CN107018127B - Internet of things virtual gateway compatible with multiple protocols and node access authentication method - Google Patents
Internet of things virtual gateway compatible with multiple protocols and node access authentication method Download PDFInfo
- Publication number
- CN107018127B CN107018127B CN201710132079.7A CN201710132079A CN107018127B CN 107018127 B CN107018127 B CN 107018127B CN 201710132079 A CN201710132079 A CN 201710132079A CN 107018127 B CN107018127 B CN 107018127B
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- virtual gateway
- data
- sensing equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/18—Multiprotocol handlers, e.g. single devices capable of handling multiple protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Abstract
the invention belongs to the technical field of Internet of things, and discloses an Internet of things virtual gateway compatible with multiple protocols and a node access authentication method, wherein the specification defined by an Internet of things data support platform only needs the virtual gateway to follow adaptation, the uploading data or receiving commands of the virtual gateway all follow the specification defined by the Internet of things data support platform, the virtual gateway adapts different Internet of things sensing equipment downwards and is developed according to the protocol and data format of the Internet of things sensing equipment, when a new type of Internet of things sensing equipment is accessed, only one virtual gateway needs to be developed to adapt the new Internet of things sensing equipment downwards, the existing code of the Internet of things data support platform does not need to be changed, and the Internet of things sensing equipment of the new type is accessed at the minimum cost; meanwhile, the virtual gateway authenticates the sensing equipment of the Internet of things, and the cloud platform authenticates the virtual gateway layer by layer, so that the data security is guaranteed to be legal.
Description
Technical Field
the invention belongs to the technical field of Internet of things, and particularly relates to an Internet of things virtual gateway compatible with multiple protocols and a node access authentication method.
background
At present, with the wide application of the internet of things technology, the types and the number of the accessed internet of things sensing devices are more and more, the transmission protocols, the communication protocols and the data transmission formats adopted by the sensing devices in each area and even in the same area are different, but the access compatibility of the current internet of things access technology to various sensing devices still has the defects that the internet of things sensing devices of specific types can only be accessed, a plurality of mainstream data transmission protocols are supported, the specific data formats are analyzed, the various internet of things sensing devices are difficult to integrate, the access of an internet of things data supporting platform to various internet of things sensing devices is not flexible and convenient enough, for a common user, when a damaged sensing device needs to be replaced, the sensing devices of the same manufacturer and the same model must be purchased, and the product free selection right of the user is limited, the user experience is seriously affected. Therefore, how to abstract the common point of various internet of things sensing devices, shield the differences of the various internet of things sensing devices, and realize the flexible and convenient access of the various internet of things sensing devices is a key problem in the development of the internet of things data support platform and still exists.
in summary, the problems of the prior art are as follows: because the data transmission protocols and data formats used by the internet of things sensing equipment produced by various manufacturers are different, the existing internet of things access technology is difficult to be compatible with mass sensing equipment, and each internet of things data support platform can only be accessed to the sensing equipment produced by a specific manufacturer, so that for a common user of a certain platform, plug and play cannot be realized after the equipment of any manufacturer is purchased, and the user experience is seriously influenced.
Disclosure of Invention
aiming at the problems in the prior art, the invention provides an Internet of things virtual gateway compatible with multiple protocols and a node access authentication method.
the invention is realized in such a way that the Internet of things virtual gateway compatible with multiple protocols and the node access authentication method are compatible with the multiple protocols, and the Internet of things virtual gateway compatible with the multiple protocols and the node access authentication method comprise the following steps:
Step one, adapting a virtual gateway:
1: each virtual gateway developer firstly needs to apply for a developer account number on an Internet of things data support platform, real-name authentication is carried out, and a developer identity unique identifier token is distributed after the verification of the developer account number is passed by an administrator;
2: a legal virtual gateway developer sends a virtual gateway establishing request to an Internet of things data supporting platform, after the supporting platform verifies that an identity token of the developer is legal, a unique identity identification serial number SN and a data uploading token apikey are generated for the virtual gateway according to a timestamp, and the serial number SN and the data uploading token apikey are returned to the developer;
3: and a developer adapts to the equipment, develops the virtual gateway, and writes the unique identity identification serial number SN of the virtual gateway generated by the platform and the data uploading token apikey into the virtual gateway.
4: and deploying the developed virtual gateway to a local area network where the adaptive sensing equipment is located, and putting the virtual gateway into use formally.
step two, registering the sensing equipment:
1: each type of sensing equipment of the Internet of things has a unique identity and supports information writing, the unique identity can be in any form such as an MAC address or a long character string, and the sensing equipment carries the unique identity id and a unique identity serial number SN of a virtual gateway matched with the sensing equipment of the Internet of things and initiates an equipment registration request to a data support platform of the Internet of things;
2: the Internet of things data support platform generates an authentication key of the Internet of things sensing equipment according to the Internet of things sensing equipment id, the virtual gateway serial number SN and the timestamp, and returns the key to the Internet of things sensing equipment and writes the key into the equipment;
3: synchronizing the successfully registered sensing equipment id of the Internet of things and the authentication key to the belonged virtual gateway;
step three, the data uploading process:
1: the sensing equipment of the Internet of things acquires data and uploads the data to the corresponding virtual gateway, the virtual gateway firstly verifies whether the node is successfully registered or not, verifies the node id and the key and determines the validity of the node;
2: the virtual gateway analyzes the received original data, formats the analyzed original data according to the specification of the data support platform of the Internet of things, and uploads the formatted data to the data support platform of the Internet of things;
3: the data support platform of the Internet of things firstly verifies whether the virtual gateway serial number SN and the data uploading token apikey are legal or not, if so, the data are analyzed, and the data are stored in a database according to platform specifications;
step four, issuing a command:
1: when the third-party Internet of things application calls an interface of the Internet of things data support platform to issue a command, the Internet of things data support platform broadcasts the issued command to all virtual gateways;
2: after receiving the command, the virtual gateway firstly confirms whether the command sending object belongs to the virtual gateway management, if so, the command is converted into a form which can be identified by the adaptive sensing equipment and is sent to the sensing equipment; if not, no response is made.
further, the method for registering the virtual gateway comprises the following steps:
(1) A platform developer sends a virtual gateway creation request to a cloud platform, the request comprises authentication materials of a developer user name and a token, the identity of the developer is uniquely identified, and the identity can be used as a basis for verifying the validity of the developer;
(2) the Internet of things data support platform verifies the identity of a developer, if the identity of the developer is legal, the developer is allowed to develop a virtual gateway based on the platform, and a unique identity identification Serial Number (SN) and a data uploading token (apikey) of the virtual gateway are generated according to the timestamp and the information of the identity id of the developer;
(3) the data support platform of the Internet of things returns the unique identity identification serial number SN and the data uploading token apikey of the virtual gateway to a platform developer, the developer starts the development of the virtual gateway, and writes the serial number SN and the data uploading token apikey into the virtual gateway;
(4) The virtual gateway applies for accessing the Internet of things data support platform, and establishes connection with the virtual gateway after the Internet of things data support platform verifies the validity of the virtual gateway, so as to maintain communication.
Further, the method for registering the sensing equipment of the Internet of things comprises the following steps:
(1) The method comprises the steps that the sensing equipment of the Internet of things sends a registration request to the data supporting platform of the Internet of things, wherein the registration request comprises a unique identity id which is arranged in the sensing equipment of the Internet of things and is delivered from a factory and a virtual gateway serial number SN which is adapted to the sensing equipment by developers of the data supporting platform of the Internet of things;
(2) the data support platform of the Internet of things firstly verifies whether the virtual gateway is successfully registered or not according to the serial number SN of the virtual gateway, if the virtual gateway is failed to be registered, the virtual gateway is not registered, and if the virtual gateway is passed to be verified, verification information key is generated according to the unique identity identifier id of the equipment and the information of the timestamp;
(3) the Internet of things data support platform returns the generated verification information to the Internet of things sensing equipment;
(4) and the Internet of things data support platform synchronizes the unique identity id of the Internet of things sensing equipment which is successfully registered and the generated verification information key to the virtual gateway corresponding to the Internet of things sensing equipment.
further, the method for uploading data in step three includes:
(1) the method comprises the following steps that various types of sensing equipment of the Internet of things upload collected data to corresponding virtual gateways, and carry unique identity identifications id and verification information keys of the sensing equipment of the Internet of things;
(2) the corresponding virtual gateway receives data, whether the equipment is legal or not is verified according to the unique identity identification id of the sensing equipment of the Internet of things and verification information key, if the equipment is illegal, the data is refused to be received, and if the equipment is legal, the data is analyzed, and the data is analyzed into a data format which accords with platform specifications;
(3) the virtual gateway uploads the analyzed data to the Internet of things data management system, and the unique identity identification serial number SN of the virtual gateway, the data uploading token apikey and the unique identity identification id of the Internet of things sensing equipment are carried;
(4) the data management system of the Internet of things firstly verifies whether the virtual gateway is legal or not according to the unique identity identification serial number SN of the virtual gateway and the data uploading token apikey, and if the virtual gateway is legal, the data is stored.
further, the method for issuing the command in step four includes:
(1) when a third-party Internet of things application calls an interface of the Internet of things data management system, the Internet of things data management system issues the issued command in a broadcast mode to all virtual gateways which have successfully accessed to the Internet of things data support platform, wherein the command comprises a command body and a unique identity id of a sending object;
(2) the virtual gateway analyzes the command according to the standard after receiving the command issued by the data management system of the Internet of things, if the sending object does not belong to the virtual gateway, the execution is stopped, and if the sending object belongs to the virtual gateway, the command body is converted into a form which can be recognized by the sensing equipment of the Internet of things according to the protocol and the command format of the sensing equipment of the Internet of things which are adapted;
(3) and the virtual gateway transmits the converted command to the Internet of things sensing equipment corresponding to the command transmitting object.
the invention also aims to provide the IOT sensing equipment applying the IOT virtual gateway compatible with multiple protocols and the node access authentication method.
The invention has the advantages and positive effects that: when a new type of internet of things sensing equipment needs to be accessed to the internet of things data support platform, development adaptation is carried out downwards according to the transmission protocol and the data format of the sensing equipment only by developers according to the specification defined by the platform, and the existing codes of the internet of things data support platform do not need to be changed, so that a new type of internet of things sensing equipment is accessed at the minimum cost; meanwhile, the virtual gateway authenticates the sensing equipment of the Internet of things, and the cloud platform only needs to authenticate the virtual gateway, so that an authentication storm can be avoided, and the data security and legality can be ensured through layer-upon-layer authentication.
drawings
Fig. 1 is a flowchart of an internet of things virtual gateway and node access authentication method compatible with multiple protocols according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of an overall architecture provided by an embodiment of the present invention.
Fig. 3 is a schematic diagram of a virtual gateway registration method according to an embodiment of the present invention.
fig. 4 is a schematic diagram of an internet of things sensing device registration method according to an embodiment of the present invention.
fig. 5 is a schematic diagram of a data uploading process provided by an embodiment of the present invention.
fig. 6 is a schematic flowchart of command issuing according to an embodiment of the present invention.
Detailed Description
in order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
the following detailed description of the principles of the invention is provided in connection with the accompanying drawings.
As shown in fig. 1, the method for authenticating access to an internet of things virtual gateway and a node compatible with multiple protocols, provided by the embodiment of the present invention, includes the following steps:
s101: after the real-name authentication is passed, a developer sends a virtual gateway establishing request to the Internet of things data support platform, and after the identity of the developer is verified to be legal by the cloud platform, a unique identity identification serial number SN and a data uploading token apikey are generated for the virtual gateway according to information such as a timestamp and the like; and returning the serial number SN and the data uploading token apikey to the developer, and writing the serial number SN and the data uploading token apikey into the virtual gateway by the developer;
s102: the sensing equipment of the Internet of things carries a unique identity id and a unique identity serial number SN of a virtual gateway which is matched with the sensing equipment of the Internet of things, and initiates an equipment registration request to a data supporting platform of the Internet of things, the data supporting platform of the Internet of things generates an authentication key of the sensing equipment of the Internet of things according to the sensing equipment id of the Internet of things, the virtual gateway serial number SN and a timestamp, the key is returned to the sensing equipment of the Internet of things, and the sensing equipment id of the Internet of things and the authentication key are synchronized to the virtual gateway;
S103: the sensing equipment of the Internet of things uploads the data to the corresponding virtual gateway after acquiring the data, and the virtual gateway firstly verifies whether the node is successfully registered and verifies the validity of the node; the virtual gateway uploads data with a format conforming to the specification of the data support platform of the Internet of things to the data support platform of the Internet of things, the data support platform of the Internet of things firstly verifies whether the serial number SN of the virtual gateway and the data upload token apikey are legal or not, if so, the data are analyzed, and the data are stored in a database according to the specification of the platform;
S104: when a third-party IOT application calls an interface of an IOT data support platform to issue a command, the IOT data support platform broadcasts the issued command to all virtual gateways, and the virtual gateways firstly confirm whether a command sending object belongs to the virtual gateway management after receiving the command; if the command belongs to the sensing device, converting the command into a form which can be identified by the adaptive sensing device, and issuing the form to the sensing device; if not, no response is made.
The application of the principles of the present invention will now be described in further detail with reference to the accompanying drawings.
The invention can be compatible with the Internet of things virtual gateway with various devices, various protocols and various data formats, and can realize more types of Internet of things sensing devices accessed with minimum cost on the premise of not modifying the existing codes of the Internet of things data support platform after the virtual gateway layer is added, so as to uniformly manage various Internet of things sensing devices.
As shown in fig. 2, the architecture diagram is divided into four layers, an application layer formed by third-party internet of things applications developed based on an internet of things data support platform, a virtual gateway layer, and a bottom hardware layer formed by various internet of things sensing devices. The data collected by the Internet of things sensing equipment are uploaded to the virtual gateway through a data collection module of the virtual gateway, the virtual gateway carries out data formatting on the collected data according to the standard of the Internet of things data support platform after verifying the legality of the Internet of things sensing equipment, then the data meeting the data format standard of the Internet of things data support platform are uploaded to the Internet of things data support platform through a platform communication module, the virtual gateway communication module of the Internet of things data support platform receives the data and then is analyzed and stored by a data management module, and therefore the interface providing module can provide data support for third-party Internet of things application conveniently.
When a third-party Internet of things application issues a command through an interface providing module, an Internet of things data supporting platform inquires information permission required by the issued command in a data management module, the information permission is issued to a virtual gateway through a virtual gateway communication module, the platform communication module of the virtual gateway receives the command and then sends the command to a command issuing module adaptive to Internet of things sensing equipment for processing, the command issuing module converts the command into a command form recognizable by the Internet of things sensing equipment, and then the command is issued to the Internet of things sensing equipment.
The protocol and data format of any one of the virtual gateway communication module and the platform communication module are the same, but the command issuing module and the data collecting module of the virtual gateway are adapted to different internet of things sensing devices, and the two modules may be different in each virtual gateway.
The invention is based on an Internet of things data support platform and is used for establishing communication connection between third-party Internet of things application and Internet of things sensing equipment; and managing data collected by various sensing devices of the internet of things.
the virtual gateway can be a software program or a hardware device and is used for establishing communication connection between the sensing equipment of the internet of things and the data support platform of the internet of things and shielding the difference of various sensing equipment of the internet of things. The virtual gateway includes: the system comprises a data collection module, a platform communication module and a command issuing module. The command issuing module is used for keeping connection with the sensing equipment of the Internet of things and sending commands to the sensing equipment of the Internet of things, the module is adapted according to the type, protocol and data format of the sensing equipment of the Internet of things, and different virtual gateways are different in module; the data collection module is used for receiving data collected by the Internet of things sensing equipment, converting the data collected by the Internet of things sensing equipment into a data format meeting the platform specification by adapting to certain Internet of things sensing equipment, and the modules are different for different virtual gateways; the platform communication module is used for uploading legal data formatted by the data collection module to the Internet of things data support platform, receiving a command issued by the Internet of things data support platform and forwarding the command to the command issuing module, the module follows the Internet of things data support platform specification, and the platform communication modules of any virtual gateway are the same. The virtual gateway has a unique identity serial number SN and a data uploading token apikey.
the sensing equipment of the internet of things generally refers to various sensor equipment capable of accessing to a network, and each piece of equipment has an equipment unique identity ID written in when leaving a factory and an authentication key generated by a data support platform of the internet of things.
The method for authenticating the access of the Internet of things virtual gateway and the node compatible with various protocols, provided by the embodiment of the invention, comprises the following steps:
firstly, a virtual gateway is developed by an Internet of things data support platform developer, firstly, the developer sends a virtual gateway creating request to the Internet of things data support platform, and after the identity of the developer is verified to be legal by a cloud platform, a unique identity identification serial number SN and a data uploading token apikey are generated for the virtual gateway according to information such as a timestamp and the like; and returning the serial number SN and the data uploading token apikey to the developer, and writing the serial number SN and the data uploading token apikey into the virtual gateway by the developer.
And step two, the sensing equipment of the Internet of things carries a unique identity id and a unique identity serial number SN of a virtual gateway matched with the sensing equipment of the Internet of things to initiate an equipment registration request to a data supporting platform of the Internet of things, the data supporting platform of the Internet of things generates an authentication key of the sensing equipment of the Internet of things according to the sensing equipment id of the Internet of things, the virtual gateway serial number SN and a timestamp, the key is returned to the sensing equipment of the Internet of things, and meanwhile, the sensing equipment id of the Internet of things and the authentication key are synchronized to the virtual gateway.
the sensing equipment of the internet of things corresponds to one virtual gateway, one virtual gateway corresponds to a plurality of sensing equipment of the internet of things, different types of sensing equipment correspond to different virtual gateways, and the sensing equipment types corresponding to the same virtual gateway are the same.
And thirdly, the sensing equipment of the Internet of things uploads the data to the corresponding virtual gateway after acquiring the data, the virtual gateway firstly verifies whether the node is successfully registered and verifies the legality of the node, if the equipment is legal, the data is analyzed, and the data is converted into a data format which accords with the specification of the data support platform of the Internet of things. The virtual gateway uploads data with a format conforming to the specification of the Internet of things data support platform to the Internet of things data support platform, the data comprise data collected by Internet of things sensing equipment, the unique identity id of the Internet of things sensing equipment, the unique identity serial number SN of the virtual gateway and a virtual gateway data uploading token apikey, the Internet of things data support platform firstly verifies whether the virtual gateway serial number SN and the data uploading token apikey are legal or not, if the virtual gateway serial number SN and the data uploading token apikey are legal, the data are analyzed, and the data are stored in a database according to the platform specification.
And step four, when the third-party Internet of things application calls an interface of the Internet of things data support platform to issue a command, the Internet of things data support platform broadcasts the issued command to all virtual gateways, the command comprises a command body and a unique identity id of the Internet of things sensing equipment, the virtual gateways firstly confirm whether a command sending object belongs to the virtual gateway management after receiving the command, and if so, the command body is analyzed into a form which can be identified by the adapted Internet of things sensing equipment and issued to the Internet of things sensing equipment.
Fig. 3 is a schematic diagram of a flow of virtual gateway registration in step one of the present invention:
step S201, a platform developer sends a virtual gateway creating request to a cloud platform, wherein the request comprises authentication materials such as a developer user name and a token, and can uniquely identify the identity of the developer and be used as a basis for verifying the validity of the developer;
Step S202, the Internet of things data support platform verifies the identity of a developer, if the identity of the developer is legal, the developer is allowed to develop a virtual gateway based on the platform, and a unique identity identification serial number SN and a data uploading token apikey of the virtual gateway are generated according to information such as a timestamp and the identity id of the developer;
Step S203, the data support platform of the Internet of things returns the unique identity identification serial number SN and the data uploading token apikey of the virtual gateway to the platform developer, the developer starts the development of the virtual gateway, and the serial number SN and the data uploading token apikey are written into the virtual gateway.
And S204, the virtual gateway applies for accessing the Internet of things data support platform, establishes connection with the virtual gateway after the Internet of things data support platform verifies the validity of the virtual gateway, and keeps communication.
As shown in fig. 4, it is a schematic view of a process of registering the internet of things sensing device in step two of the present invention:
step S301, the sensing equipment of the Internet of things sends a registration request to the data supporting platform of the Internet of things, wherein the registration request comprises a unique identity id which is arranged in the sensing equipment of the Internet of things and is delivered from a factory and a virtual gateway serial number SN which is adapted to the sensing equipment by developers of the data supporting platform of the Internet of things;
Step S302, the Internet of things data support platform firstly verifies whether the virtual gateway is successfully registered according to the virtual gateway serial number SN, if the verification fails, the virtual gateway is not registered, and if the verification passes, verification information key is generated according to the unique identity id of the equipment, the timestamp and other information;
step S303, the Internet of things data support platform returns the generated verification information to the Internet of things sensing equipment;
step S304, the Internet of things data support platform synchronizes the registered unique identity id of the Internet of things sensing equipment and the generated verification information key to the virtual gateway corresponding to the Internet of things sensing equipment.
fig. 5 is a schematic diagram of a data uploading process in step three of the present invention:
step S401, uploading the acquired data to a corresponding virtual gateway by each type of sensing equipment of the Internet of things, and carrying the unique identity id and the verification information key of the sensing equipment of the Internet of things;
step S402, the corresponding virtual gateway receives data, whether the equipment is legal or not is verified according to the unique identity identification id of the sensing equipment of the Internet of things and the verification information key, if the equipment is illegal, the data is refused to be received, if the equipment is legal, the data is analyzed, and the data is analyzed into a data format which accords with the platform specification;
step S403, the virtual gateway uploads the analyzed data to the Internet of things data management system, and the unique identity identification serial number SN of the virtual gateway, the data uploading token apikey and the unique identity identification id of the Internet of things sensing equipment are carried;
step S404, the Internet of things data management system firstly verifies whether the virtual gateway is legal or not according to the unique identity identification serial number SN of the virtual gateway and the data uploading token apikey, if so, the data is stored, and the validity of the Internet of things sensing equipment is not repeatedly verified at this time because the virtual gateway authenticates the Internet of things sensing equipment.
as shown in fig. 6, it is a schematic flow chart of issuing commands in step four of the present invention:
step S501, when a third-party Internet of things application calls an interface of the Internet of things data management system, the Internet of things data management system issues an issued command in a broadcast mode to all virtual gateways which have successfully accessed to an Internet of things data support platform, wherein the command comprises a command body and a unique identity id of a sending object (Internet of things sensing equipment);
Step S502, after receiving the command issued by the data management system of the Internet of things, the virtual gateway analyzes the command according to the standard, if the sending object does not belong to the virtual gateway, the virtual gateway stops executing, and if the sending object belongs to the virtual gateway, the virtual gateway converts the command body into a form which can be recognized by the sensing equipment of the Internet of things according to the protocol and the command format of the sensing equipment of the Internet of things which are adapted.
Step S503, the virtual gateway issues the converted command to the IOT sensing equipment corresponding to the command sending object.
In summary, after the virtual gateway is added on the basis of the traditional internet of things data support platform, the internet of things data support platform shields the difference of the internet of things sensing equipment for the third-party internet of things, and the virtual gateway shields the difference of the internet of things sensing equipment for the internet of things data support platform.
the above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (6)
1. an Internet of things virtual gateway and node access authentication method compatible with multiple protocols is characterized by comprising the following steps:
Firstly, a developer sends a virtual gateway establishing request to an Internet of things data support platform after real-name authentication is passed, and after the identity of the developer is verified to be legal by a cloud platform, a unique identity identification serial number SN and a data uploading token apikey are generated for the virtual gateway according to information of a timestamp and the identity id of the developer; and returning the serial number SN and the data uploading token apikey to the developer, and writing the serial number SN and the data uploading token apikey into the virtual gateway by the developer;
step two, the sensing equipment of the Internet of things carries a unique identity id and a unique identity serial number SN of a virtual gateway which is matched with the sensing equipment of the Internet of things, and initiates an equipment registration request to a data supporting platform of the Internet of things, the data supporting platform of the Internet of things generates an authentication key of the sensing equipment of the Internet of things according to the sensing equipment id of the Internet of things, the virtual gateway serial number SN and a timestamp, the key is returned to the sensing equipment of the Internet of things, and the sensing equipment id of the Internet of things and the authentication key are synchronized to the virtual gateway;
thirdly, the sensing equipment of the Internet of things uploads the data to the corresponding virtual gateway after acquiring the data, and the virtual gateway firstly verifies whether the node is successfully registered and verifies the validity of the node; the virtual gateway uploads data with a format conforming to the specification of the data support platform of the Internet of things to the data support platform of the Internet of things, the data support platform of the Internet of things firstly verifies whether the serial number SN of the virtual gateway and the data upload token apikey are legal or not, if so, the data are analyzed, and the data are stored in a database according to the specification of the platform;
Step four, when a third-party IOT application calls an interface of the IOT data support platform to issue a command, the IOT data support platform broadcasts the issued command to all virtual gateways, the virtual gateways firstly confirm whether a command sending object belongs to the virtual gateway management after receiving the command, and if the command belongs to the virtual gateway management, the command is converted into a form which can be identified by the adaptive sensing equipment and is issued to the sensing equipment; if not, no response is made.
2. The method for internet of things virtual gateway and node access authentication compatible with multiple protocols according to claim 1, wherein the method for virtual gateway registration comprises:
(1) A platform developer sends a virtual gateway creation request to a cloud platform, the request comprises authentication materials of a developer user name and a token, the identity of the developer is uniquely identified, and the identity can be used as a basis for verifying the validity of the developer;
(2) The Internet of things data support platform verifies the identity of a developer, if the identity of the developer is legal, the developer is allowed to develop a virtual gateway based on the platform, and a unique identity identification Serial Number (SN) and a data uploading token (apikey) of the virtual gateway are generated according to the timestamp and the information of the identity id of the developer;
(3) the data support platform of the Internet of things returns the unique identity identification serial number SN and the data uploading token apikey of the virtual gateway to a platform developer, the developer starts the development of the virtual gateway, and writes the serial number SN and the data uploading token apikey into the virtual gateway;
(4) the virtual gateway applies for accessing the Internet of things data support platform, and establishes connection with the virtual gateway after the Internet of things data support platform verifies the validity of the virtual gateway, so as to maintain communication.
3. The method for internet of things virtual gateway and node access authentication compatible with multiple protocols according to claim 1, wherein the method for internet of things aware device registration comprises:
(1) the method comprises the steps that the sensing equipment of the Internet of things sends a registration request to the data supporting platform of the Internet of things, wherein the registration request comprises a unique identity id which is arranged in the sensing equipment of the Internet of things and is delivered from a factory and a virtual gateway serial number SN which is adapted to the sensing equipment by developers of the data supporting platform of the Internet of things;
(2) the data support platform of the Internet of things firstly verifies whether the virtual gateway is successfully registered or not according to the serial number SN of the virtual gateway, if the virtual gateway is failed to be registered, the virtual gateway is not registered, and if the virtual gateway is passed to be verified, verification information key is generated according to the unique identity identifier id of the equipment and the information of the timestamp;
(3) the Internet of things data support platform returns the generated verification information to the Internet of things sensing equipment;
(4) And the Internet of things data support platform synchronizes the unique identity id of the Internet of things sensing equipment which is successfully registered and the generated verification information key to the virtual gateway corresponding to the Internet of things sensing equipment.
4. The method for authenticating the access of the virtual gateway and the node of the internet of things compatible with multiple protocols according to claim 1, wherein the method for uploading data in the third step comprises:
(1) the method comprises the following steps that various types of sensing equipment of the Internet of things upload collected data to corresponding virtual gateways, and carry unique identity identifications id and verification information keys of the sensing equipment of the Internet of things;
(2) The corresponding virtual gateway receives data, whether the equipment is legal or not is verified according to the unique identity identification id of the sensing equipment of the Internet of things and verification information key, if the equipment is illegal, the data is refused to be received, and if the equipment is legal, the data is analyzed, and the data is analyzed into a data format which accords with platform specifications;
(3) the virtual gateway uploads the analyzed data to the Internet of things data management system, and the unique identity identification serial number SN of the virtual gateway, the data uploading token apikey and the unique identity identification id of the Internet of things sensing equipment are carried;
(4) the data management system of the Internet of things firstly verifies whether the virtual gateway is legal or not according to the unique identity identification serial number SN of the virtual gateway and the data uploading token apikey, and if the virtual gateway is legal, the data is stored.
5. the method for authenticating the access of the virtual gateway and the node of the internet of things compatible with multiple protocols according to claim 1, wherein the method for issuing the command in the fourth step comprises the following steps:
(1) When a third-party Internet of things application calls an interface of the Internet of things data management system, the Internet of things data management system issues the issued command in a broadcast mode to all virtual gateways which have successfully accessed to the Internet of things data support platform, wherein the command comprises a command body and a unique identity id of a sending object;
(2) the virtual gateway analyzes the command according to the standard after receiving the command issued by the data management system of the Internet of things, if the sending object does not belong to the virtual gateway, the execution is stopped, and if the sending object belongs to the virtual gateway, the command body is converted into a form which can be recognized by the sensing equipment of the Internet of things according to the protocol and the command format of the sensing equipment of the Internet of things which are adapted;
(3) and the virtual gateway transmits the converted command to the Internet of things sensing equipment corresponding to the command transmitting object.
6. An internet of things sensing device applying the internet of things virtual gateway compatible with multiple protocols and the node access authentication method as claimed in any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710132079.7A CN107018127B (en) | 2017-03-07 | 2017-03-07 | Internet of things virtual gateway compatible with multiple protocols and node access authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710132079.7A CN107018127B (en) | 2017-03-07 | 2017-03-07 | Internet of things virtual gateway compatible with multiple protocols and node access authentication method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107018127A CN107018127A (en) | 2017-08-04 |
| CN107018127B true CN107018127B (en) | 2019-12-06 |
Family
ID=59440783
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710132079.7A Active CN107018127B (en) | 2017-03-07 | 2017-03-07 | Internet of things virtual gateway compatible with multiple protocols and node access authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107018127B (en) |
Families Citing this family (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10484512B2 (en) | 2015-08-31 | 2019-11-19 | Ayla Networks, Inc. | Management of multi-radio gateway device using virtual gateway device |
| US10404832B2 (en) * | 2015-08-31 | 2019-09-03 | Ayla Networks, Inc. | Management of gateway device using virtual gateway device |
| CN109842656B (en) * | 2017-11-28 | 2023-07-14 | 厦门雅迅网络股份有限公司 | Intelligent compatible multi-protocol Internet of vehicles service method and Internet of vehicles gateway system |
| CN108650093A (en) * | 2018-03-30 | 2018-10-12 | 深圳市富途网络科技有限公司 | A kind of interface realizing method based on idempotence |
| CN110377590B (en) * | 2018-04-11 | 2021-01-19 | 深圳富桂精密工业有限公司 | Data acquisition system and method based on Internet of things and computer readable storage medium |
| CN109150961A (en) * | 2018-06-29 | 2019-01-04 | 湖北海纳天鹰科技发展有限公司 | A kind of polymorphic type environment monitoring R-T unit based on nbiot network |
| CN109167809B (en) * | 2018-07-18 | 2021-11-26 | 浙江苍南仪表集团股份有限公司 | Internet of things platform docking data transmission format processing method |
| CN109088771B (en) * | 2018-08-22 | 2021-12-10 | 佛山点度物联科技有限公司 | Internet of things node template inheritance system of Internet of things application platform |
| CN110874275A (en) * | 2018-08-31 | 2020-03-10 | 北京京东尚科信息技术有限公司 | Data verification method, system, electronic equipment and readable storage medium |
| CN109327551B (en) * | 2018-12-04 | 2021-05-18 | 浩云科技股份有限公司 | Method and device for accessing Internet of things equipment into Internet of things platform and server |
| CN111865879B (en) * | 2019-04-29 | 2022-12-20 | 阿里巴巴集团控股有限公司 | Internet of things access method and system and corresponding Internet of things equipment |
| CN110768889B (en) * | 2019-10-21 | 2021-11-02 | 烽火通信科技股份有限公司 | VXLAN tunnel construction method and system |
| CN111447593B (en) * | 2020-03-27 | 2022-09-16 | 四川爱联科技股份有限公司 | Internet of things module software customization system based on 5G network |
| CN111614507B (en) * | 2020-04-01 | 2021-11-05 | 西安电子科技大学 | Network protocol feature identification method |
| CN111556158B (en) * | 2020-05-08 | 2023-05-26 | 中国通信服务股份有限公司 | Access method, access device, access equipment and storage medium of Internet of things platform |
| CN111934898A (en) * | 2020-06-16 | 2020-11-13 | 浙江华云信息科技有限公司 | Connection method based on Internet of things multi-protocol virtual gateway |
| CN112714193B (en) * | 2021-03-26 | 2021-07-13 | 深圳佳兆业科技集团有限公司 | Community data processing system, method, device and equipment based on Internet of things platform |
| CN113242534B (en) * | 2021-06-11 | 2022-05-10 | 合肥工业大学 | General type multi-protocol digital instrument thing allies oneself with module based on WI-FI |
| CN114172929A (en) * | 2021-10-28 | 2022-03-11 | 深圳市信锐网科技术有限公司 | Communication method, device and gateway |
| CN114390093A (en) * | 2021-12-20 | 2022-04-22 | 深圳市精优达科技有限公司 | Virtual gateway simulation system |
| CN114374558B (en) * | 2022-01-10 | 2023-06-30 | 上海黑眸智能科技有限责任公司 | SDK equipment distribution network quantity control method, system, server side and SDK side |
| CN114726893B (en) * | 2022-03-31 | 2022-11-15 | 慧之安信息技术股份有限公司 | Internet of things application layer access method and system capable of supporting multiple underlying bearer protocols |
| CN115001772B (en) * | 2022-05-26 | 2023-03-24 | 深圳市恺恩科技有限公司 | Power transmission line Internet of things gateway control method, control system and computer readable storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102045896A (en) * | 2010-11-22 | 2011-05-04 | 中山爱科数字科技有限公司 | Virtual Internet-of-things gateway system capable of realizing multiprotocol and network self-adapting |
| CN102802139A (en) * | 2012-07-10 | 2012-11-28 | 无锡航天飞邻测控技术有限公司 | Gateway data adapting system and method of Internet of Things |
| CN104219247A (en) * | 2014-09-22 | 2014-12-17 | 中国科学院上海微***与信息技术研究所 | Method for accessing IP network to wireless multimedia sensor network |
| CN105471982A (en) * | 2015-11-20 | 2016-04-06 | 中国石油天然气股份有限公司华北油田分公司 | Interaction method and system for internet-of-things gateway and cloud platform |
| CN106027357A (en) * | 2016-07-08 | 2016-10-12 | 北京邮电大学 | Internet of things gateway, method for admitting home equipment into Internet of things platform and Internet of things system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10623162B2 (en) * | 2015-07-23 | 2020-04-14 | Centurylink Intellectual Property Llc | Customer based internet of things (IoT) |
-
2017
- 2017-03-07 CN CN201710132079.7A patent/CN107018127B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102045896A (en) * | 2010-11-22 | 2011-05-04 | 中山爱科数字科技有限公司 | Virtual Internet-of-things gateway system capable of realizing multiprotocol and network self-adapting |
| CN102802139A (en) * | 2012-07-10 | 2012-11-28 | 无锡航天飞邻测控技术有限公司 | Gateway data adapting system and method of Internet of Things |
| CN104219247A (en) * | 2014-09-22 | 2014-12-17 | 中国科学院上海微***与信息技术研究所 | Method for accessing IP network to wireless multimedia sensor network |
| CN105471982A (en) * | 2015-11-20 | 2016-04-06 | 中国石油天然气股份有限公司华北油田分公司 | Interaction method and system for internet-of-things gateway and cloud platform |
| CN106027357A (en) * | 2016-07-08 | 2016-10-12 | 北京邮电大学 | Internet of things gateway, method for admitting home equipment into Internet of things platform and Internet of things system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107018127A (en) | 2017-08-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107018127B (en) | Internet of things virtual gateway compatible with multiple protocols and node access authentication method | |
| US11088903B2 (en) | Hybrid cloud network configuration management | |
| US11848939B2 (en) | System and method for managing and securing a distributed ledger for a decentralized peer-to-peer network | |
| US9118657B1 (en) | Extending secure single sign on to legacy applications | |
| US9906956B1 (en) | Using power-line networks to facilitate network access | |
| CN106209726B (en) | Mobile application single sign-on method and device | |
| US10805291B2 (en) | Embedded authentication in a service provider network | |
| CN103220182A (en) | System and method for managing residential gateway by using smart terminal | |
| CN105682253A (en) | Method and equipment for communication establishment, terminal and computer readable storage medium | |
| CN104796969A (en) | Network accessing method and system for equipment of internet of things on basis of recognition codes of internet of things | |
| US20150305008A1 (en) | Method and apparatus for updating information regarding specific resource in wireless communication system | |
| CN104008324A (en) | Terminal and server for applying security policy, and method of controlling the same | |
| CN106713471B (en) | Configuration file acquisition method and device | |
| CN103973474A (en) | Network terminal update configuration method | |
| CN103023856A (en) | Single sign-on method, single sign-on system, information processing method and information processing system | |
| CN103905395A (en) | WEB access control method and system based on redirection | |
| CN112788031A (en) | Envoy architecture-based micro-service interface authentication system, method and device | |
| CN105744555A (en) | Terminal maintenance method, maintenance device and network management server | |
| CN104604295B (en) | For in a wireless communication system by server management of terminal to the method and its equipment of the access rights of resource | |
| CN105049546B (en) | A kind of Dynamic Host Configuration Protocol server is the method and device of client distribution IP address | |
| WO2014044218A2 (en) | Plug-and-play network element, system, and access method | |
| KR20140137005A (en) | System for deployment of communication terminals in a cloud computing system | |
| CN109088954B (en) | Distributed object identification information registration and analysis method | |
| US9723436B2 (en) | Mobile device location | |
| WO2022006825A1 (en) | Device access method in internet of things, apparatus, computer device, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |