CN112769544B - Intelligent equipment activation authorization method and system - Google Patents

Intelligent equipment activation authorization method and system Download PDF

Info

Publication number
CN112769544B
CN112769544B CN202011504333.XA CN202011504333A CN112769544B CN 112769544 B CN112769544 B CN 112769544B CN 202011504333 A CN202011504333 A CN 202011504333A CN 112769544 B CN112769544 B CN 112769544B
Authority
CN
China
Prior art keywords
equipment
activation
sdk
information
cloud
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011504333.XA
Other languages
Chinese (zh)
Other versions
CN112769544A (en
Inventor
滕义伟
陈吉胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Unisound Intelligent Technology Co Ltd
Xiamen Yunzhixin Intelligent Technology Co Ltd
Original Assignee
Unisound Intelligent Technology Co Ltd
Xiamen Yunzhixin Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Unisound Intelligent Technology Co Ltd, Xiamen Yunzhixin Intelligent Technology Co Ltd filed Critical Unisound Intelligent Technology Co Ltd
Priority to CN202011504333.XA priority Critical patent/CN112769544B/en
Publication of CN112769544A publication Critical patent/CN112769544A/en
Application granted granted Critical
Publication of CN112769544B publication Critical patent/CN112769544B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/123Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an intelligent device activation authorization method and a system, wherein the method comprises the following steps: the cloud end embeds a public key when the SDK of the providing terminal is downloaded, and stores a private key corresponding to the public key; the terminal SDK generates meta information required by equipment activation; the meta information comprises an SDK identification code, an AES password, an equipment identification code, equipment time and an appKey; based on the meta information, the terminal SDK constructs equipment activation information, and after being encrypted by a public key built in the SDK, the terminal SDK calls a cloud API to send the encrypted equipment activation information to a cloud activation authorization center; the cloud activation authorization center decrypts the equipment activation information by using an RSA private key and authenticates the equipment; the terminal SDK confirms the activation state of the equipment according to the authentication state; and the cloud end updates the equipment activation state according to the equipment activation state confirmation information uploaded by the terminal SDK. The technical scheme can solve the problems that the equipment activation authentication information is intercepted and stolen, a developer maliciously refreshes the machine to reuse the equipment authorization and the equipment activation authentication information is tampered and repudiated in the prior art.

