CN106920302A - Method for unlocking, master device for Internet of Things lock, from apparatus and system - Google Patents
Method for unlocking, master device for Internet of Things lock, from apparatus and system Download PDFInfo
- Publication number
- CN106920302A CN106920302A CN201710029091.5A CN201710029091A CN106920302A CN 106920302 A CN106920302 A CN 106920302A CN 201710029091 A CN201710029091 A CN 201710029091A CN 106920302 A CN106920302 A CN 106920302A
- Authority
- CN
- China
- Prior art keywords
- password
- master device
- unlocking
- standby
- primary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00309—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00571—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by interacting with a central unit
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00857—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/00174—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
- G07C9/00857—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
- G07C2009/00865—Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed remotely by wireless communication
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Selective Calling Equipment (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention discloses a kind of method for unlocking for Internet of Things lock, master device, from apparatus and system, it is related to entrance guard management technical field, includes the step of performed by master device in the method:Order of the acquisition from equipment safety information is sent to from device;The security information returned from device is received, safety verification is carried out;After safety verification passes through, request of unlocking is sent to from device, wherein, request of unlocking includes:The primary password of master device and the standby password of master device;Receive the unlocking result returned according to request of unlocking from device.As can be seen here, security, robustness, the compatibility of Internet of Things lock system greatly improved by Double-puzzle management system for the present invention.
Description
Technical field
The present invention relates to entrance guard management technical field, and in particular to it is a kind of for Internet of Things lock method for unlocking, master device, from
Apparatus and system.
Background technology
Internet of Things is widely used in network by the cognition technology that communicates such as Intellisense, identification technology and general fit calculation
In fusion.In Internet of Things, object is connected with internet, enters row information and exchanges and communicate.Internet of Things lock refers to be different from traditional machine
Tool is locked, in user's identification, security, the more intelligentized lockset of managerial aspect.
Realize it is of the invention during, inventor find there is a problem of in the prior art it is as follows:Single cipher management system
There is the shortcomings of management difficulty after cryptocompromise is big, lock core cipher updates management cost high, man-in-the-middle attack protective capacities difference in system.
The content of the invention
In view of the above problems, the embodiment of the present invention provide it is a kind of solve the above problems for Internet of Things lock method for unlocking,
Master device, from apparatus and system.
According to the one side of the embodiment of the present invention, there is provided a kind of method for unlocking for Internet of Things lock, it is by master device
Perform, the method includes:Order of the acquisition from equipment safety information is sent to from device;Receive the safety letter returned from device
Breath, carries out safety verification;After safety verification passes through, request of unlocking is sent to from device, wherein, request of unlocking includes:It is main
The primary password of device and the standby password of master device;Receive the unlocking result returned according to request of unlocking from device.
Optionally, further included to before sending the step of unlocking request from device:Rule is changed according to default,
Change the primary password of master device and the standby password of master device.
Optionally, rule is changed according to default, is had the step of change the primary password of master device and master device standby password
Body includes:The standby password of former master device, the standby password of master device after being changed are replaced with the primary password of former master device;According to
Default password create-rule generates new password, is used to replace the primary password of former master device, and the master device after being changed is primary
Password.
Optionally, further included to before sending the step of unlocking request from device:After safety verification passes through, will
Initialization information is sent to from device, wherein, initialization information includes:The primary password of master device and the standby password of master device;And
Receive the initialization result returned from device.
According to the other side of the embodiment of the present invention, there is provided a kind of method for unlocking for Internet of Things lock, it is by from dress
Execution is put, the method includes:Receive the acquisition of master device transmission from the order of equipment safety information;Safety letter is sent to master device
Breath;The unlocking request that master device sends is received, and the primary password of master device and master device that will be included in request of unlocking are standby close
Code is compared with from the primary password of device and from the standby password of device;When comparative result be by when, perform unlocking operation, and
The unlocking result of successful types is returned to master device.
Optionally, further included before the step of unlocking for receiving master device transmission is asked:Master device is received to send
Initialization information, wherein, initialization information includes:The primary password of master device and the standby password of master device;Master device is primary
Password is set to initial from the primary password of device, the standby password of master device is set to initial from the standby password of device.
Optionally, the primary password of master device and the standby password of master device that will be included in request of unlocking are primary close with from device
Code and specifically include the step of be compared from the standby password of device:By the primary password of master device respectively with from the primary password of device
It is compared with from the standby password of device;By the standby password of master device respectively with from the primary password of device and from the standby password of device
It is compared;When the primary password of master device with from the primary password of device is identical and the standby password of master device with from the standby password of device
When identical, or, when the primary password of master device is different from from the primary password of device but the standby password of master device is primary with from device
When password is identical, comparative result is to pass through.
Optionally, when the primary password of master device from from the primary password of device is different but the standby password of master device with from device master
With password it is identical when, the primary password of master device that includes and the standby password of master device are primary close with from device in the request that will unlock
Code and from the standby password of device be compared the step of after further include:It is standby according to the primary password of master device and master device
Password, changes from the primary password of device and from the standby password of device.
Optionally, change from the primary password of device and password standby from device the step of specifically include:It is primary with master device
Password replaces former from the primary password of device, after being changed from the primary password of device;With the standby password of master device replace it is former from
The standby password of device, after being changed from the standby password of device.
According to another aspect of the present invention, there is provided a kind of master device that method for unlocking is locked for performing Internet of Things, the master
Device includes:Security information order unit, for sending the order obtained from equipment safety information to from device;Security information is tested
Card unit, for receiving the security information returned from device, carries out safety verification;Unlocking request transmitting unit, for when safety
After being verified, request of unlocking is sent to from device, wherein, request of unlocking includes:The primary password of master device and master device are standby
Use password;Unlocking result receiving unit, for receiving the unlocking result returned according to request of unlocking from device.
Optionally, further included before unlocking request transmitting unit:Master device cipher change unit, for according to pre-
If replacing rule, change the primary password of master device and the standby password of master device.
Optionally, master device cipher change unit specifically for:It is standby former master device to be replaced with the primary password of former master device
Password, the standby password of master device after being changed;New password is generated according to default password create-rule, is used to replace former master
The primary password of device, the primary password of master device after being changed.
Optionally, further included before unlocking request transmitting unit:Initialization information unit, for working as safety verification
By rear, initialization information is sent to from device, wherein, initialization information includes:The primary password of master device and master device are standby
Use password;And receive the initialization result returned from device.
According to another aspect of the present invention, there is provided it is a kind of for perform Internet of Things lock method for unlocking from device, clump dress
Put including:Security information order receiving unit, for receiving the acquisition of master device transmission from the order of equipment safety information;Safety
Information returning unit, for sending security information to master device;Unlocking requesting processing, for receiving opening for master device transmission
In lock request, and the request that will unlock the primary password of master device that includes and the standby password of master device with from the primary password of device and from
The standby password of device is compared;Unlocking operation unit, for when comparative result be by when, unlocking operation is performed, and to master
Device returns to the unlocking result of successful types.
Optionally, further included before unlocking requesting processing:Initialization operation unit, for receiving master device
The initialization information of transmission, wherein, initialization information includes:The primary password of master device and the standby password of master device;By master device
Primary password is set to initial from the primary password of device, the standby password of master device is set to initial standby close from device
Code.
Optionally, unlocking requesting processing specifically for:By the primary password of master device respectively with from the primary password of device
It is compared with from the standby password of device;By the standby password of master device respectively with from the primary password of device and from the standby password of device
It is compared;When the primary password of master device with from the primary password of device is identical and the standby password of master device with from the standby password of device
When identical, or, when the primary password of master device is different from from the primary password of device but the standby password of master device is primary with from device
When password is identical, comparative result is to pass through.
Optionally, when the primary password of master device from from the primary password of device is different but the standby password of master device with from device master
With password it is identical when, further included after unlocking requesting processing:From device cipher change unit, for according to main dress
Put primary password and the standby password of master device, change from the primary password of device and from the standby password of device.
Optionally, from device cipher change unit specifically for:Replace former primary close from device with the primary password of master device
Code, after being changed from the primary password of device;Original is replaced from the standby password of device with the standby password of master device, after being changed
From the standby password of device.
It is according to another aspect of the present invention, there is provided a kind of system for performing Internet of Things lock method for unlocking including above-mentioned
Master device and above-mentioned from device.
It is of the invention it is a kind of for Internet of Things lock method for unlocking, master device, from apparatus and system, Double-puzzle can be used
Management system substitutes traditional single cipher management system, thus solves management difficulty after the cryptocompromise of prior art presence
Greatly, the problems such as lock core cipher updates management cost high, man-in-the-middle attack protective capacities difference, achieves and greatly improves Internet of Things lock system
Security, robustness, compatibility beneficial effect, be also achieved at low cost in addition cylinder side password update management, significantly
Reduce the man-in-the-middle attack risk of whole system.
Described above is only the general introduction of technical solution of the present invention, in order to better understand technological means of the invention,
And can be practiced according to the content of specification, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by specific embodiment of the invention.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, various other advantages and benefit is common for this area
Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention
Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings:
Fig. 1 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention one is provided;
Fig. 2 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention two is provided;
Fig. 3 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention three is provided;
Fig. 4 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention four is provided;
Fig. 5 shows a kind of structure for performing the master device of Internet of Things lock method for unlocking that the embodiment of the present invention five is provided
Schematic diagram;
Fig. 6 shows a kind of structure for performing the master device of Internet of Things lock method for unlocking that the embodiment of the present invention six is provided
Schematic diagram;
Fig. 7 shows a kind of structure from device that method for unlocking is locked for performing Internet of Things that the embodiment of the present invention seven is provided
Schematic diagram;
Fig. 8 shows a kind of structure from device that method for unlocking is locked for performing Internet of Things that the embodiment of the present invention eight is provided
Schematic diagram;
Fig. 9 shows a kind of idiographic flow of the initialization step of method for unlocking for Internet of Things lock in the embodiment of the present invention
Figure;
Figure 10 shows unlocking and the cipher change step of a kind of method for unlocking for Internet of Things lock in the embodiment of the present invention
Particular flow sheet.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
Limited.Conversely, there is provided these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
Embodiment one
Fig. 1 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention one is provided, such as
Shown in figure, the method is performed by master device, is specifically included:
Step S110:Order of the acquisition from equipment safety information is sent to from device.
Wherein, security information is generally comprised from identity information and/or status information of device etc..Master device is in order to follow-up
In step, corresponding unlocking cipher etc. can be inquired about according to from the identity information of device, and/or, can be according to from device
The corresponding operational order of state information searching etc., and appropriate operational order is sent, so needing to be sent to from device
Obtain the order from equipment safety information.Above-mentioned master device generally comprises the key and/or matched software of Internet of Things lock, uses
In sending operational order etc..The above-mentioned lockset that Internet of Things lock is generally comprised from device, for verifying the information that master device sends, and holds
The default operation of row, for example, unlock or change password etc..
Step S120:The security information returned from device is received, safety verification is carried out.
In order to improve the security of Internet of Things lock, corresponding authorization message can be set to master device and from device, will be all
Authorization message is accordingly saved in default database with the identity information and/or the identity information of master device from device.For
Further raising security, can also all set an effective time to each authorization message, within the effective time, from
Device can respond the related command of master device transmission, and after exceeding the effective time, then master device hair no longer be responded from device
The related command for sending.
When receiving from the security information that device is returned according to the order of above-mentioned acquisition security information, master device needs root
Corresponding authorization message is inquired about according to being included in security information from the identity information of device and the identity information of master device, and
Verify the ageing of the authorization message.Only when safety verification passes through, subsequent step is just performed.
Step S130:After safety verification passes through, request of unlocking is sent to from device.
Wherein, request of unlocking includes:The primary password of master device and the standby password of master device.Above-mentioned password is used to be sent to
Follow-up unlocking operation is carried out from device, and above-mentioned password is accordingly saved in default database with the identity information from device
In.
Specifically, after safety verification passes through, master device searched from default database with from the corresponding main dress of device
The primary secret and standby password of master device is put, the unlocking request that then will include above-mentioned password is sent to from device.
Step S140:Receive the unlocking result returned according to request of unlocking from device.
After the unlocking request in step S130 is sent to from device, can be made according to unlocking request from corresponding from device
Reason, and unlocking result is returned into master device.The unlocking result typically has two kinds of situations, and one kind is unlocking successful result, in addition
One kind is unlocking failure result.
As can be seen here, in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus the problems such as solving management difficulty after the cryptocompromise of prior art presence big, man-in-the-middle attack protective capacities difference, obtains
Greatly improve security, robustness, the beneficial effect of compatibility of Internet of Things lock system.
Embodiment two
Fig. 2 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention two is provided, such as
Figure is described, and the method is performed by master device, and the master device includes software platform (such as mobile phone A PP) and possesses the electricity of communication function
Sub- key, the method is specifically included:
Step S210:Order of the acquisition from equipment safety information is sent to from device.
In embodiments of the present invention, from the lock core that device is Internet of Things lock, the lock core is built with electron key by physical interface
Vertical communication, and the reading by TD/T1363 protocol realization data and authentication management on this basis.
Specifically, when electron key discloses upper lock core, electron key can send enabling signal to software platform.When software is flat
After platform receives the enabling signal of electron key transmission, software platform can be sent by the electron key being connected with lock core and obtain lock
The order of core security information.
Step S220:The security information returned from device is received, safety verification is carried out.
In order to improve the security of Internet of Things lock, corresponding authorization message can be set to master device and from device, will be all
Authorization message is accordingly saved in default database with the identity information and/or the identity information of master device from device.For
Further raising security, can also all set an effective time to each authorization message, within the effective time, from
Device can respond the related command of master device transmission, and after exceeding the effective time, then master device hair no longer be responded from device
The related command for sending.
Specifically, after electron key receives the security information of lock core return, can be by the security information and electronics key
The identity information (i.e. the unique identifier of electron key) of spoon is all sent to software platform.Wherein, comprised at least in security information
The identity information of lock core (i.e. the unique identifier of lock core).Now, software platform can respectively be inquired about from default database
Electron key and the corresponding authorization message of lock core, and safety verification is carried out to authorization message, that is, verify the timeliness of its authorization message
Property.When electron key and the corresponding authorization message of lock core are effective, the result of safety verification is to pass through.
Step S230:Rule is changed according to default, the primary password of master device and the standby password of master device is changed.
The step is optional step, in order to further improve the security of system, can change rule according to default, more
The primary password of master device and the standby password of master device in change owner device.Specifically, replace former main with the primary password of former master device
The standby password of device, the standby password of master device after being changed;And new password is generated according to default password create-rule, use
To replace the primary password of former master device, the primary password of master device after being changed.The exchonge step can also may be used with clocked flip
Actively triggered with by user, the embodiment of the present invention is not especially limited to this, and those skilled in the art can flexibly be set.Because
New password is automatically generated according to default password create-rule, thus the password be for a user it is opaque, because
This, can relatively well solve internal staff and divulge a secret problem.
Step S240:After safety verification passes through, initialization information is sent to from device, and receives what is returned from device
Initialization result.
The step is also optional step, is mainly used in setting password when lock core is enabled for the first time or is reset for lock core close
Code.Wherein, initialization information includes:The primary password of master device and the standby password of master device.
Specifically, after the safety verification in step S220 passes through, software platform will be comprising the primary password of master device and master
The initialization information of the standby password of device is sent to lock core by the electron key being connected with lock core, and lock core is then believed according to initialization
Breath carries out initialization operation.After initialization operation is completed, lock core can return to initialization knot by electron key to software platform
Really.After the initializing operation, software platform can also further obtain the details of lock core.
For security consideration, it is transmitted again after being encrypted to initialization information, conventional encryption is calculated
Method can be RC4 AESs.
Step S250:After safety verification passes through, request of unlocking is sent to from device.
After safety verification passes through, master device is searched primary secret with from the corresponding master device of device from default database
The close and standby password of master device, the unlocking request that then will include above-mentioned password is sent to from device.
Specifically, after the safety verification in step S220 passes through, software platform is searched and the lock core pair from database
The primary password of master device and the standby password of master device answered, and by above-mentioned password be included in unlocking request in, by with lock core phase
Electron key even is sent to lock core, to ask lock core to perform unlocking operation.
For security consideration, it is transmitted again after being encrypted with dual lock request, conventional AES can
Being RC4 AESs.
Step S260:Receive the unlocking result returned according to request of unlocking from device.
Specifically, after lock core receives above-mentioned unlocking asks, the lock core can verify password that unlocking is included in asking etc.
Information, and corresponding feedback is made, unlocking result is finally fed back into software platform by electron key.
As can be seen here, in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after the cryptocompromise of prior art presence is big, lock core cipher updates that management cost is high, go-between attacks
The problems such as hitting protective capacities difference, achieves security, robustness, the beneficial effect of compatibility for greatly improving Internet of Things lock system.
Meanwhile, operation is updated by timing or artificial trigger password, former primary password as standby password deletes former standby password
Remove, the purpose of dynamic more new password is reached with this, and daily unlocking operation by user carries out offline dynamic to lock core cipher
Update and effectively management, it is achieved thereby that low cost, the Dynamic Management System of wide covering.In addition, being entered by AESs such as RC4
Row communication encryption, so as to preferably solve the problems, such as man-in-the-middle attack.
Embodiment three
Fig. 3 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention three is provided, such as
Shown in figure, the method is performed by from device, is specifically included:
Step S310:Receive the acquisition of master device transmission from the order of equipment safety information.
Wherein, security information is generally comprised from identity information and/or status information of device etc..Above-mentioned master device is typically wrapped
The key and/or matched software of Internet of Things lock are included, for sending operational order etc..It is above-mentioned to generally comprise Internet of Things lock from device
Lockset, for verifying the information that master device sends, and perform default operation, for example unlock or change password etc..
From device after security information order is received, the order can be parsed, and related data is searched according to command context.
Step S320:Security information is sent to master device.
Because master device before other operations are carried out, it is necessary to verify the security from device, therefore, connect from device needs
After receiving security information order, resolve command content, and the security information according to needed for master device is fed back in security information order.
Step S330:Receive the unlocking request that master device sends, and the primary password of master device that will be included in request of unlocking
It is compared with from the primary password of device and from the standby password of device with the standby password of master device.
After the unlocking that master device transmission is received from device is asked, unlocking request can be parsed from device, and therefrom carry
The primary password of master device and the standby password of master device are taken out, and it is according to certain comparison rule that above-mentioned password is pre- with from device
If be compared from the primary password of device and from the standby password of device.The embodiment of the present invention does not make specific limit to comparison rule
Fixed, those skilled in the art can flexibly set.
Step S340:When comparative result be by when, perform unlocking operation, and to master device return successful types unlocking
As a result.
When the comparative result in step S330 be by when, illustrate master device be have the right unlock device, therefore, from device
Unlocking operation is performed, and unlocking successful result is returned into master device.
When the comparative result in step S330 is not to pass through, illustrates master device and sent to have no right unlocking apparatus or master device
Password it is wrong, do not perform unlocking operation from device, directly to master device return unlocking failure result.
As can be seen here, in embodiments of the present invention, in embodiments of the present invention, tradition is substituted by Double-puzzle management system
Single cipher management system, thus solve that management difficulty after the cryptocompromise of prior art presence is big, man-in-the-middle attack protection
The problems such as ability, achieve security, robustness, the beneficial effect of compatibility for greatly improving Internet of Things lock system.
Example IV
Fig. 4 shows a kind of schematic flow sheet of method for unlocking for Internet of Things lock that the embodiment of the present invention four is provided, such as
Shown in figure, the method is performed by from device, should include the lock core for possessing communication function from device, and the method is specifically included:
Step S410:Receive the acquisition of master device transmission from the order of equipment safety information.
In embodiments of the present invention, master device includes software platform (such as mobile phone A PP) and possesses the electronics of communication function
Key.Set up by physical interface with electron key from device (i.e. lock core) and communicated, and on this basis by TD/T1363 associations
View realizes reading and the authentication management of data.For security consideration, the lock core can be set to be only capable of by matching
Electron key communicated, it is possible thereby to avoid non-user personnel from being broken to lock core in the case of no electron key
Solution.
Specifically, when lock core receives the order of the acquisition lock core security information that software platform sends by electron key
Afterwards, lock core can parse the order, and the security related information needed for searching the order.
Step S420:Security information is sent to master device.
Because master device before other operations are carried out, it is necessary to verify the security from device, therefore, connect from device needs
After receiving security information order, resolve command content, and the security information according to needed for master device is fed back in security information order.
Specifically, when the lock core security information order that receives of parsing, and the associated safety letter needed for finding the order
After breath, above-mentioned security information can be returned to software platform by the lock core by the electron key that is attached thereto.Wherein, the safety
Information includes the identity information (i.e. the unique identifier of lock core) of lock core.
In order to further improve security, can also include for coded communication from the security information that device is returned
Session code, identity information of the session code similar to encryption information.In communication process, all returned to master device each time from device
Different session codes are returned, master device needs subsidiary this time communication corresponding after session code is received when information is sent every time
Session code, it is possible thereby to ensure the uniqueness of coded communication each time, prevents other users from pretending to be master device to be communicated with from device.
Step S430:Receive the initialization information that master device sends;The primary password of master device is set to initial from dress
Primary password is put, the standby password of master device is set to initial from the standby password of device.
The step is optional step, is mainly used in setting password when lock core is enabled for the first time or is reset for lock core close
Code.Wherein, initialization information includes:The primary password of master device and the standby password of master device.
Specifically, when lock core receives the initialization information of software platform transmission, lock core is carried from the initialization information
The primary password of master device and the standby password of master device are taken out, and the primary password of master device is set to initial primary close from device
Code, the standby password of master device is set to initial from the standby password of device.After the initialization operation is completed, lock core can be with
Initialization result information is returned to software platform.
When the ciphertext after initialization information is encryption, lock core also needs to carry out the ciphertext according to corresponding AES
Decryption, can just extract corresponding initialization information after decryption.
Step S440:Receive the unlocking request that master device sends, and the primary password of master device that will be included in request of unlocking
It is compared with from the primary password of device and from the standby password of device with the standby password of master device.
After the unlocking that master device transmission is received from device is asked, unlocking request can be parsed from device, and therefrom carry
The primary password of master device and the standby password of master device are taken out, and it is according to certain comparison rule that above-mentioned password is pre- with from device
If be compared from the primary password of device and from the standby password of device.
