CN110505242A - The management method of internet of things equipment, apparatus and system - Google Patents

The management method of internet of things equipment, apparatus and system Download PDF

Info

Publication number
CN110505242A
CN110505242A CN201910874320.2A CN201910874320A CN110505242A CN 110505242 A CN110505242 A CN 110505242A CN 201910874320 A CN201910874320 A CN 201910874320A CN 110505242 A CN110505242 A CN 110505242A
Authority
CN
China
Prior art keywords
internet
things equipment
certificate
portable servicer
digital certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910874320.2A
Other languages
Chinese (zh)
Inventor
王高华
唐占国
梁栋
谭洪涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Smith Technology (shenzhen) Co Ltd
Original Assignee
Smith Technology (shenzhen) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Smith Technology (shenzhen) Co Ltd filed Critical Smith Technology (shenzhen) Co Ltd
Priority to CN201910874320.2A priority Critical patent/CN110505242A/en
Priority to PCT/CN2019/108202 priority patent/WO2021046926A1/en
Publication of CN110505242A publication Critical patent/CN110505242A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of management methods of internet of things equipment, applied to portable servicer, the portable servicer is connect with the internet of things equipment by data transmission interface, for the management method of the internet of things equipment the following steps are included: in the access instruction for receiving mobile terminal, the portable servicer feeds back set interface to the mobile terminal;After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, the setting data encrypted are decrypted;Setting data after decryption are sent to the internet of things equipment of the portable servicer connection.The invention also discloses a kind of managing device of internet of things equipment and systems, when user carries out data interaction by mobile terminal and portable servicer, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is safer.

Description

The management method of internet of things equipment, apparatus and system
Technical field
The present invention relates to internet of things equipment technical field more particularly to the management methods of internet of things equipment, apparatus and system.
Background technique
Interaction between current various internet of things equipment and user terminal is all by the way of browsing device net page interface.With Family is managed internet of things equipment by the login account in browsing device net page interface.
In the process, the transmission of data is all based on hypertext transfer protocol (HTTP, Hyper Text Transfer Protocol it) carries out, but hypertext transfer protocol belongs to plaintext agreement, causes data transmission very dangerous, so that object Networked devices and user terminal can all have security risk.
Above content is only used to facilitate the understanding of the technical scheme, and is not represented and is recognized that above content is existing skill Art.
Summary of the invention
The main purpose of the present invention is to provide a kind of management methods of internet of things equipment, apparatus and system, it is intended to user When carrying out data interaction by mobile terminal and portable servicer, data are transmitted by way of encryption, make total Safer according to transmitting, internet of things equipment management is safer.
To achieve the above object, the present invention provides a kind of management method of internet of things equipment, is applied to portable servicer, The portable servicer is connect with the internet of things equipment by data transmission interface, the management method of the internet of things equipment The following steps are included:
In the access instruction for receiving mobile terminal, the portable servicer feeds back setting circle to the mobile terminal Face;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, encrypted to described Setting data be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for described Internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
Optionally, the portable servicer to the mobile terminal feed back set interface the step of include:
The digital certificate that the portable servicer stores is sent to the mobile terminal by the portable servicer, In, the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and encrypted key is sent to The portable servicer;
The encrypted key received is decrypted according to the digital certificate, and stores the key that decryption obtains, In, the setting data encrypted described in the key pair by storage are decrypted;
The set interface is encrypted according to the key of storage, and encrypted set interface is sent to the movement Terminal.
Optionally, the digital certificate that the portable servicer stores is sent to the movement by the portable servicer Before the step of terminal, the management method of the internet of things equipment further include:
In the portable servicer First Contact Connections local area network, obtain the portable servicer device certificate and Device private;
The device private of the portable servicer is called to generate certificate chain according to the device certificate;
It calls the device private to generate the digital certificate according to the certificate chain and the device certificate, and stores institute State digital certificate.
Optionally, described that the digital certificate is generated according to the certificate chain, the device certificate and the device private The step of include:
Obtain the corresponding default mark of the portable servicer;
The device private is called to generate the number according to the default mark, the certificate chain and the device certificate Certificate.
To achieve the above object, the present invention provides a kind of management method of internet of things equipment, is applied to mobile terminal, described The management method of internet of things equipment the following steps are included:
When detecting the access instruction of user's triggering, the access instruction is sent to portable servicer, wherein institute It states portable servicer and is connect with the internet of things equipment by data transmission interface;
In the set interface for receiving the portable servicer feedback, the set interface is shown, and according to the use Family obtains setting data based on the operation of the set interface;
The setting data are encrypted, and give the setting data feedback encrypted to the portable servicer, In, the setting data encrypted are decrypted in the portable servicer, and the setting data after decryption are sent to The internet of things equipment of connection sets so that the internet of things equipment carries out Internet of Things according to the setting data after the decryption It sets.
Optionally, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, the movement is encrypted according to the digital certificate The key of terminal, wherein the setting data are encrypted by the key;
Encrypted key is sent to the portable servicer, wherein the portable servicer is according to the number Word certificate decrypts the encrypted key received, and stores the key that decryption obtains, and passes through the key pair of storage The setting data encrypted are decrypted.
Optionally, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, tested according to the certificate chain in the digital certificate Demonstrate,prove the validity of the digital certificate, wherein the portable servicer calls described portable in First Contact Connections local area network The device private of formula server generates the certificate chain according to device certificate, call the device private according to the certificate chain and The device certificate generates the digital certificate;
When the digital certificate is effective, the key of the mobile terminal is encrypted according to the digital certificate.
Optionally, the digital certificate further includes default mark, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, detect in the digital certificate with the presence or absence of institute State default mark, wherein the portable servicer calls the device private corresponding pre- according to the portable servicer Bidding is known, the certificate chain and the device certificate generate the digital certificate;
When there are the default mark, executes the certificate chain verifying number according in the digital certificate and demonstrate,prove The step of validity of book.
In addition, to achieve the above object, the present invention also provides a kind of managing device of internet of things equipment, the Internet of Things is set Standby managing device includes: memory, processor and is stored in the number that can be run on the memory and on the processor According to transmission method program, when the transmission method program of the data is executed by the processor realize as described above any one of The step of transmission method of the data.
In addition, to achieve the above object, the present invention also provides a kind of management system of internet of things equipment, the Internet of Things is set Standby management system includes:
The managing device of internet of things equipment, the managing device of the internet of things equipment are internet of things equipment as described above Managing device;
The managing device of internet of things equipment, the internet of things equipment and the internet of things equipment is connected by data transmission interface It connects.
The management method for the internet of things equipment that the embodiment of the present invention proposes is applied to portable servicer, described portable Server is connect with the internet of things equipment by data transmission interface, described in the access instruction for receiving mobile terminal Portable servicer feeds back set interface to the mobile terminal, receives what the mobile terminal was fed back by the set interface After the setting data encrypted, the setting data encrypted are decrypted, the setting data after decryption are sent to institute The internet of things equipment of portable servicer connection is stated, so that the internet of things equipment is according to the setting data after the decryption Carry out Internet of Things setting.In the present invention, when user carries out data interaction by mobile terminal and portable servicer, by adding Close mode transmits data, so that data transmission is safer, internet of things equipment management is safer.
Detailed description of the invention
Fig. 1 is the terminal structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to;
Fig. 2 is the flow diagram of an embodiment of the management method of internet of things equipment of the present invention;
Fig. 3 is the refinement flow diagram of step S10 in Fig. 2;
Fig. 4 is the flow diagram of the management method another embodiment of internet of things equipment of the present invention;
Fig. 5 is the flow diagram of the another embodiment of management method of internet of things equipment of the present invention.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The primary solutions of the embodiment of the present invention are:
In the access instruction for receiving mobile terminal, the portable servicer feeds back setting circle to the mobile terminal Face;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, encrypted to described Setting data be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for described Internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
Since in the prior art, the data transmission between internet of things equipment and user terminal is all based on Hyper text transfer association (HTTP, Hyper Text Transfer Protocol) progress is discussed, but hypertext transfer protocol belongs to plaintext agreement, leads Cause data transmission very dangerous, so that internet of things equipment and user terminal can all have security risk.
The present invention provides a solution, carries out data interaction by mobile terminal and portable servicer in user When, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is safer.
As shown in Figure 1, Fig. 1 is the terminal structure schematic diagram for the hardware running environment that the embodiment of the present invention is related to.
First terminal of the embodiment of the present invention is portable servicer.
As shown in Figure 1, the terminal may include: processor 1001, such as CPU, network interface 1004, user interface 1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these components. User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user interface 1003 can also include standard wireline interface and wireless interface.Network interface 1004 optionally may include that the wired of standard connects Mouth, wireless interface (such as WI-FI interface).Memory 1005 can be high speed RAM memory, be also possible to stable memory (non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processor 1001 storage device.
It will be understood by those skilled in the art that the restriction of the not structure paired terminal of terminal structure shown in Fig. 1, can wrap It includes than illustrating more or fewer components, perhaps combines certain components or different component layouts.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage medium Believe module, the management program of Subscriber Interface Module SIM and internet of things equipment, processor 1001 can be used for calling memory 1005 The management program of the internet of things equipment of middle storage, and execute following operation:
In the access instruction for receiving mobile terminal, the portable servicer feeds back setting circle to the mobile terminal Face;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, encrypted to described Setting data be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for described Internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also Execute following operation:
The digital certificate that the portable servicer stores is sent to the mobile terminal by the portable servicer, In, the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and encrypted key is sent to The portable servicer;
The encrypted key received is decrypted according to the digital certificate, and stores the key that decryption obtains, In, the setting data encrypted described in the key pair by storage are decrypted;
The set interface is encrypted according to the key of storage, and encrypted set interface is sent to the movement Terminal.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also Execute following operation:
In the portable servicer First Contact Connections local area network, obtain the portable servicer device certificate and Device private;
The device private of the portable servicer is called to generate certificate chain according to the device certificate;
It calls the device private to generate the digital certificate according to the certificate chain and the device certificate, and stores institute State digital certificate.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also Execute following operation:
Obtain the corresponding default mark of the portable servicer;
The device private is called to generate the number according to the default mark, the certificate chain and the device certificate Certificate.
Second terminal of the embodiment of the present invention is mobile terminal.
As shown in Figure 1, the terminal may include: processor 1001, such as CPU, network interface 1004, user interface 1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these components. User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user interface 1003 can also include standard wireline interface and wireless interface.Network interface 1004 optionally may include that the wired of standard connects Mouth, wireless interface (such as WI-FI interface).Memory 1005 can be high speed RAM memory, be also possible to stable memory (non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processor 1001 storage device.
It will be understood by those skilled in the art that the restriction of the not structure paired terminal of terminal structure shown in Fig. 1, can wrap It includes than illustrating more or fewer components, perhaps combines certain components or different component layouts.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage medium Believe module, the management program of Subscriber Interface Module SIM and internet of things equipment, processor 1001 can be used for calling memory 1005 The management program of the internet of things equipment of middle storage, and execute following operation:
When detecting the access instruction of user's triggering, the access instruction is sent to portable servicer, wherein institute It states portable servicer and is connect with the internet of things equipment by data transmission interface;
In the set interface for receiving the portable servicer feedback, the set interface is shown, and according to the use Family obtains setting data based on the operation of the set interface;
The setting data are encrypted, and give the setting data feedback encrypted to the portable servicer, In, the setting data encrypted are decrypted in the portable servicer, and the setting data after decryption are sent to The internet of things equipment of connection sets so that the internet of things equipment carries out Internet of Things according to the setting data after the decryption It sets.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also Execute following operation:
When receiving the digital certificate that the portable servicer is sent, the movement is encrypted according to the digital certificate The key of terminal, wherein the setting data are encrypted by the key;
Encrypted key is sent to the portable servicer, wherein the portable servicer is according to the number Word certificate decrypts the encrypted key received, and stores the key that decryption obtains, and passes through the key pair of storage The setting data encrypted are decrypted.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also Execute following operation:
When receiving the digital certificate that the portable servicer is sent, tested according to the certificate chain in the digital certificate Demonstrate,prove the validity of the digital certificate, wherein the portable servicer calls described portable in First Contact Connections local area network The device private of formula server generates the certificate chain according to device certificate, call the device private according to the certificate chain and The device certificate generates the digital certificate;
When the digital certificate is effective, the key of the mobile terminal is encrypted according to the digital certificate.
Further, processor 1001 can call the management program of the internet of things equipment stored in memory 1005, also Execute following operation:
When receiving the digital certificate that the portable servicer is sent, detect in the digital certificate with the presence or absence of institute State default mark, wherein the portable servicer calls the device private corresponding pre- according to the portable servicer Bidding is known, the certificate chain and the device certificate generate the digital certificate;
When there are the default mark, executes the certificate chain verifying number according in the digital certificate and demonstrate,prove The step of validity of book.
Referring to Fig. 2, in one embodiment, it is applied to portable servicer, the management method of the internet of things equipment includes Following steps:
Step S10, in the access instruction for receiving mobile terminal, the portable servicer is anti-to the mobile terminal Present set interface;
In the present embodiment, portable servicer is connect with internet of things equipment by data transmission interface, and user passes through shifting Dynamic terminal access portable servicer, so that portable servicer controls internet of things equipment by data transmission interface, thus real Now pass through the purpose of mobile terminal administration internet of things equipment.Due to portable servicer be for managing internet of things equipment, It is lower for the performance requirement of portable servicer, portable servicer can be integrated in system level chip (System on Chip, SoC in), to reduce production cost.Due to the small volume of system level chip, portable servicer can be built in Internet of Things In net equipment, and user can insert or pull out system level chip at any time so that portable servicer using more convenient.Just Formula server is taken when receiving the access instruction of mobile terminal transmission, portable servicer feeds back to set interface mobile whole End, so that user manages internet of things equipment in the set interface that mobile terminal receives, wherein set interface be with it is portable Server connection the corresponding equipment management interface of internet of things equipment, and set interface be stored in advance in portable servicer or In internet of things equipment.
Step S20, after receiving the setting data encrypted that the mobile terminal is fed back by the set interface, to institute The setting data encrypted are stated to be decrypted;
In the present embodiment, portable servicer is after feeding back to mobile terminal for set interface, if receiving mobile whole When holding the setting data encrypted fed back by set interface, the setting data encrypted are decrypted, to obtain user For the setting data of internet of things equipment.The encryption that data are arranged is based on Hyper text transfer security protocol (Hypertext Transfer Protocol Secure, HTTPS), it can specifically use symmetric cryptography or asymmetric encryption.It needs to illustrate It is that portable servicer is sent to the set interface of mobile terminal and mobile terminal is sent to the setting of portable servicer Data can be encrypted, so that data transmission is safer, and improve the safety of LAN system.
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection by step S30, So that the internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
In the present embodiment, portable servicer is after the setting data deciphering that will have been encrypted, by the setting number after decryption According to being sent in the internet of things equipment being connected to portable servicer.Setting data of the internet of things equipment after receiving decryption Afterwards, according to corresponding setting in the setting data change internet of things equipment after decryption, to realize that user passes through mobile terminal pipe Manage the purpose of internet of things equipment.
Disclosed in the present embodiment in technical solution, data friendship is carried out by mobile terminal and portable servicer in user When mutual, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is more pacified Entirely.
In another embodiment, as shown in figure 3, on the basis of above-mentioned embodiment shown in Fig. 2, step S10 includes:
The digital certificate that the portable servicer stores is sent to the shifting by step S11, the portable servicer Dynamic terminal,
Wherein, the mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and will be encrypted Key is sent to the portable servicer;
In the present embodiment, the communication encryption mode of portable servicer and mobile terminal can be symmetric cryptography or non- Symmetric cryptography.For example, portable servicer is in the access instruction for receiving mobile terminal transmission when using asymmetric encryption When, the digital certificate stored in portable servicer is sent to mobile terminal.Wherein, data certificate can be SSL (Secure Socket layer) certificate, and the digital certificate is different from traditional digital certificate, and which is according to portable clothes The device certificate that business device prestores generates, to avoid the need for the Shen certification authority (CA, Certificate Authority) Digital certificate and correlative charges please be paid, to further decrease the production cost of portable servicer.Due to traditional number card There are the limitations of validity period for book, so also needing to pay more management service cost when using traditional digital certificate, and lead to It crosses the digital certificate that the device certificate prestored according to portable servicer generates and is then not necessarily to payment management maintenance cost, to reduce The maintenance cost of portable servicer.Mobile terminal is obtained and is moved when receiving the digital certificate of portable servicer transmission The key of dynamic terminal, and according to the key of the digital certificate encryption mobile terminal received, and encrypted key is sent to just Take formula server.In symmetric cryptography, it can pass through mobile end in the data communication of subsequent portable servicer and mobile terminal The key at end is encrypted, to ensure the safety of data transmission.
In addition, when that is, portable servicer enables, can detect portable in portable servicer First Contact Connections local area network Whether it is stored with digital certificate in formula server, if not stored have digital certificate, generates certificate in portable servicer and ask File (Certificate Signing Request, CSR) is asked, and obtains the pre-stored device certificate of portable servicer, The device private for calling portable servicer, according to certificate request file generated digital certificate, and digital certificate, wherein Also embeddable device certificate and special certificate chain in digital certificate, the special certificate chain by call device private according to Device certificate generates.After digital certificate generation, by digital certificate store in portable servicer, in order to subsequent portable Use when server and mobile terminal carry out data transmission.It may also include default mark and portable servicer in digital certificate Internet protocol address (Internet Protocol Address, IP) etc., wherein default mark for traditional number Certificate is distinguished, and Internet protocol address is used to verify the validity of device certificate.Device certificate and device private are preparatory It is stored in portable servicer, and does not allow to be modified, export and delete, so that can be private by equipment in device certificate The signature of key identifies the portable servicer, and the operation that the portable servicer executes can be traced.
Step S12 decrypts the encrypted key received according to the digital certificate, and stores what decryption obtained Key,
Wherein, the setting data encrypted described in the key pair by storage are decrypted;
In the present embodiment, since encrypted key is encrypted according to the digital certificate of portable servicer, Portable servicer can be demonstrate,proved when receiving the encrypted key of mobile terminal transmission according to the number in portable servicer Book decrypts the encrypted key received, to obtain the key of mobile terminal, and stores the key that decryption obtains, in order to Portable servicer encrypts and decrypts the encryption data transmitted between portable servicer and mobile terminal according to the key.Example Such as, portable servicer, can be by the key pair of storage after the setting data encrypted for receiving mobile terminal feedback The data of encryption are decrypted.
Step S13 encrypts the set interface according to the key of storage, and encrypted set interface is sent to The mobile terminal.
In the present embodiment, when receiving the access instruction of mobile terminal transmission, if portable servicer has been got The key of mobile terminal then encrypts set interface according to key, and encrypted set interface is sent to mobile terminal, with reality The encrypted transmission of existing portable servicer and mobile terminal.
Disclosed in the present embodiment in technical solution, digital certificate is sent to mobile terminal by portable servicer, with So that mobile terminal is fed back key, portable servicer and mobile terminal and encrypted data transmission is carried out by key, so that office Domain net system data transmission is safer.
In another embodiment, as shown in figure 4, being applied to mobile terminal, the management method of the internet of things equipment includes Following steps:
The access instruction is sent to Portable service when detecting the access instruction of user's triggering by step S40 Device, wherein the portable servicer is connect with the internet of things equipment by data transmission interface;
In the present embodiment, portable servicer is connect with internet of things equipment by data transmission interface, and user passes through shifting Dynamic terminal access portable servicer, so that portable servicer controls internet of things equipment by data transmission interface, thus real Now pass through the purpose of mobile terminal administration internet of things equipment.Mobile terminal will be visited when detecting the access instruction of user's triggering Ask that instruction is sent to portable servicer, so that the corresponding set interface of portable feedback internet of things equipment.Specifically, mobile whole End access portable servicer is generally by the way of browsing device net page interface, so that user is passing through mobile terminal administration Internet of Things It is more efficient when net equipment.After access instruction is sent to portable servicer by mobile terminal, portable servicer is to movement Terminal feeds back the digital certificate of portable servicer storage, in order to which mobile terminal encrypts the close of mobile terminal according to digital certificate Key, and the key encrypted is fed back into portable servicer.Portable servicer has added according to digital certificate to what is received Close key decryption, obtains the key of mobile terminal.It should be noted that mobile terminal is sent to the setting of portable servicer Number can be encrypted according to the key, and the setting data that portable servicer received encrypted can also be decrypted according to the key.
Step S50 shows the set interface, and root in the set interface for receiving the portable servicer feedback Setting data are obtained based on the operation of the set interface according to the user;
In the present embodiment, after access instruction is sent to portable servicer by mobile terminal, if receiving portable The set interface of server feedback then shows set interface in the browsing device net page of mobile terminal, so that user is on setting circle Change is directed to the setting of internet of things equipment in face.Operation of the mobile terminal by detection user in set interface, generates and corresponds to Setting data.
Step S60 encrypts the setting data, and gives the setting data feedback encrypted to the portable clothes Business device,
Wherein, the setting data encrypted are decrypted in the portable servicer, and by the setting after decryption Data are sent to the internet of things equipment of connection, so that the internet of things equipment is carried out according to the setting data after the decryption Internet of Things setting.
In the present embodiment, mobile terminal encrypts setting data after getting setting data, and will be after encryption Setting data be sent to portable servicer.Portable servicer is in the setting number encrypted for receiving mobile terminal transmission According to when, to the setting data deciphering encrypted, and the data after decryption are sent to the Internet of Things being connected to portable servicer Equipment, to realize the purpose for passing through mobile terminal administration internet of things equipment.The encryption that data are arranged is pacified based on Hyper text transfer Full agreement (Hypertext Transfer Protocol Secure, HTTPS), can specifically use symmetric cryptography or asymmetric Encryption.It should be noted that portable servicer be sent to the set interface of mobile terminal and mobile terminal be sent to it is portable The setting data of formula server can be encrypted, so that data transmission is safer, and improve the safety of LAN system Property.
Disclosed in the present embodiment in technical solution, data friendship is carried out by mobile terminal and portable servicer in user When mutual, data are transmitted by way of encryption, so that data transmission is safer, internet of things equipment management is more pacified Entirely.
In another embodiment, it as shown in figure 5, on the basis of above-mentioned embodiment shown in Fig. 4, after step S20, also wraps It includes:
Step S70, when receiving the digital certificate that the portable servicer is sent, according in the digital certificate Certificate chain verifies the validity of the digital certificate,
Wherein, the portable servicer is in First Contact Connections local area network, the equipment for calling the portable servicer Private key generates the certificate chain according to device certificate, calls the device private raw according to the certificate chain and the device certificate At the digital certificate;
In the present embodiment, the communication encryption mode of portable servicer and mobile terminal can be symmetric cryptography or non- Symmetric cryptography.For example, portable servicer needs to send after receiving the access instruction of mobile terminal in symmetric cryptography The digital certificate of portable servicer to obtain the key of mobile terminal, and then realizes data according to key to mobile terminal Encrypted transmission.Mobile terminal needs the body to portable servicer when receiving the digital certificate of portable servicer transmission Part is verified, that is, verifies the validity of digital certificate.Since the digital certificate is different from traditional digital certificate, In When verifying digital certificate validity, can first it detect in the digital certificate with the presence or absence of default mark, and if it exists, then identify the number Word certificate is not traditional digital certificate, otherwise should be demonstrate,proved according to conventional digital according to new rule verification digital certificate validity The verification process of book is verified.Wherein, default mark can be any friendly name, for differentiating with conventional digital certificate Come.Since internet of things equipment can be assigned to an internal address after access to LAN, as the address of internet of things equipment, and Since internet of things equipment can generally be used for a long time, internal address is generally also fixed, therefore internal address can also be made For default mark.
When according to new rule verification digital certificate validity, the certificate chain in digital certificate is parsed, thus according to Certificate chain verifies digital certificate validity, it can verifies whether certificate signature is tampered by certificate chain.It certainly, can also basis Root certificate in browser of mobile terminal judge the device certificate in digital certificate whether trust, and judge Portable service The Internet protocol address (Internet Protocol Address, IP) of device whether with the address matching etc. in digital certificate. Wherein, judging that the device certificate in digital certificate, can whether before trust according to the root certificate in browser of mobile terminal Device certificate is preset in the root certificate in browser of mobile terminal, in order to verify device certificate whether trust.Also, Portable servicer obtains the device certificate prestored in portable servicer in First Contact Connections local area network, and calls portable The device private of formula server generates a special certificate chain according to device certificate.Portable servicer can be set by calling Standby private key generates digital certificate according to device certificate, and avoids to certification authority (CA, Certificate Authority) Application digital certificate simultaneously pays correlative charges, to reduce the production cost of portable servicer.And it can be in digital certificate It is embedded in certificate chain, for verifying the validity of digital certificate according to certificate chain in the browser of mobile terminal, to reach mobile The browser of terminal can normally identify the purpose of digital certificate.
Step S80 encrypts the key of the mobile terminal according to the digital certificate when the digital certificate is effective.
In the present embodiment, mobile terminal is encrypted when verifying digital certificate is effective according to effective digital certificate is verified Encrypted key is sent to portable servicer by the key of mobile terminal, is added to realize and carry out data according to key The purpose of close transmission.Wherein, the key of mobile terminal can be by generating at random and being stored in the terminal.
Disclosed in the present embodiment in technical solution, when receiving the digital certificate of portable servicer transmission, verifying The validity of digital certificate, and when digital certificate is effective, feedback key to portable servicer, thus guarantee mobile terminal with The safety that data are transmitted between portable servicer.
In addition, the embodiment of the present invention also proposes a kind of managing device of internet of things equipment, the management of the internet of things equipment Device includes: memory, processor and the transmission for being stored in the data that can be run on the memory and on the processor Method program, the transmission method program of the data realize the biography of data described in embodiment as above when being executed by the processor The step of transmission method.
In addition, the embodiment of the present invention also proposes a kind of management system of internet of things equipment, the management of the internet of things equipment System includes:
The managing device of internet of things equipment, the managing device of the internet of things equipment are Internet of Things described in embodiment as above The managing device of equipment;
The managing device of internet of things equipment, the internet of things equipment and the internet of things equipment is connected by data transmission interface It connects.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that the process, method, article or the system that include a series of elements not only include those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do There is also other identical elements in the process, method of element, article or system.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art The part contributed out can be embodied in the form of software products, which is stored in one as described above In storage medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that terminal device (it can be mobile phone, Computer, server, air conditioner or network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills Art field, is included within the scope of the present invention.

Claims (10)

1. a kind of management method of internet of things equipment, which is characterized in that be applied to portable servicer, the portable servicer Connect with the internet of things equipment by data transmission interface, the management method of the internet of things equipment the following steps are included:
In the access instruction for receiving mobile terminal, the portable servicer feeds back set interface to the mobile terminal;
After receiving the setting data encrypted that the mobile terminal is fed back by the set interface, to it is described encrypted set Data are set to be decrypted;
Setting data after decryption are sent to the internet of things equipment of the portable servicer connection, for the Internet of Things Net equipment carries out Internet of Things setting according to the setting data after the decryption.
2. the management method of internet of things equipment as described in claim 1, which is characterized in that the portable servicer is to described Mobile terminal feed back set interface the step of include:
The digital certificate that the portable servicer stores is sent to the mobile terminal by the portable servicer, wherein The mobile terminal encrypts the key of the mobile terminal according to the digital certificate, and encrypted key is sent to described Portable servicer;
The encrypted key received is decrypted according to the digital certificate, and stores the key that decryption obtains, wherein logical The setting data encrypted described in the key pair for crossing storage are decrypted;
The set interface is encrypted according to the key of storage, and encrypted set interface is sent to the movement eventually End.
3. the management method of internet of things equipment as claimed in claim 2, which is characterized in that the portable servicer will be described Before the step of digital certificate of portable servicer storage is sent to the mobile terminal, the manager of the internet of things equipment Method further include:
In the portable servicer First Contact Connections local area network, the device certificate of the portable servicer is obtained;
The device private of the portable servicer is called to generate certificate chain according to the device certificate;
It calls the device private to generate the digital certificate according to the certificate chain and the device certificate, and stores the number Word certificate.
4. the management method of internet of things equipment as claimed in claim 3, which is characterized in that described according to the certificate chain, institute Stating the step of device certificate and the device private generate the digital certificate includes:
Obtain the corresponding default mark of the portable servicer;
It calls the device private to generate the number according to the default mark, the certificate chain and the device certificate to demonstrate,prove Book.
5. a kind of management method of internet of things equipment, which is characterized in that be applied to mobile terminal, the management of the internet of things equipment Method the following steps are included:
Detect user triggering access instruction when, the access instruction is sent to portable servicer, wherein it is described just It takes formula server and is connect with the internet of things equipment by data transmission interface;
In the set interface for receiving the portable servicer feedback, the set interface is shown, and according to user's base Setting data are obtained in the operation of the set interface;
The setting data are encrypted, and give the setting data feedback encrypted to the portable servicer, wherein institute It states portable servicer the setting data encrypted are decrypted, and the setting data after decryption is sent to connection The internet of things equipment, so that the internet of things equipment carries out Internet of Things setting according to the setting data after the decryption.
6. the management method of internet of things equipment as claimed in claim 5, which is characterized in that the manager of the internet of things equipment Method further include:
When receiving the digital certificate that the portable servicer is sent, the mobile terminal is encrypted according to the digital certificate Key, wherein the setting data are encrypted by the key;
Encrypted key is sent to the portable servicer, wherein the portable servicer is demonstrate,proved according to the number Book decrypts the encrypted key received, and stores the key that decryption obtains, described in the key pair by storage The setting data encrypted are decrypted.
7. the management method of internet of things equipment as claimed in claim 6, which is characterized in that the manager of the internet of things equipment Method further include:
When receiving the digital certificate that the portable servicer is sent, institute is verified according to the certificate chain in the digital certificate State the validity of digital certificate, wherein the portable servicer calls the portable clothes in First Contact Connections local area network The device private of device of being engaged in generates the certificate chain according to device certificate, calls the device private according to the certificate chain and described Device certificate generates the digital certificate;
When the digital certificate is effective, the key of the mobile terminal is encrypted according to the digital certificate.
8. the management method of internet of things equipment as claimed in claim 7, which is characterized in that the digital certificate further includes presetting Mark, the management method of the internet of things equipment further include:
When receiving the digital certificate that the portable servicer is sent, detect in the digital certificate with the presence or absence of described pre- Bidding is known, wherein the portable servicer calls the device private according to the corresponding pre- bidding of the portable servicer Know, the certificate chain and the device certificate generate the digital certificate;
When there are the default mark, executes the certificate chain according in the digital certificate and verify the digital certificate The step of validity.
9. a kind of managing device of internet of things equipment, which is characterized in that the managing device of the internet of things equipment includes: storage Device, processor and the transmission method program for being stored in the data that can be run on the memory and on the processor, it is described The biography such as data described in any item of the claim 1 to 8 is realized when the transmission method program of data is executed by the processor The step of transmission method.
10. a kind of management system of internet of things equipment, which is characterized in that the management system of the internet of things equipment includes:
The managing device of internet of things equipment, the managing device of the internet of things equipment are internet of things equipment described in any one of claim 10 Managing device;
Internet of things equipment, the internet of things equipment are connect with the managing device of the internet of things equipment by data transmission interface.
CN201910874320.2A 2019-09-11 2019-09-11 The management method of internet of things equipment, apparatus and system Pending CN110505242A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910874320.2A CN110505242A (en) 2019-09-11 2019-09-11 The management method of internet of things equipment, apparatus and system
PCT/CN2019/108202 WO2021046926A1 (en) 2019-09-11 2019-09-26 Method and apparatus for managing internet of things device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910874320.2A CN110505242A (en) 2019-09-11 2019-09-11 The management method of internet of things equipment, apparatus and system

Publications (1)

Publication Number Publication Date
CN110505242A true CN110505242A (en) 2019-11-26

Family

ID=68591989

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910874320.2A Pending CN110505242A (en) 2019-09-11 2019-09-11 The management method of internet of things equipment, apparatus and system

Country Status (2)

Country Link
CN (1) CN110505242A (en)
WO (1) WO2021046926A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571804A (en) * 2012-01-20 2012-07-11 美的集团有限公司 Internet of things center first login method based on product identification code
CN105635174A (en) * 2016-02-03 2016-06-01 武汉天梯极客网络科技有限公司 Intelligent device sharing method
CN107094107A (en) * 2017-05-09 2017-08-25 捷开通讯(深圳)有限公司 Intelligent domestic system and control method, mobile terminal, with store function device
WO2018136059A1 (en) * 2017-01-19 2018-07-26 Nokia Technologies Oy IoT GATEWAY AND DESTINATION CLOUD SERVER
CN108600183A (en) * 2018-03-28 2018-09-28 湖南东方华龙信息科技有限公司 Target device control method
CN108833422A (en) * 2018-06-25 2018-11-16 无锡南理工科技发展有限公司 A kind of information sharing system based on Internet of Things

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010144898A1 (en) * 2009-06-12 2010-12-16 General Instrument Corporation Certificate status information protocol (csip) proxy and responder
CN105791359A (en) * 2014-12-24 2016-07-20 慧贤网智有限公司 Internet of things system and data interaction method
BR112020007781A2 (en) * 2017-10-19 2020-10-20 Autnhive Corporation system and method for generating and depositing keys for multipoint authentication
CN109347813B (en) * 2018-09-27 2021-09-03 广州邦讯信息***有限公司 Internet of things equipment login method and system, computer equipment and storage medium
CN108833101B (en) * 2018-09-28 2024-04-12 腾讯科技(北京)有限公司 Data transmission method of Internet of things equipment, internet of things equipment and authentication platform

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571804A (en) * 2012-01-20 2012-07-11 美的集团有限公司 Internet of things center first login method based on product identification code
CN105635174A (en) * 2016-02-03 2016-06-01 武汉天梯极客网络科技有限公司 Intelligent device sharing method
WO2018136059A1 (en) * 2017-01-19 2018-07-26 Nokia Technologies Oy IoT GATEWAY AND DESTINATION CLOUD SERVER
CN107094107A (en) * 2017-05-09 2017-08-25 捷开通讯(深圳)有限公司 Intelligent domestic system and control method, mobile terminal, with store function device
CN108600183A (en) * 2018-03-28 2018-09-28 湖南东方华龙信息科技有限公司 Target device control method
CN108833422A (en) * 2018-06-25 2018-11-16 无锡南理工科技发展有限公司 A kind of information sharing system based on Internet of Things

Also Published As

Publication number Publication date
WO2021046926A1 (en) 2021-03-18

Similar Documents

Publication Publication Date Title
JP6105721B2 (en) Start of corporate trigger type 2CHK association
JP6012125B2 (en) Enhanced 2CHK authentication security through inquiry-type transactions
CN108512846B (en) Bidirectional authentication method and device between terminal and server
US9838205B2 (en) Network authentication method for secure electronic transactions
US9231925B1 (en) Network authentication method for secure electronic transactions
CN105072125B (en) A kind of http communication system and method
CN101860540B (en) Method and device for identifying legality of website service
US20120295587A1 (en) Trusted mobile device based security
CN108322416B (en) Security authentication implementation method, device and system
US8949935B2 (en) Secure account creation
KR101744747B1 (en) Mobile terminal, terminal and method for authentication using security cookie
US20160241536A1 (en) System and methods for user authentication across multiple domains
CN107743067A (en) Awarding method, system, terminal and the storage medium of digital certificate
US20140359741A1 (en) Mutually Authenticated Communication
CN107800675A (en) A kind of data transmission method, terminal and server
JP2012247992A (en) Information processing apparatus and information processing method
US10601809B2 (en) System and method for providing a certificate by way of a browser extension
CN110149354A (en) A kind of encryption and authentication method and device based on https agreement
WO2015109958A1 (en) Data processing method based on negotiation key, and mobile phone
CN107948186A (en) A kind of safety certifying method and device
CN109981677A (en) A kind of credit management method and device
CN109495458A (en) A kind of method, system and the associated component of data transmission
CN101599954B (en) Safety input system, safety input method and auxiliary display device based on auxiliary display unit
CN117336092A (en) Client login method and device, electronic equipment and storage medium
JP4409497B2 (en) How to send confidential information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20191126