Description

Intelligent equipment activation authorization method and system
Technical Field
One or more embodiments of the invention relate to the technical field of image processing, in particular to an assembly line structured parameter monitoring and optimizing method and system based on streaming big data.
Background
This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein may include concepts that could be pursued, but are not necessarily ones that have been previously conceived or pursued. Thus, unless otherwise indicated herein, what is described in this section is not prior art to the description and claims in this application and is not admitted to be prior art by inclusion in this section.
With the rapid development of science and technology, intelligent devices are also increasingly applied to human life. The method comprises the steps that the intelligent device needs to be activated before being used for the first time, after the intelligent device is started for the first time, the integrated SDK is initialized by the device, and the SDK acquires hardware information of the device and uploads the hardware information to a device activation authorization service at the cloud end of the SDK; the SDK cloud activates authorization service verification equipment information, if the authorization service verification equipment information is legal, the SDK authorization information is returned, and if the authorization service verification equipment information is not legal, an error code is returned; if the SDK is successfully activated, the authorization service information is stored in the intelligent equipment.
The following problems exist in the activation authorization process of the intelligent device:
(1) The authorization activation process of the AI cloud service SDK is subjected to plaintext transmission, so that the safety is low;
(2) The activation authentication information can be reused by maliciously modifying the hardware information of the equipment (flashing);
(3) The equipment activation authentication information is simple and is easy to be tampered so as to repudiate the activated equipment.
In view of this, a new smart device activation authorization technology is needed to solve the problem of 3 pain points in the current smart device activation process:
(1) The problem that the equipment activation authentication information is intercepted and stolen;
(2) The problem that a developer maliciously refreshes the authorization of the multiplexing equipment;
(3) The problem of tampering and repudiation of the device activation authentication information.
Disclosure of Invention
One or more embodiments of the present specification describe an intelligent device activation authorization method and system, which can solve the problems existing in the prior art that device activation authentication information is intercepted and stolen, a developer maliciously refreshes machine to reuse device authorization, and device activation authentication information is tampered and repudiated.
One or more embodiments in this specification provide the following technical solutions:
the invention provides an intelligent equipment activation authorization method, which comprises the following steps:
the cloud end embeds a public key when the SDK of the providing terminal is downloaded, and stores a private key corresponding to the public key;
the terminal SDK generates meta information required by equipment activation; the meta information comprises an SDK identification code, an AES password, an equipment identification code, equipment time and an appKey;
based on the meta information, the terminal SDK constructs equipment activation information, and after being encrypted by a public key built in the SDK, the terminal SDK calls a cloud end API to send the encrypted equipment activation information to a cloud end activation authorization center;
the cloud activation authorization center decrypts the equipment activation information by using an RSA private key and authenticates the equipment;
the terminal SDK confirms the activation state of the equipment according to the authentication state;
and the cloud updates the equipment activation state according to the equipment activation state confirmation information uploaded by the terminal SDK.
In one example, the SDK identification code, AES password, device identification code, device time information are buffered in the smart device memory by the terminal SDK.
In one example, the public and private keys employ an RSA asymmetric encryption algorithm.
In one example, the cloud activation authorization center decrypts the device activation information using an RSA private key, and authenticates the device, specifically:
if the authentication is successful, the cloud end combines the SDK identification code, the equipment identification code and the authentication success code into an equipment activation authentication information string, the equipment activation authentication information string is encrypted by an AES password and then returned to the terminal SDK, meanwhile, the cloud end records activation metadata information uploaded by the terminal, and the state of equipment identified by the equipment identification code and the SDK identification code is set to be an activation state to be confirmed;
and if the authentication fails, the cloud generates an equipment activation error code and error description information according to the error reason, and the equipment activation error code and the error description information are encrypted by the AES password and then returned to the terminal SDK.
In one example, authentication is successful when the following conditions are met:
the difference between the equipment time and the cloud time is smaller than an authentication time difference threshold value;
the equipment identification code exists in a client equipment authorization list of the cloud end;
the SDK identification code and the equipment identification code of the terminal have no activation information or the activation state is in an unsuccessful state.
In one example, authentication fails when either of the following occurs:
the difference between the equipment time and the cloud time is greater than an authentication time difference threshold value;
the equipment identification code is not in the client equipment authorization list of the cloud end;
the device identification code has a record of successful over-activation.
In one example, the terminal SDK confirms the device activation status according to the authentication status, specifically:
after receiving the return information of the cloud activation authentication, the terminal SDK decrypts by using the locally cached AES password:
if the information decryption fails or the cloud returns an authentication failure code, the equipment activation fails and the equipment is to be activated again;
if the information is decrypted successfully and the equipment activation authentication success code is returned, the terminal SDK burns the authentication information returned by the cloud end into the equipment; after the terminal SDK successfully burns the authentication information, the successful activation confirmation information of the equipment is encrypted by the AES password and then sent to the cloud, and meanwhile, the AES password in the cache is cleared.
In one example, the cloud end updates the activation state of the device determined by the device identification code and the SDK identification code together according to the device activation confirmation information uploaded by the terminal SDK.
In a second aspect, the present invention provides a smart device activation authorization system, including:
the cloud platform is used for embedding a public key when the terminal SDK is downloaded and storing a private key corresponding to the public key;
the device terminal is used for generating meta information required by device activation, the terminal SDK constructs device activation information based on the meta information, and the device activation information is encrypted through a public key built in the SDK and then is sent to the cloud activation authorization center by calling the cloud API; the meta information comprises an SDK identification code, an AES password, an equipment identification code, equipment time and an appKey;
the cloud platform is also used for activating the authorization center to decrypt the equipment activation information by using an RSA private key and authenticate the equipment;
the equipment terminal is also used for confirming the equipment activation state according to the authentication state;
and the cloud platform is further used for updating the equipment activation state according to the equipment activation state confirmation information uploaded by the terminal SDK.
In one example, the cloud end updates the activation state of the device determined by the device identification code and the SDK identification code together according to the device activation confirmation information uploaded by the terminal SDK.
According to the technical scheme provided by the embodiment of the invention, the transparency and the safety of the equipment activation meta-information are ensured by the RSA asymmetric encryption algorithm and the dynamic AES symmetric encryption algorithm, and the condition that the equipment activation authentication rule is reversely deduced after the information is intercepted is avoided; the device is identified by combining the SDK identification code and the device identification code, so that the problem of cheating the activation authorization of the device by malicious flash (the device identifications of a plurality of devices are modified into the same device) is avoided; and a confirmation mechanism is activated through the terminal SDK, so that the activation of legal equipment instance is ensured, and the problems of malicious repeated activation and activation denial are avoided.
Drawings
Fig. 1 is a schematic flowchart of an intelligent device activation authorization method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an authorization timing sequence of an intelligent device according to an embodiment of the present invention.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be further noted that, for the convenience of description, only the portions related to the present invention are shown in the drawings.
It should be noted that, in the present application, the embodiments and features of the embodiments may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
The intelligent equipment activation authorization method provided by the invention mainly comprises the following 6 steps:
(1) The AI cloud platform distributes an RSA public key and a private key;
(2) The terminal SDK generates necessary meta-information activated by the equipment;
(3) The terminal SDK constructs and sends equipment activation information;
(4) The cloud side authenticates the SDK activation information;
(5) The terminal SDK confirms the activation state;
(6) And the cloud updates the activation state of the equipment.
Specifically, in an example, fig. 1 is a flowchart of an intelligent device activation authorization method provided by the present invention, and fig. 2 is a schematic diagram of an intelligent device authorization timing sequence provided by an embodiment of the present invention, as shown in fig. 1 and fig. 2, the method includes the following steps:
and step 10, the cloud end embeds a public key when the SDK of the providing terminal is downloaded, and stores a private key corresponding to the public key.
Specifically, the AI cloud platform embeds a public key generated by an RSA asymmetric encryption algorithm when providing terminal SDK download, and stores a private key corresponding to the SDK public key at the AI cloud server.
Step 20, the terminal SDK generates meta information required by equipment activation; the meta information includes an SDK identification code, an AES password, a device identification code, a device time, and an appKey.
Specifically, when the intelligent device is started for the first time, the terminal SDK integrated with the device needs to be initialized. The terminal SDK generates and acquires the meta information necessary for device activation at this time:
generating the SDK identification code: generating a unique character string with a certain length through a random algorithm for identifying the SDK, and avoiding the consistency of hardware information caused by malicious flash of the intelligent equipment;
generate AES password: dynamically generating an AES password for dynamically encrypting and decrypting data in the communication process of the terminal SDK and the cloud authorization service;
acquisition of the device identification code UDID: activating the unique identifier of the equipment, and retrieving necessary conditions for verifying whether the equipment of the client is authorized or not by the cloud;
the UDID (unique Device Identifier) refers to a unique Device Identifier, which is a character string composed of letters and numbers and is used to identify the uniqueness of each Device.
The UDID is generated in mass production of hardware and written into device hardware or a certain memory block. UDIDs are generally fixed and do not change, but malicious flash may cause changes in UDIDs.
For example, in a shipping equipment billing scenario, an enterprise using the AI service may write the same UDID to multiple device hardware by flashing it in order to pay less.
Different device operating systems have different versions of "AI service SDK", and different manners of acquiring the UDID are also different, for example, for an ANDROID system, the ANDROID _ ID of the device is generally acquired and used as the UDID.
Acquisition of device time: and the current time of the activation equipment is used for verifying the validity of the activation information of the equipment by the cloud. If the deviation between the equipment time and the cloud time is too large, the server side directly returns the information of time synchronization error;
obtain application appKey: the appKey is an identifier of the AI cloud service client, and is used for confirming the client to which the equipment identifier belongs at the cloud end, so that the conflict of the equipment identifier among different clients is avoided.
The SDK identification code, the AES password, the equipment identification code and the equipment time information are cached in the equipment memory by the terminal SDK.
As shown in fig. 2, the steps 10 and 20 are as follows:
1.1 generating SDK ID, equipment time, AES password and appKey;
1.2 AI service SDK' calls a system interface to obtain UDID;
1.3 device "running system" reads UDID in device hardware or memory;
1.4 device "run System" returns UDID to "AI service SDK";
and step 30, based on the meta information, the terminal SDK constructs equipment activation information, and after the equipment activation information is encrypted by a public key built in the SDK, the terminal SDK calls a cloud API to send the encrypted equipment activation information to a cloud activation authorization center.
Specifically, the terminal SDK sequences the SDK identification code, the AES password, the device identification code, the device time, and the application appKey in a specific order to construct device activation information. And after the device activation information is encrypted by a public key built in the SDK, calling a cloud API (application program interface) to send the encrypted activation information to a cloud device activation authorization center.
And step 40, the cloud activation authorization center uses an RSA private key to decrypt the equipment activation information and authenticates the equipment.
Specifically, the cloud device activation authorization center uses the RSA private key to decrypt the activation data uploaded by the terminal SDK, extracts necessary activation information for authentication:
success of authentication
And if the following three conditions are met, the authentication of the equipment activation information is successful:
Figure BDA0002844449860000071
the time difference between the equipment time and the cloud end is smaller than an authentication time difference threshold value;
Figure BDA0002844449860000072
the device identification code exists in the cloud client device authorization list;
Figure BDA0002844449860000073
the SDK identification code and the equipment identification code of the client have no activation information or the activation state is in an unsuccessful state;
Figure BDA0002844449860000074
and the cloud records the activation metadata information uploaded by the terminal.
The cloud end combines the SDK identification code, the equipment identification code and the successful authentication code into an equipment activation authentication information string, and the equipment activation authentication information string is encrypted by the AES password and then returned to the terminal SDK. And meanwhile, the cloud records the activation metadata information uploaded by the terminal, and sets the state of the equipment identified by the equipment identification code and the SDK identification code as the state to be confirmed for activation.
Authentication failure
The device activation information authentication fails if one of the following three conditions occurs:
Figure BDA0002844449860000075
the difference between the equipment time and the cloud time is greater than an authentication time difference threshold value;
Figure BDA0002844449860000076
the device identification code is not in the device authorization list;
Figure BDA0002844449860000077
the device identification code has a record of successful over-activation.
And the cloud generates a device activation error code and error description information according to the error reason, and returns the device activation error code and the error description information to the terminal SDK after the device activation error code and the error description information are encrypted by the AES password.
And step 50, the terminal SDK confirms the activation state of the equipment according to the authentication state.
Specifically, after receiving the return information of the cloud activation authentication, the terminal SDK decrypts the information by using the locally cached AES password.
Figure BDA0002844449860000078
And if the information decryption fails or the cloud returns an authentication failure code, the equipment fails to be activated and waits to be activated again.
Figure BDA0002844449860000079
The information is decrypted successfully and returns an equipment activation authentication success code, and the terminal SDK burns the authentication information returned by the cloud end into the equipment. After the SDK burning authentication information of the terminal is successful, the successful activation confirmation information of the equipment is encrypted by the AES password and then sent to the cloud, and meanwhile, the AES password in the cache is cleared
And step 60, the cloud updates the device activation state according to the device activation state confirmation information uploaded by the terminal SDK.
Specifically, the cloud end updates the activation state of the device determined by the device identification code and the SDK identification code together to be successful according to the device activation confirmation information uploaded by the terminal SDK.
The device which is successfully activated can access the cloud AI service capability, and the device which is not activated or fails to be activated can not access the cloud AI service capability. Corresponding to the method of the embodiment, the invention also provides an intelligent device activation authorization system, which comprises a cloud platform and a device terminal:
the cloud platform is used for embedding a public key when the terminal SDK is downloaded and storing a private key corresponding to the public key;
the device terminal is used for generating meta information required by device activation, the terminal SDK constructs device activation information based on the meta information, and after the device activation information is encrypted by a public key built in the SDK, the terminal SDK calls a cloud API to send the encrypted activation information to a cloud activation authorization center; the meta information comprises an SDK identification code, an AES password, an equipment identification code, equipment time and an appKey;
the cloud platform is also used for activating the authorization center to decrypt the activation information by using an RSA private key and authenticate the equipment;
the equipment terminal is also used for confirming the equipment activation state according to the authentication state;
and the cloud platform is further used for updating the equipment activation state according to the equipment activation state confirmation information uploaded by the terminal SDK.
The functions executed by each component in the intelligent device activation authorization system provided by the embodiment of the invention are described in detail in the method, so that redundant description is not repeated here.
The method and the system for activating and authorizing the intelligent equipment have the following advantages:
the transparency and the safety of the equipment activation meta-information are ensured through an RSA asymmetric encryption algorithm and a dynamic AES symmetric encryption algorithm, and the condition that the equipment activation authentication rule is reversely deduced after the information is intercepted is avoided;
the SDK identification code and the equipment identification code are combined to identify one equipment, so that the problem that the equipment activation authorization is cheated by malicious flash (equipment identifications of a plurality of equipment are modified into the same equipment) is avoided;
and a confirmation mechanism is activated through the terminal SDK, so that the activation of legal equipment instance is ensured, and the problems of malicious repeated activation and activation denial are avoided.
Those of skill would further appreciate that the various illustrative components and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the components and steps of the various examples have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the technical solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied in hardware, a software module executed by a processor, or a combination of the two. A software module may reside in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The above embodiments are provided to further explain the objects, technical solutions and advantages of the present invention in detail, it should be understood that the above embodiments are merely exemplary embodiments of the present invention and are not intended to limit the scope of the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A smart device activation authorization method, the method comprising the steps of:
the cloud end embeds a public key when the SDK of the providing terminal is downloaded, and stores a private key corresponding to the public key;
the terminal SDK generates meta information required by equipment activation; the meta information comprises an SDK identification code, an AES password, an equipment identification code, equipment time and an appKey;
based on the meta information, the terminal SDK constructs equipment activation information, and after being encrypted by a public key built in the SDK, the terminal SDK calls a cloud end API to send the encrypted equipment activation information to a cloud end activation authorization center;
the cloud activation authorization center decrypts the equipment activation information by using a private key and authenticates the equipment;
the terminal SDK confirms the activation state of the equipment according to the authentication state;
and the cloud updates the equipment activation state according to the equipment activation state confirmation information uploaded by the terminal SDK.
2. The method of claim 1, wherein the SDK identification code, AES password, device identification code, device time information are buffered in smart device memory by the terminal SDK.
3. The method of claim 1, wherein the public key and the private key employ an RSA asymmetric encryption algorithm.
4. The method according to claim 1, wherein the cloud activation authorization center decrypts the device activation information using a private key and authenticates the device, specifically:
if the authentication is successful, the cloud end combines the SDK identification code, the equipment identification code and the authentication success code into an equipment activation authentication information string, the equipment activation authentication information string is encrypted by an AES password and then returned to the terminal SDK, meanwhile, the cloud end records activation metadata information uploaded by the terminal, and the state of equipment identified by the equipment identification code and the SDK identification code is set to be an activation state to be confirmed;
and if the authentication fails, the cloud generates an equipment activation error code and error description information according to the error reason, and the equipment activation error code and the error description information are encrypted by the AES password and then returned to the terminal SDK.
5. The method of claim 4, wherein the authentication is successful when the following conditions are met:
the difference between the equipment time and the cloud time is smaller than an authentication time difference threshold value;
the equipment identification code exists in a client equipment authorization list of the cloud end;
the SDK identification code and the device identification code of the terminal have no activation information or the activation state is in an unsuccessful state.
6. The method of claim 4, wherein the authentication fails when any of the following occurs:
the difference between the equipment time and the cloud time is greater than an authentication time difference threshold value;
the equipment identification code is not in the client equipment authorization list of the cloud end;
the device identification code has a record of successful over-activation.
7. The method according to claim 1, wherein the terminal SDK confirms the device activation status according to the authentication status, specifically:
after receiving the returned information of the cloud activation authentication, the terminal SDK uses the locally cached AES password for decryption:
if the information decryption fails or the cloud returns an authentication failure code, the equipment activation fails and the equipment is to be activated again;
if the information is decrypted successfully and the equipment activation authentication success code is returned, the terminal SDK burns the authentication information returned by the cloud end into the equipment; after the terminal SDK successfully burns the authentication information, the successful activation confirmation information of the equipment is encrypted by the AES password and then sent to the cloud, and meanwhile, the AES password in the cache is cleared.
8. The method of claim 1, wherein the cloud updates the activation status of the device determined by the device identification code and the SDK identification code together according to device activation status confirmation information uploaded by the terminal SDK.
9. A smart device activation authorization system, comprising:
the cloud platform is used for embedding a public key when the terminal SDK is provided for downloading, and storing a private key corresponding to the public key;
the device terminal is used for generating meta information required by device activation, the terminal SDK constructs device activation information based on the meta information, and after the device activation information is encrypted by a public key built in the SDK, the terminal SDK calls a cloud API to send the encrypted device activation information to a cloud activation authorization center; the meta information comprises an SDK identification code, an AES password, an equipment identification code, equipment time and an appKey;
the cloud platform is also used for activating an authorization center to decrypt the equipment activation information by using a private key and authenticate the equipment;
the equipment terminal is also used for confirming the equipment activation state according to the authentication state;
and the cloud platform is further used for updating the equipment activation state according to the equipment activation state confirmation information uploaded by the terminal SDK.
10. The system of claim 9, wherein the cloud end updates the activation status of the device determined by the device id and the SDK id together according to the device activation status confirmation information uploaded by the terminal SDK.
CN202011504333.XA 2020-12-17 2020-12-17 Intelligent equipment activation authorization method and system Active CN112769544B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011504333.XA CN112769544B (en) 2020-12-17 2020-12-17 Intelligent equipment activation authorization method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011504333.XA CN112769544B (en) 2020-12-17 2020-12-17 Intelligent equipment activation authorization method and system

Publications (2)

Publication Number Publication Date
CN112769544A CN112769544A (en) 2021-05-07
CN112769544B true CN112769544B (en) 2022-12-30

Family

ID=75694957

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011504333.XA Active CN112769544B (en) 2020-12-17 2020-12-17 Intelligent equipment activation authorization method and system

Country Status (1)

Country Link
CN (1) CN112769544B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105656941A (en) * 2016-03-14 2016-06-08 美的集团股份有限公司 Identity authentication device and method
CN106101097A (en) * 2016-06-08 2016-11-09 美的集团股份有限公司 Home appliance and with the communication system of Cloud Server and method, Cloud Server
CN106453353A (en) * 2016-10-25 2017-02-22 四川长虹电器股份有限公司 Method for authenticating cloud by user terminal
CN107566114A (en) * 2017-10-30 2018-01-09 济南浪潮高新科技投资发展有限公司 A kind of method of equipment encryption and transmission encryption in cloud Internet of Things platform
CN111625781A (en) * 2020-08-03 2020-09-04 腾讯科技(深圳)有限公司 SDK authorization authentication method, device, equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10659444B2 (en) * 2017-06-27 2020-05-19 Uniken, Inc. Network-based key distribution system, method, and apparatus

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105656941A (en) * 2016-03-14 2016-06-08 美的集团股份有限公司 Identity authentication device and method
CN106101097A (en) * 2016-06-08 2016-11-09 美的集团股份有限公司 Home appliance and with the communication system of Cloud Server and method, Cloud Server
CN106453353A (en) * 2016-10-25 2017-02-22 四川长虹电器股份有限公司 Method for authenticating cloud by user terminal
CN107566114A (en) * 2017-10-30 2018-01-09 济南浪潮高新科技投资发展有限公司 A kind of method of equipment encryption and transmission encryption in cloud Internet of Things platform
CN111625781A (en) * 2020-08-03 2020-09-04 腾讯科技(深圳)有限公司 SDK authorization authentication method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN112769544A (en) 2021-05-07

Similar Documents

Publication Publication Date Title
CN106658493B (en) Key management method, device and system
JP6719079B2 (en) Information equipment, data processing system, data processing method and computer program
CN108768972B (en) Vehicle data storage and access method, device, system and electronic equipment
KR20190031989A (en) System and method for processing electronic contracts based on blockchain
CN110661817B (en) Resource access method and device and service gateway
CN111275419B (en) Block chain wallet signature right confirming method, device and system
CN103946858A (en) Decryption and encryption of application data
CN112565265B (en) Authentication method, authentication system and communication method between terminal devices of Internet of things
CN111884811B (en) Block chain-based data evidence storing method and data evidence storing platform
CN108171019B (en) Anti-counterfeiting verification method, anti-counterfeiting verification system, anti-counterfeiting verification device and storage medium
CN112291201B (en) Service request transmission method and device and electronic equipment
CN110611569A (en) Authentication method and related equipment
CN113472793A (en) Personal data protection system based on hardware password equipment
CN111414647A (en) Tamper-proof data sharing system and method based on block chain technology
CN103403729A (en) Secure management and personalization of unique code signing keys
CN113395282A (en) Method and system for preventing third party from accessing server resources
CN113868604A (en) Software authorization method, system, device and computer readable storage medium
CN115550041A (en) Data transmission method and device, computer equipment and storage medium
CN111585995A (en) Method and device for transmitting and processing safety wind control information, computer equipment and storage medium
CN110807210B (en) Information processing method, platform, system and computer storage medium
CN117692185A (en) Electronic seal using method and device, electronic equipment and storage medium
CN110287725B (en) Equipment, authority control method thereof and computer readable storage medium
CN110233828B (en) Mobile office method and device based on block chain
CN112769544B (en) Intelligent equipment activation authorization method and system
CN115766270A (en) File decryption method, file encryption method, key management method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant