation component 3. The prefabricated meal heating and insulation meal dispensing assembly 1 includes three layers of meal storage chambers, each layer Different types of fast food are stored in the meal storage cavity. The prefabricated meal heating and insulation meal delivery assembly 1 is provided with a meal outlet on the outer wall; the transportation component 3 includes a conveyor belt tabletop and a tabletop conveyor belt electric roller. There is a delivery belt on the conveyor belt tabletop. The dining trolley 2 has a trolley drive motor and a trolley drive rod. The food delivery trolley 2 is equipped with an ordering screen; it is also equipped with a dustbin, a garbage conveyor belt, a garbage conveyor belt power roller, a garbage compression screw and a garbage compression rod drive assembly.
以上内容,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以权利要求的保护范围为准。 The above contents are only specific embodiments of the present application, but the protection scope of the present application is not limited thereto. Any person familiar with the technical field can easily think of changes or replacements within the technical scope disclosed in the present application, and should are covered by the protection scope of this application. Therefore, the protection scope of this application should be subject to the protection scope of the claims.

Claims (10)

  1. 一种用于自动售餐装置的远程控制方法,其特征在于,包括以下步骤:A remote control method for an automatic food vending device, characterized in that it includes the following steps:
    步骤S1:个性化设置自动售餐装置,所述自动售餐装置内设有SE芯片;Step S1: Personalize the automatic meal vending device, and the automatic meal vending device is equipped with an SE chip;
    步骤S2:将自动售餐装置接入无线局域网;Step S2: Connect the automatic meal vending device to the wireless LAN;
    步骤S3:建立远程控制端与自动售餐装置的绑定关系;Step S3: Establish a binding relationship between the remote control terminal and the automatic meal vending device;
    步骤S4:通过远程控制端控制自动售餐装置。Step S4: Control the automatic meal vending device through the remote control terminal.
  2. 根据权利要求1所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤S1的具体过程,包括以下步骤:A remote control method for an automatic food vending device according to claim 1, characterized in that the specific process of step S1 includes the following steps:
    步骤A1:下载自动售餐装置的基本信息到所述自动售餐装置的SE芯片内,所述基本信息包括设备证书、加密秘钥对和设备编号;Step A1: Download the basic information of the automatic food vending device into the SE chip of the automatic food vending device. The basic information includes the equipment certificate, encryption key pair and equipment number;
    步骤A2:将注册系统证书和注册系统加密公钥存储到所述自动售餐装置的SE芯片内;Step A2: Store the registration system certificate and the registration system encryption public key in the SE chip of the automatic food vending device;
    步骤A3:将设备编号展示在自动售餐装置或与所述自动售餐装置相关的用户手册上。Step A3: Display the equipment number on the automatic food vending device or the user manual related to the automatic food vending device.
  3. 根据权利要求1所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤S2的具体过程:包括以下步骤:A remote control method for an automatic food vending device according to claim 1, characterized in that the specific process of step S2 includes the following steps:
    步骤B1:远程控制端发送包含无线局域网SSID和WIFI接入口令的密文给自动售餐装置;Step B1: The remote control terminal sends the ciphertext containing the wireless LAN SSID and WIFI access password to the automatic meal vending device;
    步骤B2:自动售餐装置解密密文数据,获得SSID和WIFI接入口令;Step B2: The automatic food vending device decrypts the ciphertext data and obtains the SSID and WIFI access password;
    步骤B3:自动售餐装置以SSID和WIFI接入口令连接到无线局域网。Step B3: The automatic food vending device connects to the wireless LAN using the SSID and WIFI access password.
  4. 根据权利要求2所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤S3中,在云服务器的协调下,以设备证书为信任根,建立远程控制端与自动售餐装置的绑定关系,具体过程包括以下步骤:A remote control method for an automatic meal vending device according to claim 2, characterized in that, in step S3, under the coordination of the cloud server, the device certificate is used as the root of trust to establish the remote control terminal and the automatic meal vending device. The binding relationship of the device, the specific process includes the following steps:
    步骤C1:远程控制端将包含自身签名公钥和唯一物理信息并经过加密的绑定请求报文A发送给自动售餐装置;Step C1: The remote control terminal sends the encrypted binding request message A containing its own signature public key and unique physical information to the automatic food vending device;
    步骤C2:自动售餐装置对解密后的绑定请求报文A依次进行签名和加密,得到报文B,并将报文B经远程控制端发送给云服务器的注册系统进行解密和签名验证,注册系统将签名验证通过的报文B中的远程控制端签名公钥和远程控制端唯一物理信息发送给制证系统;Step C2: The automatic meal vending device sequentially signs and encrypts the decrypted binding request message A to obtain message B, and sends message B to the registration system of the cloud server through the remote control terminal for decryption and signature verification. The registration system sends the remote control terminal's signature public key and the remote control terminal's unique physical information in the message B that passes the signature verification to the certification system;
    步骤C3:制证系统生成远程控制端签名证书和远程控制端加密秘钥对并发送给注册系统;Step C3: The certification system generates the remote control terminal signature certificate and the remote control terminal encryption key pair and sends them to the registration system;
    步骤C4:注册系统将包含远程控制端签名证书和远程控制端加密秘钥对的报文C进行签名和加密后,经远程控制端发送给自动售餐装置;Step C4: The registration system signs and encrypts the message C containing the remote control terminal signature certificate and the remote control terminal encryption key pair, and then sends it to the automatic meal vending device via the remote control terminal;
    步骤C5:自动售餐装置对报文C进行解密和签名验证,然后对解密后的报文C重新加密,得到报文D并发送给远程控制端;Step C5: The automatic food vending device decrypts and verifies the signature of message C, then re-encrypts the decrypted message C to obtain message D and sends it to the remote control terminal;
    步骤C6:远程控制端解密报文D得到自身的签名证书和加密秘钥对并存储,完成远程控制端 与自动售餐装置之间的绑定。Step C6: The remote control end decrypts the message D to obtain its own signature certificate and encryption key pair and stores them, completing the remote control end Binding with automatic food vending device.
  5. 根据权利要求1所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤S4的具体过程,包括以下步骤:A remote control method for an automatic food vending device according to claim 1, characterized in that the specific process of step S4 includes the following steps:
    步骤D1:远程控制端获取自动售餐装置的状态,组织控制报文并发送给自动售餐装置,所述控制报文包括数字签名、远程控制端身份信息、控制时间和控制命令;Step D1: The remote control terminal obtains the status of the automatic meal vending device, organizes a control message and sends it to the automatic meal vending device. The control message includes a digital signature, remote control terminal identity information, control time and control command;
    步骤D2:自动售餐装置验证控制报文的数字签名、远程控制端身份信息、控制时间及控制命令是否合法,如果合法,则执行命令;如果不合法,则将控制信息不合法的消息发送到远程控制端。Step D2: The automatic meal vending device verifies whether the digital signature of the control message, the identity information of the remote control terminal, the control time and the control command are legal. If legal, the command is executed; if not, a message indicating that the control information is illegal is sent to Remote control terminal.
  6. 根据权利要求4所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤C1的具体过程为:远程控制端生成自身的签名秘钥对,并将包含自身的签名公钥和唯一物理信息作为绑定请求报文A的数据,然后以自动售餐装置的设备编号为对称加密秘钥加密绑定请求报文A,最后将加密后的绑定请求报文A发送给自动售餐装置。A remote control method for an automatic food vending device according to claim 4, characterized in that the specific process of step C1 is: the remote control terminal generates its own signature secret key pair and includes its own signature public key and unique physical information as the data of the binding request message A, and then use the equipment number of the automatic vending device as the symmetric encryption key to encrypt the binding request message A, and finally send the encrypted binding request message A to the automatic Food vending device.
  7. 根据权利要求4所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤C2的具体过程,包括以下步骤:A remote control method for an automatic food vending device according to claim 4, characterized in that the specific process of step C2 includes the following steps:
    步骤C21:自动售餐装置以自身的设备编号为对称解密秘钥,解密远程控制端发送来的加密后的绑定请求报文A,获得绑定请求报文A的明文,然后自动售餐装置利用自身的签名私钥对明文签名,注册系统的加密公钥对签名后的明文加密,得到包含远程控制端签名公钥和远程控制端唯一物理信息的报文B;Step C21: The automatic meal vending device uses its own device number as the symmetric decryption key, decrypts the encrypted binding request message A sent by the remote control terminal, obtains the plain text of the binding request message A, and then the automatic meal vending device Use your own signing private key to sign the plain text, and the registration system's encrypted public key to encrypt the signed plain text to obtain message B containing the remote control end's signature public key and the remote control end's unique physical information;
    步骤C22:自动售餐装置将报文B发送给远程控制端,再由远程控制端发送给云服务器的注册系统;Step C22: The automatic meal vending device sends message B to the remote control terminal, and then the remote control terminal sends it to the registration system of the cloud server;
    步骤C23:注册系统先利用自身的加密私钥解密报文B,再利用自动售餐装置签名公钥对解密后的报文B进行签名验证;如果解密和签名验证任意一个过程失败,注册系统将终止绑定流程,并向自动售餐装置发送错误码;如果解密和签名验证均通过,注册系统将从报文B中获得的远程控制端的签名公钥、唯一物理信息转发给制证系统。Step C23: The registration system first uses its own encryption private key to decrypt message B, and then uses the automatic vending device signature public key to perform signature verification on the decrypted message B; if either decryption or signature verification fails, the registration system will Terminate the binding process and send an error code to the automatic meal vending device; if the decryption and signature verification are passed, the registration system will forward the signature public key and unique physical information of the remote control end obtained from message B to the certification system.
  8. 根据权利要求4所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤C4的具体过程,包括以下步骤:A remote control method for an automatic food vending device according to claim 4, characterized in that the specific process of step C4 includes the following steps:
    步骤C41:注册系统存储制证系统发送的远程控制端的签名证书、加密秘钥对和远程控制端的唯一物理信息,并记录远程控制端与自动售餐装置的绑定关系;Step C41: The registration system stores the remote control terminal's signature certificate, encryption key pair and remote control terminal's unique physical information sent by the certification system, and records the binding relationship between the remote control terminal and the automatic meal vending device;
    步骤C42:利用注册系统自身的签名私钥对包含远程控制端的签名证书和加密秘钥对的报文C进行签名,然后利用自动售餐装置的加密公钥对签名后的报文C进行加密; Step C42: Use the registration system's own signature private key to sign the message C containing the remote control terminal's signature certificate and encryption key pair, and then use the encryption public key of the automatic vending device to encrypt the signed message C;
    步骤C43:将加密后的报文C发送给远程控制端,远程控制端再将加密后的报文C发送给自动售餐装置。Step C43: Send the encrypted message C to the remote control terminal, and the remote control terminal sends the encrypted message C to the automatic meal vending device.
  9. 根据权利要求8所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤C5的具体过程,包括以下步骤:A remote control method for an automatic food vending device according to claim 8, characterized in that the specific process of step C5 includes the following steps:
    步骤C51:自动售餐装置利用自身的加密秘钥对的私钥解密加密后的报文C,然后利用SE芯片内存储的注册系统的签名公钥对解密后的报文C进行签名验证,如果解密和签名验证任意一个过程失败,则终止绑定流程,并向远程控制端返回错误码;如果解密和签名验证均通过,则将远程控制端的签名证书和加密秘钥对存储于SE芯片;Step C51: The automatic vending device uses the private key of its own encryption key pair to decrypt the encrypted message C, and then uses the signature public key of the registration system stored in the SE chip to perform signature verification on the decrypted message C. If If either decryption or signature verification fails, the binding process will be terminated and an error code will be returned to the remote control terminal; if both decryption and signature verification pass, the remote control terminal's signature certificate and encryption key pair will be stored in the SE chip;
    步骤C52:自动售餐装置利用自身的设备编号对包含远程控制端的签名证书和加密秘钥对的报文D加密,然后将加密后的报文D发送到远程控制端。Step C52: The automatic food vending device uses its own device number to encrypt the message D containing the signature certificate and encryption key pair of the remote control terminal, and then sends the encrypted message D to the remote control terminal.
  10. 根据权利要求9所述的一种用于自动售餐装置的远程控制方法,其特征在于,步骤C6的具体过程为:远程控制端以自动售餐装置的设备编号为对称解密秘钥解密收到的加密报文D,获得自身的签名证书和加密秘钥对,最后将自身的签名证书和加密秘钥对存入相应的目录中。 A remote control method for an automatic meal vending device according to claim 9, characterized in that the specific process of step C6 is: the remote control end uses the equipment number of the automatic meal vending device as the symmetric decryption key to decrypt the received Encrypted message D, obtains its own signature certificate and encryption key pair, and finally stores its own signature certificate and encryption key pair in the corresponding directory.
PCT/CN2023/085022 2022-06-13 2023-03-30 Remote control method for automatic meal selling device WO2023241170A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210666045.7 2022-06-13
CN202210666045.7A CN115277797A (en) 2022-06-13 2022-06-13 Remote control method for automatic meal selling device

Publications (1)

Publication Number Publication Date
WO2023241170A1 true WO2023241170A1 (en) 2023-12-21

Family

ID=83759540

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/085022 WO2023241170A1 (en) 2022-06-13 2023-03-30 Remote control method for automatic meal selling device

Country Status (2)

Country Link
CN (1) CN115277797A (en)
WO (1) WO2023241170A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115277797A (en) * 2022-06-13 2022-11-01 爱仕达股份有限公司 Remote control method for automatic meal selling device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN202904736U (en) * 2012-11-26 2013-04-24 深圳和盛兄弟科技有限公司 Remote controlled intelligent meal selling machine
CN103941667A (en) * 2013-12-31 2014-07-23 海尔集团公司 Method, system and device for controlling household appliances
WO2015041490A1 (en) * 2013-09-23 2015-03-26 삼성전자 주식회사 Apparatus and method by which user device in home network system transmits home-device-related information
CN105516103A (en) * 2015-11-30 2016-04-20 青岛海尔智能家电科技有限公司 Method, device and system for binding intelligent household electrical appliances
CN105553932A (en) * 2015-11-30 2016-05-04 青岛海尔智能家电科技有限公司 Method, device and system of remote control safety binding of intelligent home appliance
CN106130982A (en) * 2016-06-28 2016-11-16 北京万协通信息技术有限公司 Intelligent household appliance remote control method based on PKI system
CN110415450A (en) * 2019-07-24 2019-11-05 珠海优特智厨科技有限公司 It sells meal method, apparatus, sell dinner table and computer equipment and computer storage medium
CN115277797A (en) * 2022-06-13 2022-11-01 爱仕达股份有限公司 Remote control method for automatic meal selling device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103618610B (en) * 2013-12-06 2018-09-28 上海上塔软件开发有限公司 A kind of information security algorithm based on energy information gateway in intelligent grid
CN104393993B (en) * 2014-10-24 2018-05-29 国家电网公司 A kind of safety chip and its implementation for electricity-selling terminal
CN106789018B (en) * 2016-12-20 2019-10-08 百富计算机技术(深圳)有限公司 Secret key remote acquisition methods and device

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN202904736U (en) * 2012-11-26 2013-04-24 深圳和盛兄弟科技有限公司 Remote controlled intelligent meal selling machine
WO2015041490A1 (en) * 2013-09-23 2015-03-26 삼성전자 주식회사 Apparatus and method by which user device in home network system transmits home-device-related information
CN103941667A (en) * 2013-12-31 2014-07-23 海尔集团公司 Method, system and device for controlling household appliances
CN105516103A (en) * 2015-11-30 2016-04-20 青岛海尔智能家电科技有限公司 Method, device and system for binding intelligent household electrical appliances
CN105553932A (en) * 2015-11-30 2016-05-04 青岛海尔智能家电科技有限公司 Method, device and system of remote control safety binding of intelligent home appliance
CN106130982A (en) * 2016-06-28 2016-11-16 北京万协通信息技术有限公司 Intelligent household appliance remote control method based on PKI system
CN110415450A (en) * 2019-07-24 2019-11-05 珠海优特智厨科技有限公司 It sells meal method, apparatus, sell dinner table and computer equipment and computer storage medium
CN115277797A (en) * 2022-06-13 2022-11-01 爱仕达股份有限公司 Remote control method for automatic meal selling device

Also Published As

Publication number Publication date
CN115277797A (en) 2022-11-01

Similar Documents

Publication Publication Date Title
JP7352008B2 (en) First element contactless card authentication system and method
CN101873588B (en) Method and system for realizing service application safety
CN102595404B (en) For storing and executing the method and device of access control clients
CN105050081B (en) Method, device and system for connecting network access device to wireless network access point
US11776348B2 (en) Contactless card personal identification system
KR101438243B1 (en) Sim based authentication
US11736304B2 (en) Secure authentication of remote equipment
CN1805441B (en) Integrated WLAN authentication architecture and method of implementing structural layers
CN107431619A (en) The security certification system and its method that member for online website logs in
CN104205891A (en) Virtual sim card cloud platform
US8397281B2 (en) Service assisted secret provisioning
US20160234016A1 (en) Power line based theft protection of electronic devices
WO2021109963A1 (en) Initial security configuration method, security module, and terminal
US20200274866A1 (en) Method for implementing client side credential control to authorize access to a protected device
EP1881663B1 (en) Management of multiple connections to a security token access device
WO2023241170A1 (en) Remote control method for automatic meal selling device
CN101986598A (en) Authentication method, server and system
CN101707522A (en) Method and system for authentication and connection
JP7512499B2 (en) First factor contactless card authentication system and method
US20220407867A1 (en) Proof of authority based access to devices on a network with local token acquisition
KR102682490B1 (en) Method for unmanned self-service storage service and unmanned self-service storage system
CN116033430A (en) CPE management flow communication method, device, equipment and medium based on SIM card
KR20240093945A (en) First factor contactless card authentication system and method
CN114024791A (en) Intelligent home security communication method and system
JP2002229449A (en) Method and system for authenticating data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23822741

Country of ref document: EP

Kind code of ref document: A1