In embodiments of the present invention, above-mentioned comparison rule is:By the primary password of master device respectively with from the primary password of device
It is compared with from the standby password of device;By the standby password of master device respectively with from the primary password of device and from the standby password of device
It is compared;When the primary password of master device with from the primary password of device is identical and the standby password of master device with from the standby password of device
When identical, or, when the primary password of master device is different from from the primary password of device but the standby password of master device is primary with from device
When password is identical, comparative result is to pass through.
When the ciphertext after request of unlocking is encryption, also need to carry out the ciphertext according to corresponding AES from device
Decryption, can just extract corresponding request of unlocking after decryption.
Step S450:When the primary password of master device from from the primary password of device is different but the standby password of master device with from device
When primary password is identical, according to the primary password of master device and the standby password of master device, change from the primary password of device and from device
Standby password.
The step is optional step, only when the primary password of master device is different from from the primary password of device but master device is standby
With password with from the primary password of device it is identical when just perform.When there is above-mentioned comparable situation, the password of master device has been illustrated
Changed, so, it is also required to carry out corresponding replacing from device.Specific replacing options provided in an embodiment of the present invention are:
Replace former from the primary password of device with the primary password of master device, after being changed from the primary password of device;It is standby with master device
Password replaces former from the standby password of device, after being changed from the standby password of device.In other embodiments, art technology
Personnel can also flexibly set other replacing options.
Because there is one situation from device of multiple master device correspondences in actual applications, in this case, it is possible to
There is part master device password to have changed and other master device cipher change problems not in time of part.At this point it is possible to
Timer is set from device side, the timer is used to record within the certain hour time limit usable time of Old Password before replacing
Number, uses as buffer.For example, when timer initial number is 3, in the default term of validity, being used when there is a master device
When Old Password is unlocked before changing, being done as usual from device carries out feedback operation;Carried out with new password after replacing when there is a master device
During unlocking, the numerical value of counter is subtracted 1 after carrying out feedback operation from device, i.e. the numerical value of this hour counter is kept to 2;With such
Push away, when the numerical value of counter is kept to 0 or the default term of validity expires, no longer will receive to use the master device of Old Password from device
Unlocking request.Now, when occurring again, the primary password of master device is different from from the primary password of device but master device is standby close
Code with from the primary password of device it is identical when, from device perform cipher change operate.
Step S460:When comparative result be by when, perform unlocking operation, and to master device return successful types unlocking
As a result.
When the comparative result in step S440 be by when, illustrate master device be have the right unlock device, therefore, from device
Unlocking operation is performed, and unlocking successful result is returned into master device.
When the comparative result in step S440 is not to pass through, illustrates master device and sent to have no right unlocking apparatus or master device
Password it is wrong, do not perform unlocking operation from device, directly to master device return unlocking failure result.
As can be seen here, in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after the cryptocompromise of prior art presence is big, lock core cipher updates that management cost is high, go-between attacks
The problems such as hitting protective capacities difference, achieves security, robustness, the beneficial effect of compatibility for greatly improving Internet of Things lock system.
Meanwhile, operation is updated by timing or artificial trigger password, former primary password as standby password deletes former standby password
Remove, the purpose of dynamic more new password is reached with this, and daily unlocking operation by user carries out offline dynamic to lock core cipher
Update and effectively management, it is achieved thereby that low cost, the Dynamic Management System of wide covering.In addition, being entered by AESs such as RC4
Row communication encryption, so as to preferably solve the problems, such as man-in-the-middle attack.
In order to further facilitate the initialization step understood in the above method, Fig. 9 shows once complete initialization step
Rapid flow, specifically includes:1st, electron key is disclosed and locked, and electron key sends enabling signal;2nd, software platform sends and obtains lock
The order of core security information, and order is passed through by lock core by electron key;3rd, lock core returns to lock core security information and session
Code, and information is passed through by software platform by electron key;4th, software platform carries out safety according to the security information for receiving
Checking;5th, initialization information is encrypted using RC4 AESs and obtains ciphertext, and by electron key by ciphertext and step
3 session codes for receiving pass through lock core in the lump;6th, lock core is obtained initially according to the ciphertext that correspondence AES decryption is received
Change information, and initialization operation is carried out according to the initialization information;7th, lock core is saturating by initialization operation result by electron key
It is transmitted to software platform;8th, after software platform receives initialization operation result, the order for obtaining lock core details can be sent;
9th, the order that lock core sends according to software platform, returns to lock core details.
In order to further facilitate unlocking and the cipher change step understood in the above method, Figure 10 shows once complete
The flow unlocked with cipher change step, specifically includes:1st, electron key is disclosed and locked, and electron key sends enabling signal;2nd, it is soft
Part platform sends the order for obtaining lock core security information, and order is passed through into lock core by electron key;3rd, lock core returns to lock
Core security information and session code, and information is passed through by software platform by electron key;4th, software platform is according to receiving
Security information carries out safety verification;5th, after being encrypted to the unlocking request comprising the password after replacing using RC4 AESs
Ciphertext is obtained, and the session code that ciphertext and step 3 are received is passed through by lock core by electron key in the lump;6th, lock core is according to right
Answer AES to decrypt the ciphertext for receiving and obtain request of unlocking, when the standby password of software platform and the primary password match of lock core,
And the numerical value of counter be less than 1 when, perform unlocking operation simultaneously update the active and standby password of lock core;7th, lock core passes through electron key to software
Platform returns to operating result.
Embodiment five
Fig. 5 shows a kind of structure for performing the master device of Internet of Things lock method for unlocking that the embodiment of the present invention five is provided
Schematic diagram, the master device includes:Security information order unit 510, security information verification unit 520, unlocking request transmitting unit
530 and unlocking result receiving unit 540.
Security information order unit 510, for sending the order obtained from equipment safety information to from device.
Wherein, security information is generally comprised from identity information and/or status information of device etc..Master device is in order to root
Corresponding unlocking cipher etc. is inquired about according to from the identity information of device, and/or, can be according to the state information searching from device
Corresponding operational order etc., and send appropriate operational order, so security information order unit 510 is needed to from device
Send the order obtained from equipment safety information.Above-mentioned master device generally comprises the key of Internet of Things lock and/or matched soft
Part, for sending operational order etc..The above-mentioned lockset that Internet of Things lock is generally comprised from device, for verifying the letter that master device sends
Breath, and default operation is performed, for example unlock or change password etc..
Security information verification unit 520, for receiving the security information returned from device, carries out safety verification.
In order to improve the security of Internet of Things lock, corresponding authorization message can be set to master device and from device, will be all
Authorization message is accordingly saved in default database with the identity information and/or the identity information of master device from device.For
Further raising security, can also all set an effective time to each authorization message, within the effective time, from
Device can respond the related command of master device transmission, and after exceeding the effective time, then master device hair no longer be responded from device
The related command for sending.
When receiving from the security information that device is returned according to the order of above-mentioned acquisition security information, security information verification
Unit 520 needs the identity information inquiry according to the identity information and master device from the device that are included in security information corresponding
Authorization message, and verify the ageing of the authorization message.Only when safety verification passes through, subsequent cell could continue work
Make.
Unlocking request transmitting unit 530, for after safety verification passes through, request of unlocking being sent to from device.
Wherein, request of unlocking includes:The primary password of master device and the standby password of master device.Above-mentioned password is used to be sent to
Follow-up unlocking operation is carried out from device, and above-mentioned password is accordingly saved in default database with the identity information from device
In.
Specifically, after safety verification passes through, unlocking request transmitting unit 530 searched from default database with from dress
Put the primary secret and standby password of master device of corresponding master device, then will include above-mentioned password unlocking request be sent to from
Device.
Unlocking result receiving unit 540, for receiving the unlocking result returned according to request of unlocking from device.
After be sent to from device for unlocking request by unlocking request transmitting unit 530, can be done according to unlocking request from device
Go out corresponding treatment, and unlocking result is returned into master device.The unlocking result typically has two kinds of situations, and one kind is to unlock successfully
As a result, another is unlocking failure result.
The concrete operating principle of above-mentioned unit can refer to the description of corresponding steps in embodiment of the method, no longer go to live in the household of one's in-laws on getting married herein
State.
As can be seen here, in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus the problems such as solving management difficulty after the cryptocompromise of prior art presence big, man-in-the-middle attack protective capacities difference, obtains
Greatly improve security, robustness, the beneficial effect of compatibility of Internet of Things lock system.
Embodiment six
Fig. 6 shows a kind of structure for performing the master device of Internet of Things lock method for unlocking that the embodiment of the present invention six is provided
Schematic diagram, the master device includes software platform (such as mobile phone A PP) and possesses the electron key of communication function, the master device bag
Include:Security information order unit 610, security information verification unit 620, master device cipher change unit 630, initialization information list
Unit 640, unlocking request transmitting unit 650 and unlocking result receiving unit 660.
Security information order unit 610, for sending the order obtained from equipment safety information to from device.
In embodiments of the present invention, from the lock core that device is Internet of Things lock, the lock core is built with electron key by physical interface
Vertical communication, and the reading by TD/T1363 protocol realization data and authentication management on this basis.
Specifically, when electron key discloses upper lock core, electron key can be to the security information order unit on software platform
610 send enabling signal.After security information order unit 610 receives the enabling signal of electron key transmission, security information
Order unit 610 can send the order for obtaining lock core security information by the electron key being connected with lock core.
Security information verification unit 620, for receiving the security information returned from device, carries out safety verification.
In order to improve the security of Internet of Things lock, corresponding authorization message can be set to master device and from device, will be all
Authorization message is accordingly saved in default database with the identity information and/or the identity information of master device from device.For
Further raising security, can also all set an effective time to each authorization message, within the effective time, from
Device can respond the related command of master device transmission, and after exceeding the effective time, then master device hair no longer be responded from device
The related command for sending.
Specifically, after electron key receives the security information of lock core return, can be by the security information and electronics key
The identity information (i.e. the unique identifier of electron key) of spoon is all sent to the security information verification unit 620 on software platform.
Wherein, the identity information (i.e. the unique identifier of lock core) of lock core has been comprised at least in security information.Now, security information verification
Unit 620 can respectively inquire about electron key and the corresponding authorization message of lock core from default database, and authorization message is entered
Row safety verification, that is, verify the ageing of its authorization message.When electron key and the corresponding authorization message of lock core are effective,
The result of safety verification is to pass through.
Master device cipher change unit 630, for changing rule according to default, changes the primary password of master device and main dress
Purchase and use password.
The unit is selectable unit, in order to further improve the security of system, can change rule according to default, more
The primary password of master device and the standby password of master device in change owner device.Specifically, replace former main with the primary password of former master device
The standby password of device, the standby password of master device after being changed;And new password is generated according to default password create-rule, use
To replace the primary password of former master device, the primary password of master device after being changed.The unit can be with clocked flip, it is also possible to by
User actively triggers, and the embodiment of the present invention is not especially limited to this, and those skilled in the art can flexibly be set.Because Xinmi City
Code is automatically generated according to default password create-rule, therefore the password is for a user opaque, therefore, can
Divulged a secret problem with relatively well solving internal staff.
Initialization information unit 640, for after safety verification passes through, initialization information being sent to from device, and connects
Receive the initialization result returned from device.
The unit is also selectable unit, is mainly used in setting password when lock core is enabled for the first time or is reset for lock core close
Code.Wherein, initialization information includes:The primary password of master device and the standby password of master device.
Specifically, after the safety verification in security information verification unit 620 passes through, the initialization information on software platform
Unit 640 is by the initialization information comprising the primary password of master device and the standby password of master device by the electronics key that is connected with lock core
Spoon is sent to lock core, and lock core then carries out initialization operation according to initialization information.After initialization operation is completed, lock core can pass through
Electron key returns to initialization result to initialization information unit 640.After the initializing operation, initialization information unit 640 is gone back
The details of lock core can further be obtained.
For security consideration, initialization information unit 640 is carried out again after being encrypted to initialization information
Transmission, conventional AES can be RC4 AESs.
Unlocking request transmitting unit 650, for after safety verification passes through, request of unlocking being sent to from device.
After safety verification passes through, master device is searched primary secret with from the corresponding master device of device from default database
The close and standby password of master device, the unlocking request that then will include above-mentioned password is sent to from device.
Specifically, after the safety verification in security information verification unit 620 passes through, the unlocking request hair on software platform
Send unit 650 that the primary password of master device corresponding with the lock core and the standby password of master device are searched from database, and will be above-mentioned
Password is included in unlocking request, and lock core is sent to by the electron key being connected with lock core, to ask lock core to perform the behaviour that unlocks
Make.
For security consideration, unlocking request transmitting unit 650 is passed again after being encrypted with dual lock request
Defeated, conventional AES can be RC4 AESs.
Unlocking result receiving unit 660, for receiving the unlocking result returned according to request of unlocking from device.
Specifically, after lock core receives above-mentioned unlocking asks, the lock core can verify password that unlocking is included in asking etc.
Information, and corresponding feedback is made, the unlocking result finally unlocking result fed back to by electron key on software platform is connect
Receive unit 660.
The concrete operating principle of above-mentioned unit can refer to the description of corresponding steps in embodiment of the method, no longer go to live in the household of one's in-laws on getting married herein
State.
As can be seen here, in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after the cryptocompromise of prior art presence is big, lock core cipher updates that management cost is high, go-between attacks
The problems such as hitting protective capacities difference, achieves security, robustness, the beneficial effect of compatibility for greatly improving Internet of Things lock system.
Meanwhile, operation is updated by timing or artificial trigger password, former primary password as standby password deletes former standby password
Remove, the purpose of dynamic more new password is reached with this, and daily unlocking operation by user carries out offline dynamic to lock core cipher
Update and effectively management, it is achieved thereby that low cost, the Dynamic Management System of wide covering.In addition, being entered by AESs such as RC4
Row communication encryption, so as to preferably solve the problems, such as man-in-the-middle attack.
Embodiment seven
Fig. 7 shows a kind of structure from device that method for unlocking is locked for performing Internet of Things that the embodiment of the present invention seven is provided
Schematic diagram, the device is specifically included:At security information order receiving unit 710, security information returning unit 720, unlocking request
Reason unit 730 and unlocking operation unit 740.
Security information order receiving unit 710, for receiving the acquisition of master device transmission from the order of equipment safety information.
Wherein, security information is generally comprised from identity information and/or status information of device etc..Above-mentioned master device is typically wrapped
The key and/or matched software of Internet of Things lock are included, for sending operational order etc..It is above-mentioned to generally comprise Internet of Things lock from device
Lockset, for verifying the information that master device sends, and perform default operation, for example unlock or change password etc..
Security information order receiving unit 710 sends a command to subsequent cell after security information order is received, and uses
In the parsing order, and related data is searched according to command context.
Security information returning unit 720, for sending security information to master device.
Because master device before other operations are carried out, it is necessary to verify the security from device, therefore, when security information order
After receiving unit 710 receives security information order, security information returning unit 720 needs resolve command content, and according to peace
Security information needed for full information order feedback master device.
Unlocking requesting processing 730, for receiving the unlocking request of master device transmission, and includes in the request that will unlock
The primary password of master device and the standby password of master device are compared with from the primary password of device and from the standby password of device.
After the unlocking for receiving master device transmission is asked, unlocking requesting processing 730 can parse unlocking request, and
Therefrom extract the primary password of master device and the standby password of master device, and according to certain comparison rule by above-mentioned password with from dress
It is default in putting to be compared from the primary password of device and from the standby password of device.The embodiment of the present invention is not made to have to comparison rule
Body is limited, and those skilled in the art can flexibly set.
Unlocking operation unit 740, for when comparative result be by when, perform unlocking operation, and returned into master device
The unlocking result of work(type.
When the comparative result in unlocking requesting processing 730 be by when, illustrate master device be have the right unlock device,
Therefore, unlocking operation unit 740 performs unlocking operation, and unlocking successful result is returned into master device.
When the comparative result in unlocking requesting processing 730 is not to pass through, master device is illustrated to have no right unlocking apparatus
Or the password of master device transmission is wrong, unlocking operation unit 740 does not perform unlocking operation, directly returns to failure of unlocking to master device
As a result.
The concrete operating principle of above-mentioned unit can refer to the description of corresponding steps in embodiment of the method, no longer go to live in the household of one's in-laws on getting married herein
State.
As can be seen here, in embodiments of the present invention, in embodiments of the present invention, tradition is substituted by Double-puzzle management system
Single cipher management system, thus solve that management difficulty after the cryptocompromise of prior art presence is big, man-in-the-middle attack protection
The problems such as ability, achieve security, robustness, the beneficial effect of compatibility for greatly improving Internet of Things lock system.
Embodiment eight
Fig. 8 shows a kind of structure from device that method for unlocking is locked for performing Internet of Things that the embodiment of the present invention eight is provided
Schematic diagram, should include the lock core for possessing communication function from device, should be specifically included from device:Security information order receiving unit
810th, security information returning unit 820, initialization operation unit 830, unlocking requesting processing 840, from device cipher change
Unit 850 and unlocking operation unit 860
Security information order receiving unit 810, for receiving the acquisition of master device transmission from the order of equipment safety information.
In embodiments of the present invention, master device includes software platform (such as mobile phone A PP) and possesses the electronics of communication function
Key.Set up by physical interface with electron key from device (i.e. lock core) and communicated, and on this basis by TD/T1363 associations
View realizes reading and the authentication management of data.For security consideration, the lock core can be set to be only capable of by matching
Electron key communicated, it is possible thereby to avoid non-user personnel from being broken to lock core in the case of no electron key
Solution.
Specifically, sent out when the security information order receiving unit 810 on lock core receives software platform by electron key
After the order of the acquisition lock core security information sent, security information order receiving unit 810 can send a command to subsequent cell, use
In the parsing order, and related data is searched according to command context.
Security information returning unit 820, for sending security information to master device.
Because master device before other operations are carried out, it is necessary to verify the security from device, therefore, when security information order
After receiving unit 810 receives security information order, security information returning unit 820 needs resolve command content, and according to peace
Security information needed for full information order feedback master device.
Specifically, when the security information returning unit 820 on lock core parses the security information order for receiving, and find
After security related information needed for the order, security information returning unit 820 can be by the electron key that is attached thereto, will be above-mentioned
Security information returns to software platform.Wherein, the security information includes identity information (the i.e. unique identification of lock core of lock core
Code).
In order to further improve security, can also include in the security information that security information returning unit 820 is returned
For the session code of coded communication, identity information of the session code similar to encryption information.In communication process, security information is returned
Receipt unit 820 all returns to different session codes to master device each time, and master device is sending letter every time after session code is received
Need subsidiary this time to communicate corresponding session code during breath, it is possible thereby to ensure the uniqueness of coded communication each time, prevent other
User pretends to be master device to be communicated with from device.
Initialization operation unit 830, the initialization information for receiving master device transmission;The primary password of master device is set
For initial from the primary password of device, the standby password of master device is set to initial from the standby password of device.
The unit is selectable unit, is mainly used in setting password when lock core is enabled for the first time or is reset for lock core close
Code.Wherein, initialization information includes:The primary password of master device and the standby password of master device.
Specifically, when the initialization operation unit 830 on lock core receives the initialization information of software platform transmission, just
Beginningization operating unit 830 extracts the primary password of master device and the standby password of master device from the initialization information, and by main dress
Put primary password and be set to initial from the primary password of device, the standby password of master device is set to initial standby close from device
Code.After the initialization operation is completed, initialization operation unit 830 can also return to initialization result information to software platform.
When the ciphertext after initialization information is encryption, initialization operation unit 830 also needs to be calculated according to corresponding encryption
Method is decrypted to the ciphertext, and corresponding initialization information can be just extracted after decryption.
Unlocking requesting processing 840, for receiving the unlocking request of master device transmission, and includes in the request that will unlock
The primary password of master device and the standby password of master device are compared with from the primary password of device and from the standby password of device.
After the unlocking that unlocking requesting processing 840 receives master device transmission is asked, unlocking requesting processing 840
Unlocking request can be parsed, and therefrom extracts the primary password of master device and the standby password of master device, and according to certain comparing
Rule is compared from the primary password of device and from the standby password of device by above-mentioned password is default with from device.
In embodiments of the present invention, above-mentioned comparison rule is:By the primary password of master device respectively with from the primary password of device
It is compared with from the standby password of device;By the standby password of master device respectively with from the primary password of device and from the standby password of device
It is compared;When the primary password of master device with from the primary password of device is identical and the standby password of master device with from the standby password of device
When identical, or, when the primary password of master device is different from from the primary password of device but the standby password of master device is primary with from device
When password is identical, comparative result is to pass through.
When the ciphertext after request of unlocking is encryption, unlocking requesting processing 840 also needs to be calculated according to corresponding encryption
Method is decrypted to the ciphertext, and corresponding request of unlocking can be just extracted after decryption.
From device cipher change unit 850, for when the primary password of master device from from the primary password of device is different but main dress
Purchase with password with from the primary password of device it is identical when, according to the primary password of master device and the standby password of master device, replacing is from dress
Put primary password and from the standby password of device.
The unit is selectable unit, only when the primary password of master device is different from from the primary password of device but master device is standby
With password with from the primary password of device it is identical when just perform.When there is above-mentioned comparable situation, the password of master device has been illustrated
Changed, so, it is also required to carry out corresponding replacing from device.Specific replacing options provided in an embodiment of the present invention are:
Replace former from the primary password of device with the primary password of master device, after being changed from the primary password of device;It is standby with master device
Password replaces former from the standby password of device, after being changed from the standby password of device.In other embodiments, art technology
Personnel can also flexibly set other replacing options.
Because there is one situation from device of multiple master device correspondences in actual applications, in this case, it is possible to
There is part master device password to have changed and other master device cipher change problems not in time of part.At this point it is possible to
Timer is set from device side, the timer is used to record within the certain hour time limit usable time of Old Password before replacing
Number, uses as buffer.For example, when timer initial number is 3, in the default term of validity, being used when there is a master device
When Old Password is unlocked before changing, being done as usual from device carries out feedback operation;Carried out with new password after replacing when there is a master device
During unlocking, the numerical value of counter is subtracted 1 after carrying out feedback operation from device, i.e. the numerical value of this hour counter is kept to 2;With such
Push away, when the numerical value of counter is kept to 0 or the default term of validity expires, no longer will receive to use the master device of Old Password from device
Unlocking request.Now, when occurring again, the primary password of master device is different from from the primary password of device but master device is standby close
Code with from the primary password of device it is identical when, from device perform cipher change operate.
Unlocking operation unit 860, for when comparative result be by when, perform unlocking operation, and returned into master device
The unlocking result of work(type.
When the comparative result in unlocking requesting processing 840 be by when, illustrate master device be have the right unlock device,
Therefore, unlocking operation unit 860 performs unlocking operation, and unlocking successful result is returned into master device.
When the comparative result in unlocking requesting processing 840 is not to pass through, master device is illustrated to have no right unlocking apparatus
Or the password of master device transmission is wrong, unlocking operation unit 860 does not perform unlocking operation, directly returns to failure of unlocking to master device
As a result.
The concrete operating principle of above-mentioned unit can refer to the description of corresponding steps in embodiment of the method, no longer go to live in the household of one's in-laws on getting married herein
State.
As can be seen here, in embodiments of the present invention, traditional single cipher management system is substituted by Double-puzzle management system,
Thus solve that management difficulty after the cryptocompromise of prior art presence is big, lock core cipher updates that management cost is high, go-between attacks
The problems such as hitting protective capacities difference, achieves security, robustness, the beneficial effect of compatibility for greatly improving Internet of Things lock system.
Meanwhile, operation is updated by timing or artificial trigger password, former primary password as standby password deletes former standby password
Remove, the purpose of dynamic more new password is reached with this, and daily unlocking operation by user carries out offline dynamic to lock core cipher
Update and effectively management, it is achieved thereby that low cost, the Dynamic Management System of wide covering.In addition, being entered by AESs such as RC4
Row communication encryption, so as to preferably solve the problems, such as man-in-the-middle attack.
Embodiment nine
The embodiment of the present invention nine provides a kind of system for performing Internet of Things lock method for unlocking, and the system includes above-mentioned
Master device in device embodiment and from device.The concrete structure and operation principle of above-mentioned each device can refer to device embodiment
The description of middle corresponding units, here is omitted.
Although additionally, it will be appreciated by those of skill in the art that some embodiments in this include institute in other embodiments
Including some features rather than further feature, but the combination of the feature of different embodiments means in the scope of the present invention
Within and form different embodiments.For example, in the following claims, embodiment required for protection it is any it
One mode can use in any combination.
All parts embodiment of the invention can be realized with hardware, or be run with one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) realize some or all portions in device according to embodiments of the present invention
The some or all functions of part.The present invention is also implemented as the part or complete for performing method as described herein
The equipment or program of device (for example, computer program and computer program product) in portion.It is such to realize program of the invention
Can store on a computer-readable medium, or there can be the form of one or more signal.Such signal can be with
Downloaded from internet website and obtained, or provided on carrier signal, or provided in any other form.
It should be noted that above-described embodiment the present invention will be described rather than limiting the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol being located between bracket should not be configured to limitations on claims.Word "comprising" is not excluded the presence of not
Element listed in the claims or step.Word "a" or "an" before element is not excluded the presence of as multiple
Element.The present invention can come real by means of the hardware for including some different elements and by means of properly programmed computer
It is existing.If in the unit claim for listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
Claims (19)
1. it is a kind of for Internet of Things lock method for unlocking, its by master device perform, it is characterised in that specifically include:
Order of the acquisition from equipment safety information is sent to from device;
The security information that said slave device is returned is received, safety verification is carried out;
After the safety verification passes through, request of unlocking is sent to said slave device, wherein, the request of unlocking includes:It is main
The primary password of device and the standby password of master device;
Receive the unlocking result that said slave device is returned according to the request of unlocking.
2. method according to claim 1, it is characterised in that send the step of unlocking request to said slave device described
Further include before:
Rule is changed according to default, the primary password of master device and the standby password of the master device is changed.
3. method according to claim 2, it is characterised in that described to change rule according to default, changes the main dress
The step of putting primary password and the master device standby password specifically includes:
The standby password of former master device, the standby password of master device after being changed are replaced with the primary password of former master device;
New password is generated according to default password create-rule, is used to replace the primary password of former master device, the master after being changed
The primary password of device.
4. method according to claim 1, it is characterised in that send the step of unlocking request to said slave device described
Further include before:
After the safety verification passes through, initialization information is sent to said slave device, wherein, the initialization information bag
Include:The primary password of master device and the standby password of the master device;And receive the initialization result of said slave device return.
5. it is a kind of for Internet of Things lock method for unlocking, it is performed by from device, it is characterised in that specifically included:
Receive the acquisition of master device transmission from the order of equipment safety information;
The security information is sent to the master device;
Receive the unlocking request that the master device sends, and the primary password of master device and main dress that will be included in the request of unlocking
Purchase and be compared with from the primary password of device and from the standby password of device with password;
When comparative result be by when, perform unlocking operation, and to the master device return successful types unlocking result.
6. method according to claim 5, it is characterised in that receive unlocking request that the master device sends described
Further included before step:
The initialization information that the master device sends is received, wherein, the initialization information includes:The primary password of master device
With the standby password of the master device;
The primary password of the master device is set to initial from the primary password of device, the standby password of the master device is set to
It is initial from the standby password of device.
7. method according to claim 5, it is characterised in that the master device included in the request that described will unlock is primary
Password and the standby password of master device are specifically included with from the primary password of device and the step of be compared from the standby password of device:
The primary password of the master device is compared with the primary password of said slave device and the standby password of said slave device respectively;
The standby password of the master device is compared with the primary password of said slave device and the standby password of said slave device respectively;
When the primary password of the master device is identical with the primary password of said slave device and the standby password of master device with it is described from
When the standby password of device is identical, or, when the primary password of the master device is different from the primary password of said slave device but the master
When the standby password of device is identical with the primary password of said slave device, comparative result is to pass through.
8. method according to claim 7, it is characterised in that when the primary password of the master device is primary with said slave device
Password is different but during the standby password of master device identical with the primary password of said slave device, described by the request of unlocking
Comprising the primary password of master device and the standby password of master device be compared with from the primary password of device and from the standby password of device
The step of after further include:
According to the primary password of the master device and the standby password of the master device, change the primary password of said slave device and it is described from
The standby password of device.
9. method according to claim 8, it is characterised in that the primary password of replacing said slave device and described from dress
The step of purchasing with password specifically includes:
Replace former from the primary password of device with the primary password of the master device, after being changed from the primary password of device;
Replace former from the standby password of device with the standby password of the master device, after being changed from the standby password of device.
10. it is a kind of for perform Internet of Things lock method for unlocking master device, it is characterised in that including:
Security information order unit, for sending the order obtained from equipment safety information to from device;
Security information verification unit, the security information for receiving said slave device return, carries out safety verification;
Unlocking request transmitting unit, for after the safety verification passes through, request of unlocking being sent to said slave device, wherein,
The request of unlocking includes:The primary password of master device and the standby password of master device;
Unlocking result receiving unit, for receiving the unlocking result that said slave device is returned according to the request of unlocking.
11. master devices according to claim 10, it is characterised in that in taking a step forward for the unlocking request transmitting unit
Including:
Master device cipher change unit, for changing rule according to default, changes the primary password of master device and the master
The standby password of device.
12. according to claim 11 master device, it is characterised in that the master device cipher change unit specifically for:
The standby password of former master device, the standby password of master device after being changed are replaced with the primary password of former master device;
New password is generated according to default password create-rule, is used to replace the primary password of former master device, the master after being changed
The primary password of device.
13. master devices according to claim 10, it is characterised in that in taking a step forward for the unlocking request transmitting unit
Including:
Initialization information unit, for after the safety verification passes through, initialization information being sent into said slave device, its
In, the initialization information includes:The primary password of master device and the standby password of the master device;And receive said slave device
The initialization result of return.
14. it is a kind of for perform Internet of Things lock method for unlocking from device, it is characterised in that including:
Security information order receiving unit, for receiving the acquisition of master device transmission from the order of equipment safety information;
Security information returning unit, for sending the security information to the master device;
Unlocking requesting processing, for receiving the unlocking request that the master device sends, and will include in the request of unlocking
The primary password of master device and the standby password of master device be compared with from the primary password of device and from the standby password of device;
Unlocking operation unit, for when comparative result be by when, perform unlocking operation, and return to successfully class to the master device
The unlocking result of type.
15. is according to claim 14 from device, it is characterised in that in taking a step forward for the unlocking requesting processing
Including:
Initialization operation unit, for receiving the initialization information that the master device sends, wherein, the initialization information bag
Include:The primary password of master device and the standby password of the master device;By the primary password of the master device be set to it is initial from
The primary password of device, the standby password of the master device is set to initial from the standby password of device.
16. is according to claim 14 from device, it is characterised in that the unlocking requesting processing specifically for:
The primary password of the master device is compared with the primary password of said slave device and the standby password of said slave device respectively;
The standby password of the master device is compared with the primary password of said slave device and the standby password of said slave device respectively;
When the primary password of the master device is identical with the primary password of said slave device and the standby password of master device with it is described from
When the standby password of device is identical, or, when the primary password of the master device is different from the primary password of said slave device but the master
When the standby password of device is identical with the primary password of said slave device, comparative result is to pass through.
17. is according to claim 16 from device, it is characterised in that when the primary password of the master device and said slave device
Primary password is different but during the standby password of master device identical with the primary password of said slave device, in unlocking request treatment
Further included after unit:
From device cipher change unit, for according to the primary password of the master device and the standby password of the master device, changing institute
State from the primary password of device and the standby password of said slave device.
18. is according to claim 17 from device, it is characterised in that said slave device cipher change unit specifically for:
Replace former from the primary password of device with the primary password of the master device, after being changed from the primary password of device;
Replace former from the standby password of device with the standby password of the master device, after being changed from the standby password of device.
19. is a kind of for performing the system that Internet of Things locks method for unlocking, it is characterised in that including appointing in the claims 10-13
Any one of master device and the claims 14-18 described in one from device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710029091.5A CN106920302B (en) | 2017-01-16 | 2017-01-16 | For the method for unlocking of Internet of Things lock, master device, from apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710029091.5A CN106920302B (en) | 2017-01-16 | 2017-01-16 | For the method for unlocking of Internet of Things lock, master device, from apparatus and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106920302A true CN106920302A (en) | 2017-07-04 |
CN106920302B CN106920302B (en) | 2019-11-15 |
Family
ID=59454601
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710029091.5A Active CN106920302B (en) | 2017-01-16 | 2017-01-16 | For the method for unlocking of Internet of Things lock, master device, from apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106920302B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107516364A (en) * | 2017-08-30 | 2017-12-26 | 上海若禅信息科技有限公司 | Method for unlocking, bluetooth lock and the unlocking terminal of bluetooth lock |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102425338A (en) * | 2008-11-04 | 2012-04-25 | 邓睿 | Method and device for controlling electronic lock by utilizing computer programs |
CN103023539A (en) * | 2012-12-04 | 2013-04-03 | 中兴通讯股份有限公司 | Method and system for starting functions of electronic devices |
CN203070401U (en) * | 2012-12-30 | 2013-07-17 | 章玺 | Electronic lock system utilizing bar code |
EP2463833B1 (en) * | 2010-12-09 | 2013-07-24 | Oberthur Technologies | Method and device for operational control of internal functions and protected applications embedded in chip cards for mobile terminals |
CN103313238A (en) * | 2013-06-20 | 2013-09-18 | 天翼电信终端有限公司 | Safety system and safety protection method for mobile terminal |
CN103413081A (en) * | 2013-08-29 | 2013-11-27 | 惠州Tcl移动通信有限公司 | After-password-input prompt method, password modifying method and electronic equipment |
CN105991776A (en) * | 2016-06-29 | 2016-10-05 | 北京三快在线科技有限公司 | Method, device and system for cipher lock control |
CN106203014A (en) * | 2016-06-29 | 2016-12-07 | 捷开通讯(深圳)有限公司 | The unlocking method of a kind of mobile terminal and tripper |
-
2017
- 2017-01-16 CN CN201710029091.5A patent/CN106920302B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102425338A (en) * | 2008-11-04 | 2012-04-25 | 邓睿 | Method and device for controlling electronic lock by utilizing computer programs |
EP2463833B1 (en) * | 2010-12-09 | 2013-07-24 | Oberthur Technologies | Method and device for operational control of internal functions and protected applications embedded in chip cards for mobile terminals |
CN103023539A (en) * | 2012-12-04 | 2013-04-03 | 中兴通讯股份有限公司 | Method and system for starting functions of electronic devices |
CN203070401U (en) * | 2012-12-30 | 2013-07-17 | 章玺 | Electronic lock system utilizing bar code |
CN103313238A (en) * | 2013-06-20 | 2013-09-18 | 天翼电信终端有限公司 | Safety system and safety protection method for mobile terminal |
CN103413081A (en) * | 2013-08-29 | 2013-11-27 | 惠州Tcl移动通信有限公司 | After-password-input prompt method, password modifying method and electronic equipment |
CN105991776A (en) * | 2016-06-29 | 2016-10-05 | 北京三快在线科技有限公司 | Method, device and system for cipher lock control |
CN106203014A (en) * | 2016-06-29 | 2016-12-07 | 捷开通讯(深圳)有限公司 | The unlocking method of a kind of mobile terminal and tripper |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107516364A (en) * | 2017-08-30 | 2017-12-26 | 上海若禅信息科技有限公司 | Method for unlocking, bluetooth lock and the unlocking terminal of bluetooth lock |
Also Published As
Publication number | Publication date |
---|---|
CN106920302B (en) | 2019-11-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108055235B (en) | Control method of intelligent lock, related equipment and system | |
CN101465735B (en) | Network user identification verification method, server and client terminal | |
CN100385983C (en) | Key setting method | |
CN103746794B (en) | Encryption key generation method and device | |
CN101102194B (en) | A method for OTP device and identity authentication with this device | |
CN207409010U (en) | The newer temporary password access control system of encryption parameter dynamic | |
CN104753674B (en) | A kind of verification method and equipment of application identity | |
CN106161032A (en) | A kind of identity authentication method and device | |
CN1921682B (en) | Method for enhancing key negotiation in universal identifying framework | |
CN108494551A (en) | Processing method, system, computer equipment and storage medium based on collaboration key | |
CN101867530A (en) | Things-internet gateway system based on virtual machine and data interactive method | |
CN108270739B (en) | Method and device for managing encryption information | |
CN101039181B (en) | Method for preventing service function entity of general authentication framework from attack | |
CN108471352A (en) | Processing method, system, computer equipment based on distributed private key and storage medium | |
CN102187619A (en) | Authentication system | |
CN107147498B (en) | Authentication method and encryption method for transmitting information in RFID authentication process | |
CN106789024A (en) | A kind of remote de-locking method, device and system | |
CN104506321A (en) | Method for updating seed data in dynamic token | |
CN101990201B (en) | Method, system and device for generating general bootstrapping architecture (GBA) secret key | |
CN108270791A (en) | A kind of method and system of safe operation executable file | |
CN105847009A (en) | RFID bidirectional authentication method meeting requirement on backward security | |
CN113347613A (en) | Safe communication method and system based on Bluetooth digital key | |
CN106920302A (en) | Method for unlocking, master device for Internet of Things lock, from apparatus and system | |
CN103560948B (en) | Communication means, equipment and system between virtual machine | |
CN114499854B (en) | Identity authentication method and system based on wireless sensor network and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |