CN105636032A - Device access processing method, device access processing device and terminal - Google Patents
Device access processing method, device access processing device and terminal Download PDFInfo
- Publication number
- CN105636032A CN105636032A CN201510184781.9A CN201510184781A CN105636032A CN 105636032 A CN105636032 A CN 105636032A CN 201510184781 A CN201510184781 A CN 201510184781A CN 105636032 A CN105636032 A CN 105636032A
- Authority
- CN
- China
- Prior art keywords
- accessed
- terminal
- target key
- access
- area network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephone Function (AREA)
Abstract
本发明提出了一种设备接入的处理方法、一种处理装置和一种终端,其中,处理方法包括:终端接收到来自待接入设备的设备接入请求时,向待接入设备发送第一随机码,待接入设备接收到第一随机码后,根据第一随机码、预存储的第二随机码和预存储的第一公共密钥,计算出第一目标密钥,并将第一目标密钥发送至终端;接收来自待接入设备的第二随机码和第一目标密钥,根据第一随机码、第二随机码和预存储的第二公共密钥,计算出第二目标密钥;判断第二目标密钥与第一目标密钥是否相同,在判断结果为是时,允许待接入设备接入无线体域网,否则,禁止接入无线体域网。本发明的技术方案通用、计算量低、且能高效地对无线体域网中的接入设备进行安全认证。
The present invention proposes a device access processing method, a processing device, and a terminal, wherein the processing method includes: when the terminal receives a device access request from the device to be accessed, sending the first request to the device to be accessed A random code. After the access device receives the first random code, it calculates the first target key according to the first random code, the pre-stored second random code and the pre-stored first public key, and uses the second A target key is sent to the terminal; receiving the second random code and the first target key from the device to be accessed, and calculating the second Target key: judging whether the second target key is the same as the first target key, and if the judgment result is yes, allow the device to be accessed to access the WBAN, otherwise, prohibit access to the WBAN. The technical solution of the invention is general, has low calculation amount, and can efficiently perform security authentication on the access equipment in the wireless body area network.
Description
技术领域technical field
本发明涉及终端接入认证技术领域,具体而言,涉及一种设备接入的处理方法,一种设备接入的处理装置和一种终端。The present invention relates to the technical field of terminal access authentication, in particular to a device access processing method, a device access processing device and a terminal.
背景技术Background technique
WBAN(WirelessBodyAreaNetwork,无线体域网)是以人体为中心的短距离无线网络,具体地说,它是附着在人体上的一种网络,由一套小巧可移动、具有通信功能的传感器和一个身体主站组成。作为一种新兴的技术,无线体域网在医疗、保健、消费类电子等领域有着非常广阔的应用前景。为了防止恶意结点接入WBAN进而对WBAN进行攻击破坏,必须对接入WBAN的设备进行认证。目前,现有技术方案中,主要有三种认证方法:WBAN (Wireless Body Area Network, Wireless Body Area Network) is a short-distance wireless network centered on the human body. Specifically, it is a network attached to the human body. It consists of a set of small and movable sensors with communication functions and a body Composition of the main station. As an emerging technology, wireless body area network has very broad application prospects in the fields of medical treatment, health care, and consumer electronics. In order to prevent malicious nodes from accessing the WBAN and then attacking and destroying the WBAN, the devices accessing the WBAN must be authenticated. At present, in the existing technical solutions, there are mainly three authentication methods:
1)一种认证方法是:WBAN身体主体(如终端)与外部接入设备(如传感器)进行双向身份认证,但该双向身份认证过程中涉及到加解密操作,且加解密操作所需的计算量非常大,在计算能力有限的移动设备和可穿戴设备上实现会造成较大的延迟。1) An authentication method is: WBAN body subject (such as a terminal) and an external access device (such as a sensor) conduct two-way identity authentication, but the two-way identity authentication process involves encryption and decryption operations, and the calculation required for encryption and decryption operations The amount is very large, and implementation on mobile devices and wearable devices with limited computing power will cause a large delay.
2)另一种认证方法是:通过传感器采集一定时长的心电信号后,通过检测信号特征点,截取一段包含完整生理信号周期信息的稳定波形,生成模板T,模板T在设备与身体主站(移动终端)之间安全共享,传感器可以通过安全的超短距离传输技术将模板T安全传送给移动终端,移动终端存储模板T,并注册用户以进行身份识别。该方法依赖于采集心电信号的传感器,适用于医疗设备组网,普通用户(非医疗WBAN用户)无法使用。2) Another authentication method is: after collecting ECG signals for a certain period of time through the sensor, by detecting the signal feature points, intercepting a stable waveform containing complete physiological signal cycle information, generating a template T, and the template T is stored between the device and the body master station. (Mobile terminals) are safely shared, and the sensor can safely transmit the template T to the mobile terminal through a safe ultra-short-distance transmission technology, and the mobile terminal stores the template T and registers the user for identification. The method relies on sensors for collecting ECG signals, is suitable for medical equipment networking, and cannot be used by ordinary users (non-medical WBAN users).
3)最后一种认证方法是:将体域网看成一个整体,每个传感器节点和控制单元都视作一个天线,从而利用不同天线的接收信号强度差异探测待认证节点的距离是否足够近,基于近距离可信原则对待认证节点进行认证。但是,该方法是通过信号强度确定待接入节点足够靠近WBAN,从而对其认证,没有考虑攻击者可能在WBAN用户身边(如,座位前后)放置恶意攻击节点。3) The last authentication method is: regard the body area network as a whole, and each sensor node and control unit are regarded as an antenna, so as to detect whether the distance between the nodes to be authenticated is close enough by using the difference in received signal strength of different antennas, The node to be authenticated is authenticated based on the principle of near-distance trustworthiness. However, this method is to determine that the node to be accessed is close enough to the WBAN through the signal strength, thereby authenticating it, without considering that the attacker may place malicious attack nodes around the WBAN user (for example, in front of and behind the seat).
上述三种认证方法在一定条件下实现了WBAN与接入设备间的认证,但各有自己的缺陷:或认证操作比较繁琐,或局限性的,或安全性不够。The above three authentication methods realize the authentication between the WBAN and the access device under certain conditions, but each has its own defects: or the authentication operation is cumbersome, or limited, or the security is not enough.
因此,如何提高无线体域网的接入认证方法的通用性,且在降低接入认证计算量的同时,对无线体域网中接入设备进行高效、安全的认证,成为亟待解决的问题。Therefore, how to improve the versatility of the access authentication method for WBAN, and how to efficiently and securely authenticate access devices in WBAN while reducing the amount of access authentication calculations has become an urgent problem to be solved.
发明内容Contents of the invention
本发明正是基于上述问题,提出了一种新的设备接入的处理方案,该方案通用、计算量低、且能高效地对无线体域网中的接入设备进行安全认证。Based on the above problems, the present invention proposes a new device access processing scheme, which is universal, low in calculation, and can efficiently perform security authentication on access devices in a wireless body area network.
有鉴于此,本发明的一方面提出了一种设备接入的处理方法,包括:当终端接收到来自待接入设备的设备接入请求时,向所述待接入设备发送第一随机码,以使所述待接入设备接收到所述第一随机码后,根据所述第一随机码、预存储的第二随机码和预存储的第一公共密钥,计算出第一目标密钥,并将所述第一目标密钥发送至所述终端;接收来自所述待接入设备的所述第二随机码和所述第一目标密钥,根据所述第一随机码、所述第二随机码和预存储的第二公共密钥,计算出第二目标密钥;判断所述第二目标密钥与所述第一目标密钥是否相同,在判断结果为是时,允许所述待接入设备接入所述终端构建的无线体域网,否则,禁止所述待接入设备接入所述终端构建的无线体域网。In view of this, an aspect of the present invention proposes a device access processing method, including: when a terminal receives a device access request from a device to be accessed, sending a first random code to the device to be accessed so that after the device to be accessed receives the first random code, it calculates the first target encryption key according to the first random code, the pre-stored second random code, and the pre-stored first public key. key, and send the first target key to the terminal; receive the second random code and the first target key from the device to be accessed, according to the first random code, the The second random code and the pre-stored second public key are used to calculate the second target key; judge whether the second target key is the same as the first target key, and when the judgment result is yes, allow The device to be accessed accesses the wireless body area network constructed by the terminal, otherwise, the device to be accessed is prohibited from accessing the wireless body area network constructed by the terminal.
在该技术方案中,通过向待接入设备发送一个第一随机码,可以使待接入设备根据第一随机码、预存储的第二随机码和第一公开密钥,按照自身的加密算法计算出一个第一目标密钥,并将第一目标密钥发送至终端,这样,终端就可以根据第一随机码、预存储的第二随机码和第二公开密钥,按照自身的算法计算出一个第二目标密码,并与所接收到的第一目标密钥进行比对,以根据判断结果判断该待接入设备是否为终端允许接入的合法设备,若是,则允许该待接入设备接入终端构建的无线体域网,否则,说明该待接入设备是非法设备,会对无线体域网的安全性带来威胁,则禁止该待接入设备接入终端构建的无线体域网,从而实现通过简单的、计算量较低的加密算法就可以高效地完成对待接入设备进入无线体域网的安全认证,可以有效地避免非法待接入设备接入终端构建的无线体域网而对该无线体域网造成破坏。In this technical solution, by sending a first random code to the device to be accessed, the device to be accessed can be encrypted according to its own encryption algorithm according to the first random code, the pre-stored second random code and the first public key. Calculate a first target key, and send the first target key to the terminal, so that the terminal can calculate according to its own algorithm according to the first random code, the pre-stored second random code and the second public key Generate a second target password, and compare it with the received first target key to judge whether the device to be accessed is a legal device that the terminal allows access according to the judgment result, and if so, allow the device to be accessed Otherwise, it means that the device to be connected is an illegal device, which will pose a threat to the security of the wireless body area network, and the device to be connected is prohibited from accessing the wireless body area network built by the terminal. In this way, the security authentication of the device to be accessed into the wireless body area network can be efficiently completed through a simple encryption algorithm with a low amount of calculation, which can effectively prevent the wireless body area network constructed by the illegal device to be accessed from accessing the terminal. area network and cause damage to the wireless body area network.
在上述技术方案中,优选地,在允许所述待接入设备接入所述终端构建的无线体域网之后,根据所述第二随机码和所述第二公共密钥,计算出第三目标密钥;将所述第三目标密钥发送至所述待接入设备,以使所述待接入设备根据所述第二随机码和所述第一公共密钥,计算出第四目标密钥后,判定所述第三目标密钥与所述第四目标密钥是否相同,并在判定结果为相同时,向所述终端发送接入所述无线体域网的确认信息,否则,不发送接入所述无线体域网的确认信息。In the above technical solution, preferably, after the device to be accessed is allowed to access the wireless body area network constructed by the terminal, according to the second random code and the second public key, the third target key; sending the third target key to the device to be accessed, so that the device to be accessed can calculate a fourth target according to the second random code and the first public key determine whether the third target key is the same as the fourth target key, and when the determination result is the same, send confirmation information for accessing the wireless body area network to the terminal; otherwise, No confirmation information for accessing the wireless body area network is sent.
在该技术方案中,在终端根据第二随机码和第二公共密钥,计算出第三目标密钥后,可以将第三目标密钥传送至待接入设备,以使待接入设备根据第二随机码和第一公开密钥,计算出第四目标密钥后,将第四目标密钥与接收到的第三目标密钥进行比对,若比较结果为第三目标密钥与第四目标密钥相同,则待接入设备就会再次确认接入了正确的无线体域网,就会向终端发送确认信息,以完成接入,当然,当判断结果为第三目标密钥与第四目标密钥不相同时,说明待接入设备有可能误接入了错误的无线体域网,也即目前终端所构建的无线体域网并不是待接入设备真正需要接入的无线体域网,则该待接入设备就不会向终端发送确认信息,也不会接入该无线体域网,通过上述过程,可以实现待接入设备的接入认证过程的双向认证,提高待接入设备接入过程的准确性,这样不仅可以防止非法待接入设备接入当前终端构建的无线体域网,提高无线体域网接入安全性,又可以防止待接入设备误接入错误的无线体域网,从而提高待接入设备接入过程的准确性,当然,由于该双向认证过程不需要对待接入设备的类型进行限定,因此,该双向认证方法具有很高的通用性,适用于对各种类型的待接入设备进行安全认证。In this technical solution, after the terminal calculates the third target key according to the second random code and the second public key, it can transmit the third target key to the device to be accessed, so that the device to be accessed can use the The second random code and the first public key, after calculating the fourth target key, compare the fourth target key with the received third target key, if the comparison result is that the third target key and the first The four target keys are the same, and the device to be connected will confirm that it has connected to the correct wireless body area network again, and will send a confirmation message to the terminal to complete the access. Of course, when the judgment result is that the third target key is the same as When the fourth target key is different, it means that the device to be accessed may have mistakenly connected to the wrong wireless body area network, that is, the wireless body area network currently constructed by the terminal is not the wireless body area network that the device to be accessed actually needs to access. Body area network, the device to be connected will not send confirmation information to the terminal, nor will it access the wireless body area network. Through the above process, the two-way authentication of the access authentication process of the device to be connected can be realized, improving The accuracy of the access process of the equipment to be accessed can not only prevent illegal equipment to be accessed from accessing the wireless body area network constructed by the current terminal, improve the access security of the wireless body area network, but also prevent the equipment to be accessed from being mistakenly connected wrong wireless body area network, thereby improving the accuracy of the access process of the device to be accessed. Of course, since the two-way authentication process does not need to limit the type of the device to be accessed, the two-way authentication method has high versatility. It is suitable for security authentication of various types of devices to be connected.
在上述技术方案中,优选地,还包括:当所述待接入设备为所述终端允许接入的待接入设备时,所述第一公共密钥和所述第二公共密钥相同,以及所述待接入设备计算所述第一目标密钥和所述第四目标密钥时使用的算法与所述终端计算所述第二目标密钥和所述第三目标密钥时使用的算法相同。In the above technical solution, preferably, further comprising: when the device to be accessed is a device to be accessed that is permitted by the terminal, the first public key is the same as the second public key, And the algorithm used by the device to be accessed when calculating the first target key and the fourth target key is the same as the algorithm used by the terminal when calculating the second target key and the third target key The algorithm is the same.
在该技术方案中,通过向终端和终端允许接入的合法待接入设备预置相同的第一公共密钥和所述第二公共密钥,以及控制他们使用相同的加密算法,可以确保在待接入设备接入终端构建的无线体域网的过程中,唯有合法的待接入设备才能计算出与终端相同的目标密钥,进而顺利地通过无线体域网的接入安全认证,而非法待接入设备由于并不具备与终端相同的加密计算中不可以缺少的公共密钥,更不具备与终端相同的加密算法,因此,不可能计算出与终端相同的目标密钥,从而无法顺利地通过无线体域网的接入安全认证,无法接入终端构建的无线体域网,这样就可以实现最大程度地确保待接入设备接入无线体域网的安全性。其中,第一公开密钥和第二公开密钥包括但不限于:用户设定的口令、密码等。用以获得目标密钥的计算方法优选地采用密码学哈希函数。In this technical solution, by presetting the same first public key and the second public key to the terminal and the legal equipment to be accessed that the terminal is allowed to access, and controlling them to use the same encryption algorithm, it can be ensured that During the process of accessing the wireless body area network built by the terminal, only the legal waiting device can calculate the same target key as the terminal, and then successfully pass the access security authentication of the wireless body area network. However, because the illegal device to be accessed does not have the same public key as the terminal, and does not have the same encryption algorithm as the terminal, it is impossible to calculate the same target key as the terminal, thus Unable to successfully pass the access security authentication of the wireless body area network, and unable to access the wireless body area network constructed by the terminal, so as to ensure the security of the access device to the wireless body area network to the greatest extent. Wherein, the first public key and the second public key include but are not limited to: passwords, passwords, etc. set by users. The calculation method used to obtain the target key preferably adopts a cryptographic hash function.
在上述技术方案中,优选地,还包括:当所述终端允许或禁止所述待接入设备接入所述无线体域网时,发出提示信号;以及当所述待接入设备接入所述无线体域网后,所述终端与所述待接入设备通过WIFI、蓝牙、红外、NFC、有线网络、无线网络中的至少一种方式通信。In the above technical solution, preferably, it further includes: when the terminal allows or prohibits the device to be accessed from accessing the wireless body area network, sending a prompt signal; and when the device to be accessed accesses the wireless body area network After the wireless body area network, the terminal communicates with the device to be accessed through at least one of WIFI, Bluetooth, infrared, NFC, wired network, and wireless network.
在该技术方案中,通过向用户发送提示信息,使得用户了解当前待接入设备的接入状态,以对待接入设备的接入状态进行有效的监控。当然,还可以根据接入设备和终端当前所处的环境,为终端和接入设备选择更为便捷的通信方式,如WIFI、蓝牙、红外、NFC、有线网络、无线网络等。In this technical solution, by sending prompt information to the user, the user is made aware of the current access status of the device to be accessed, so as to effectively monitor the access status of the device to be accessed. Of course, you can also choose a more convenient communication method for the terminal and the access device according to the current environment of the access device and the terminal, such as WIFI, Bluetooth, infrared, NFC, wired network, wireless network, etc.
在上述技术中,优选地,上述任一项技术方案中的设备接入的处理方法,所述待接入设备包括:普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备中的至少一种设备。In the above technologies, preferably, in the processing method of device access in any of the above technical solutions, the device to be connected includes: at least one of ordinary mobile devices, wearable devices, wearable sensors and medical devices kind of equipment.
在该技术方案中,待接入设备包括但不限于普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备,所有可以通过无线体域网与终端进行通信,以提高用户便利性的设备均可。In this technical solution, the devices to be accessed include but are not limited to ordinary mobile devices, wearable devices, wearable sensors and medical devices, and all devices that can communicate with terminals through wireless body area networks to improve user convenience are Can.
本发明的另一方面提出了一种设备接入的处理装置,包括:发送单元,当终端接收到来自待接入设备的设备接入请求时,向所述待接入设备发送第一随机码,以使所述待接入设备接收到所述第一随机码后,根据所述第一随机码、预存储的第二随机码和预存储的第一公共密钥,计算出第一目标密钥,并将所述第一目标密钥发送至所述终端;接收单元,接收来自所述待接入设备的所述第二随机码和所述第一目标密钥;计算单元,根据所述第一随机码、所述第二随机码和预存储的第二公共密钥,计算出第二目标密钥;判断单元,判断所述第二目标密钥与所述第一目标密钥是否相同;处理单元,在判断结果为是时,允许所述待接入设备接入所述终端构建的无线体域网,否则,禁止所述待接入设备接入所述终端构建的无线体域网。Another aspect of the present invention proposes a device access processing device, including: a sending unit, when the terminal receives a device access request from a device to be accessed, it sends a first random code to the device to be accessed so that after the device to be accessed receives the first random code, it calculates the first target encryption key according to the first random code, the pre-stored second random code, and the pre-stored first public key. key, and send the first target key to the terminal; the receiving unit receives the second random code and the first target key from the device to be accessed; the computing unit, according to the The first random code, the second random code and the pre-stored second public key calculate the second target key; the judging unit judges whether the second target key is the same as the first target key The processing unit, when the judgment result is yes, allows the device to be accessed to access the wireless body area network constructed by the terminal, otherwise, prohibits the device to be accessed to access the wireless body area network constructed by the terminal .
在该技术方案中,通过向待接入设备发送一个第一随机码,可以使待接入设备根据第一随机码、预存储的第二随机码和第一公开密钥,按照自身的加密算法计算出一个第一目标密钥,并将第一目标密钥发送至终端,这样,终端就可以根据第一随机码、预存储的第二随机码和第二公开密钥,按照自身的算法计算出一个第二目标密码,并与所接收到的第一目标密钥进行比对,以根据判断结果判断该待接入设备是否为终端允许接入的合法设备,若是,则允许该待接入设备接入终端构建的无线体域网,否则,说明该待接入设备是非法设备,会对无线体域网的安全性带来威胁,则禁止该待接入设备接入终端构建的无线体域网,从而实现通过简单的、计算量较低的加密算法就可以高效地完成对待接入设备进入无线体域网的安全认证,可以有效地避免非法待接入设备接入终端构建的无线体域网而对该无线体域网造成破坏。In this technical solution, by sending a first random code to the device to be accessed, the device to be accessed can be encrypted according to its own encryption algorithm according to the first random code, the pre-stored second random code and the first public key. Calculate a first target key, and send the first target key to the terminal, so that the terminal can calculate according to its own algorithm according to the first random code, the pre-stored second random code and the second public key Generate a second target password, and compare it with the received first target key to judge whether the device to be accessed is a legal device that the terminal allows access according to the judgment result, and if so, allow the device to be accessed Otherwise, it means that the device to be connected is an illegal device, which will pose a threat to the security of the wireless body area network, and the device to be connected is prohibited from accessing the wireless body area network built by the terminal. In this way, the security authentication of the device to be accessed into the wireless body area network can be efficiently completed through a simple encryption algorithm with a low amount of calculation, which can effectively prevent the wireless body area network constructed by the illegal device to be accessed from accessing the terminal. area network and cause damage to the wireless body area network.
在上述技术方案中,优选地,所述计算单元还用于:在允许所述待接入设备接入所述终端构建的无线体域网之后,根据所述第二随机码和所述第二公共密钥,计算出第三目标密钥;所述发送单元还用于:将所述第三目标密钥发送至所述待接入设备,以使所述待接入设备根据所述第二随机码和所述第一公共密钥,计算出第四目标密钥后,判定所述第三目标密钥与所述第四目标密钥是否相同,并在判定结果为相同时,向所述终端发送接入所述无线体域网的确认信息,否则,不发送接入所述无线体域网的确认信息。In the above technical solution, preferably, the calculation unit is further configured to: after allowing the device to be accessed to access the wireless body area network constructed by the terminal, according to the second random code and the second public key to calculate a third target key; the sending unit is further configured to: send the third target key to the device to be accessed, so that the device to be accessed can use the second Random code and the first public key, after calculating the fourth target key, determine whether the third target key is the same as the fourth target key, and when the determination result is the same, send the The terminal sends confirmation information for accessing the wireless body area network, otherwise, does not send confirmation information for accessing the wireless body area network.
在该技术方案中,在终端根据第二随机码和第二公共密钥,计算出第三目标密钥后,可以将第三目标密钥传送至待接入设备,以使待接入设备根据第二随机码和第一公开密钥,计算出第四目标密钥后,将第四目标密钥与接收到的第三目标密钥进行比对,若比较结果为第三目标密钥与第四目标密钥相同,则待接入设备就会再次确认接入了正确的无线体域网,就会向终端发送确认信息,以完成接入,当然,当判断结果为第三目标密钥与第四目标密钥不相同时,说明待接入设备有可能误接入了错误的无线体域网,也即目前终端所构建的无线体域网并不是待接入设备真正需要接入的无线体域网,则该待接入设备就不会向终端发送确认信息,也不会接入该无线体域网,通过上述过程,可以实现待接入设备的接入认证过程的双向认证,提高待接入设备接入过程的准确性,这样不仅可以防止非法待接入设备接入当前终端构建的无线体域网,提高无线体域网接入安全性,又可以防止待接入设备误接入错误的无线体域网,从而提高待接入设备接入过程的准确性,当然,由于该双向认证过程不需要对待接入设备的类型进行限定,因此,该双向认证方法具有很高的通用性,适用于对各种类型的待接入设备进行安全认证。In this technical solution, after the terminal calculates the third target key according to the second random code and the second public key, it can transmit the third target key to the device to be accessed, so that the device to be accessed can use the The second random code and the first public key, after calculating the fourth target key, compare the fourth target key with the received third target key, if the comparison result is that the third target key and the first The four target keys are the same, and the device to be connected will confirm that it has connected to the correct wireless body area network again, and will send a confirmation message to the terminal to complete the access. Of course, when the judgment result is that the third target key is the same as When the fourth target key is different, it means that the device to be accessed may have mistakenly connected to the wrong wireless body area network, that is, the wireless body area network currently constructed by the terminal is not the wireless body area network that the device to be accessed actually needs to access. Body area network, the device to be connected will not send confirmation information to the terminal, nor will it access the wireless body area network. Through the above process, the two-way authentication of the access authentication process of the device to be connected can be realized, improving The accuracy of the access process of the equipment to be accessed can not only prevent illegal equipment to be accessed from accessing the wireless body area network constructed by the current terminal, improve the access security of the wireless body area network, but also prevent the equipment to be accessed from being mistakenly connected wrong wireless body area network, thereby improving the accuracy of the access process of the device to be accessed. Of course, since the two-way authentication process does not need to limit the type of the device to be accessed, the two-way authentication method has high versatility. It is suitable for security authentication of various types of devices to be connected.
在上述技术方案中,优选地,还包括:当所述待接入设备为所述终端允许接入的待接入设备时,所述第一公共密钥和所述第二公共密钥相同,以及所述待接入设备计算所述第一目标密钥和所述第四目标密钥时使用的算法与所述终端计算所述第二目标密钥和所述第三目标密钥时使用的算法相同。In the above technical solution, preferably, further comprising: when the device to be accessed is a device to be accessed that is permitted by the terminal, the first public key is the same as the second public key, And the algorithm used by the device to be accessed when calculating the first target key and the fourth target key is the same as the algorithm used by the terminal when calculating the second target key and the third target key The algorithm is the same.
在该技术方案中,通过向终端和终端允许接入的合法待接入设备预置相同的第一公共密钥和所述第二公共密钥,以及控制他们使用相同的加密算法,可以确保在待接入设备接入终端构建的无线体域网的过程中,唯有合法的待接入设备才能计算出与终端相同的目标密钥,进而顺利地通过无线体域网的接入安全认证,而非法待接入设备由于并不具备与终端相同的加密计算中不可以缺少的公共密钥,更不具备与终端相同的加密算法,因此,不可能计算出与终端相同的目标密钥,从而无法顺利地通过无线体域网的接入安全认证,无法接入终端构建的无线体域网,这样就可以实现最大程度地确保待接入设备接入无线体域网的安全性。其中,第一公开密钥和第二公开密钥包括但不限于:用户设定的口令、密码等。用以获得目标密钥的计算方法优选地采用密码学哈希函数。In this technical solution, by presetting the same first public key and the second public key to the terminal and the legal equipment to be accessed that the terminal is allowed to access, and controlling them to use the same encryption algorithm, it can be ensured that During the process of accessing the wireless body area network built by the terminal, only the legal waiting device can calculate the same target key as the terminal, and then successfully pass the access security authentication of the wireless body area network. However, because the illegal device to be accessed does not have the same public key as the terminal, and does not have the same encryption algorithm as the terminal, it is impossible to calculate the same target key as the terminal, thus Unable to successfully pass the access security authentication of the wireless body area network, and unable to access the wireless body area network constructed by the terminal, so as to ensure the security of the access device to the wireless body area network to the greatest extent. Wherein, the first public key and the second public key include but are not limited to: passwords, passwords, etc. set by users. The calculation method used to obtain the target key preferably adopts a cryptographic hash function.
在上述技术方案中,优选地,还包括:提示单元,当所述终端允许或禁止所述待接入设备接入所述无线体域网时,发出提示信号;以及控制单元,当所述待接入设备接入所述无线体域网后,控制所述终端与所述待接入设备通过WIFI、蓝牙、红外、NFC、有线网络、无线网络中的至少一种方式通信。In the above technical solution, preferably, further comprising: a prompting unit, sending a prompting signal when the terminal allows or prohibits the device to be accessed from accessing the wireless body area network; and a control unit, when the terminal to be accessed After the access device accesses the wireless body area network, control the terminal to communicate with the device to be accessed through at least one of WIFI, Bluetooth, infrared, NFC, wired network, and wireless network.
在该技术方案中,通过向用户发送提示信息,使得用户了解当前待接入设备的接入状态,以对待接入设备的接入状态进行有效的监控。当然,还可以根据接入设备和终端当前所处的环境,为终端和接入设备选择更为便捷的通信方式,如WIFI、蓝牙、红外、NFC、有线网络、无线网络等。In this technical solution, by sending prompt information to the user, the user is made aware of the current access status of the device to be accessed, so as to effectively monitor the access status of the device to be accessed. Of course, you can also choose a more convenient communication method for the terminal and the access device according to the current environment of the access device and the terminal, such as WIFI, Bluetooth, infrared, NFC, wired network, wireless network, etc.
在上述技术方案中,优选地,所述待接入设备包括:普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备中的至少一种设备。In the above technical solution, preferably, the device to be accessed includes: at least one device among ordinary mobile devices, wearable devices, wearable sensors and medical devices.
在该技术方案中,待接入设备包括但不限于普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备,所有可以通过无线体域网与终端进行通信,以提高用户便利性的设备均可。In this technical solution, the devices to be accessed include but are not limited to ordinary mobile devices, wearable devices, wearable sensors and medical devices, and all devices that can communicate with terminals through wireless body area networks to improve user convenience are Can.
本发明的第三方面提出了一种终端,包括如上述技术方案中任一项所述的设备接入的处理装置,因此,该终端具有和上述技术方案中任一项所述的设备接入的处理装置相同的技术效果,在此不再赘述。The third aspect of the present invention proposes a terminal, including the processing device for device access described in any one of the above technical solutions, therefore, the terminal has the device access device described in any one of the above technical solutions The same technical effect as the processing device, will not be repeated here.
通过本发明的技术方案,能够提高无线体域网的接入认证方法的通用性,且在降低接入认证计算量的同时,对无线体域网中接入设备进行高效、安全的认证。Through the technical solution of the present invention, the universality of the access authentication method of the wireless body area network can be improved, and while the calculation amount of access authentication is reduced, the access device in the wireless body area network can be authenticated efficiently and safely.
附图说明Description of drawings
图1示出了根据本发明的一个实施例的设备接入的处理方法的流程示意图;FIG. 1 shows a schematic flowchart of a method for processing device access according to an embodiment of the present invention;
图2示出了根据本发明的一个实施例的设备接入的处理装置的示意框图;Fig. 2 shows a schematic block diagram of a processing device for device access according to an embodiment of the present invention;
图3示出了根据本发明的一个实施例的终端的结构示意图;FIG. 3 shows a schematic structural diagram of a terminal according to an embodiment of the present invention;
图4示出了根据本发明的一个实施例的WBAN的结构示意图;FIG. 4 shows a schematic structural diagram of a WBAN according to an embodiment of the present invention;
图5示出了根据本发明的另一个实施例的设备接入的处理方法的流程示意图;Fig. 5 shows a schematic flowchart of a method for processing device access according to another embodiment of the present invention;
图6示出了根据本发明的一个实施例的主站配置的流程示意图;Fig. 6 shows a schematic flow diagram of master station configuration according to an embodiment of the present invention;
图7示出了根据本发明的一个实施例的待接入设备配置的流程示意图;Fig. 7 shows a schematic flowchart of configuration of a device to be accessed according to an embodiment of the present invention;
图8示出了根据本发明的一个实施例的主站与待接入设备之间双向认证过程的流程示意图。Fig. 8 shows a schematic flowchart of a two-way authentication process between a master station and a device to be accessed according to an embodiment of the present invention.
具体实施方式detailed description
为了可以更清楚地理解本发明的上述目的、特征和优点,下面结合附图和具体实施方式对本发明进行进一步的详细描述。需要说明的是,在不冲突的情况下,本申请的实施例及实施例中的特征可以相互组合。In order to have a clearer understanding of the above objects, features and advantages of the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. It should be noted that, in the case of no conflict, the embodiments of the present application and the features in the embodiments can be combined with each other.
在下面的描述中阐述了很多具体细节以便于充分理解本发明,但是,本发明还可以采用其他不同于在此描述的其他方式来实施,因此,本发明的保护范围并不受下面公开的具体实施例的限制。In the following description, many specific details are set forth in order to fully understand the present invention. However, the present invention can also be implemented in other ways different from those described here. Therefore, the protection scope of the present invention is not limited by the specific details disclosed below. EXAMPLE LIMITATIONS.
图1示出了根据本发明的一个实施例的设备接入的处理方法的流程示意图。Fig. 1 shows a schematic flowchart of a method for processing device access according to an embodiment of the present invention.
如图1所示,根据本发明的一个实施例的设备接入的处理方法,包括:步骤102,当终端接收到来自待接入设备的设备接入请求时,向所述待接入设备发送第一随机码,以使所述待接入设备接收到所述第一随机码后,根据所述第一随机码、预存储的第二随机码和预存储的第一公共密钥,计算出第一目标密钥,并将所述第一目标密钥发送至所述终端;步骤104,接收来自所述待接入设备的所述第二随机码和所述第一目标密钥,根据所述第一随机码、所述第二随机码和预存储的第二公共密钥,计算出第二目标密钥;步骤106,判断所述第二目标密钥与所述第一目标密钥是否相同,在判断结果为是时,允许所述待接入设备接入所述终端构建的无线体域网,否则,禁止所述待接入设备接入所述终端构建的无线体域网。As shown in Figure 1, the processing method for device access according to an embodiment of the present invention includes: step 102, when the terminal receives a device access request from the device to be accessed, the terminal sends a request to the device to be accessed The first random code, so that after the device to be accessed receives the first random code, it calculates according to the first random code, the pre-stored second random code, and the pre-stored first public key The first target key, and send the first target key to the terminal; step 104, receive the second random code and the first target key from the device to be accessed, and according to the The first random code, the second random code and the pre-stored second public key are used to calculate the second target key; step 106, determine whether the second target key and the first target key are Similarly, when the judgment result is yes, the device to be accessed is allowed to access the wireless body area network built by the terminal, otherwise, the device to be accessed is prohibited from accessing the wireless body area network built by the terminal.
在该技术方案中,通过向待接入设备发送一个第一随机码,可以使待接入设备根据第一随机码、预存储的第二随机码和第一公开密钥,按照自身的加密算法计算出一个第一目标密钥,并将第一目标密钥发送至终端,这样,终端就可以根据第一随机码、预存储的第二随机码和第二公开密钥,按照自身的算法计算出一个第二目标密码,并与所接收到的第一目标密钥进行比对,以根据判断结果判断该待接入设备是否为终端允许接入的合法设备,若是(即第二目标密钥与第一目标密钥相同),则允许该待接入设备接入终端构建的无线体域网,否则,说明该待接入设备是非法设备,会对无线体域网的安全性带来威胁,则禁止该待接入设备接入终端构建的无线体域网,从而实现通过简单的、计算量较低的加密算法就可以高效地完成对待接入设备进入无线体域网的安全认证,可以有效地避免非法待接入设备接入终端构建的无线体域网而对该无线体域网造成破坏。In this technical solution, by sending a first random code to the device to be accessed, the device to be accessed can be encrypted according to its own encryption algorithm according to the first random code, the pre-stored second random code and the first public key. Calculate a first target key, and send the first target key to the terminal, so that the terminal can calculate according to its own algorithm according to the first random code, the pre-stored second random code and the second public key Generate a second target password and compare it with the received first target key to judge whether the device to be accessed is a legitimate device that the terminal allows access according to the judgment result, if so (that is, the second target key is the same as the first target key), then the device to be accessed is allowed to access the wireless body area network built by the terminal, otherwise, it means that the device to be accessed is an illegal device, which will pose a threat to the security of the wireless body area network , the device to be accessed is prohibited from accessing the wireless body area network built by the terminal, so that the security authentication of the device to be accessed into the wireless body area network can be efficiently completed through a simple encryption algorithm with a low computational complexity, and can It effectively prevents the wireless body area network constructed by illegal access devices from accessing the terminal and causing damage to the wireless body area network.
在上述技术方案中,优选地,在允许所述待接入设备接入所述终端构建的无线体域网之后,根据所述第二随机码和所述第二公共密钥,计算出第三目标密钥;将所述第三目标密钥发送至所述待接入设备,以使所述待接入设备根据所述第二随机码和所述第一公共密钥,计算出第四目标密钥后,判定所述第三目标密钥与所述第四目标密钥是否相同,并在判定结果为相同时,向所述终端发送接入所述无线体域网的确认信息,否则,不发送接入所述无线体域网的确认信息。In the above technical solution, preferably, after the device to be accessed is allowed to access the wireless body area network constructed by the terminal, according to the second random code and the second public key, the third target key; sending the third target key to the device to be accessed, so that the device to be accessed can calculate a fourth target according to the second random code and the first public key determine whether the third target key is the same as the fourth target key, and when the determination result is the same, send confirmation information for accessing the wireless body area network to the terminal; otherwise, No confirmation information for accessing the wireless body area network is sent.
在该技术方案中,在终端根据第二随机码和第二公共密钥,计算出第三目标密钥后,可以将第三目标密钥传送至待接入设备,以使待接入设备根据第二随机码和第一公开密钥,计算出第四目标密钥后,将第四目标密钥与接收到的第三目标密钥进行比对,若比较结果为第三目标密钥与第四目标密钥相同,则待接入设备就会再次确认接入了正确的无线体域网,就会向终端发送确认信息,以完成接入,当然,当判断结果为第三目标密钥与第四目标密钥不相同时,说明待接入设备有可能误接入了错误的无线体域网,也即目前终端所构建的无线体域网并不是待接入设备真正需要接入的无线体域网,则该待接入设备就不会向终端发送确认信息,也不会接入该无线体域网,通过上述过程,可以实现待接入设备的接入认证过程的双向认证,提高待接入设备接入过程的准确性,这样不仅可以防止非法待接入设备接入当前终端构建的无线体域网,提高无线体域网接入安全性,又可以防止待接入设备误接入错误的无线体域网,从而提高待接入设备接入过程的准确性,当然,由于该双向认证过程不需要对待接入设备的类型进行限定,因此,该双向认证方法具有很高的通用性,适用于对各种类型的待接入设备进行安全认证。In this technical solution, after the terminal calculates the third target key according to the second random code and the second public key, it can transmit the third target key to the device to be accessed, so that the device to be accessed can use the The second random code and the first public key, after calculating the fourth target key, compare the fourth target key with the received third target key, if the comparison result is that the third target key and the first The four target keys are the same, and the device to be connected will confirm that it has connected to the correct wireless body area network again, and will send a confirmation message to the terminal to complete the access. Of course, when the judgment result is that the third target key is the same as When the fourth target key is different, it means that the device to be accessed may have mistakenly connected to the wrong wireless body area network, that is, the wireless body area network currently constructed by the terminal is not the wireless body area network that the device to be accessed actually needs to access. Body area network, the device to be connected will not send confirmation information to the terminal, nor will it access the wireless body area network. Through the above process, the two-way authentication of the access authentication process of the device to be connected can be realized, improving The accuracy of the access process of the equipment to be accessed can not only prevent illegal equipment to be accessed from accessing the wireless body area network constructed by the current terminal, improve the access security of the wireless body area network, but also prevent the equipment to be accessed from being mistakenly connected wrong wireless body area network, thereby improving the accuracy of the access process of the device to be accessed. Of course, since the two-way authentication process does not need to limit the type of the device to be accessed, the two-way authentication method has high versatility. It is suitable for security authentication of various types of devices to be connected.
在上述技术方案中,优选地,还包括:当所述待接入设备为所述终端允许接入的待接入设备时,所述第一公共密钥和所述第二公共密钥相同,以及所述待接入设备计算所述第一目标密钥和所述第四目标密钥时使用的算法与所述终端计算所述第二目标密钥和所述第三目标密钥时使用的算法相同。In the above technical solution, preferably, further comprising: when the device to be accessed is a device to be accessed that is permitted by the terminal, the first public key is the same as the second public key, And the algorithm used by the device to be accessed when calculating the first target key and the fourth target key is the same as the algorithm used by the terminal when calculating the second target key and the third target key The algorithm is the same.
在该技术方案中,通过向终端和终端允许接入的合法待接入设备预置相同的第一公共密钥和所述第二公共密钥,以及控制他们使用相同的加密算法,可以确保在待接入设备接入终端构建的无线体域网的过程中,唯有合法的待接入设备才能计算出与终端相同的目标密钥,进而顺利地通过无线体域网的接入安全认证,而非法待接入设备由于并不具备与终端相同的加密计算中不可以缺少的公共密钥,更不具备与终端相同的加密算法,因此,不可能计算出与终端相同的目标密钥,从而无法顺利地通过无线体域网的接入安全认证,无法接入终端构建的无线体域网,这样就可以实现最大程度地确保待接入设备接入无线体域网的安全性。其中,第一公开密钥和第二公开密钥包括但不限于:用户设定的口令、密码等。用以获得目标密钥的计算方法优选地采用密码学哈希函数。In this technical solution, by presetting the same first public key and the second public key to the terminal and the legal equipment to be accessed that the terminal is allowed to access, and controlling them to use the same encryption algorithm, it can be ensured that During the process of accessing the wireless body area network built by the terminal, only the legal waiting device can calculate the same target key as the terminal, and then successfully pass the access security authentication of the wireless body area network. However, because the illegal device to be accessed does not have the same public key as the terminal, and does not have the same encryption algorithm as the terminal, it is impossible to calculate the same target key as the terminal, thus Unable to successfully pass the access security authentication of the wireless body area network, and unable to access the wireless body area network constructed by the terminal, so as to ensure the security of the access device to the wireless body area network to the greatest extent. Wherein, the first public key and the second public key include but are not limited to: passwords, passwords, etc. set by users. The calculation method used to obtain the target key preferably adopts a cryptographic hash function.
在上述技术方案中,优选地,还包括:当所述终端允许或禁止所述待接入设备接入所述无线体域网时,发出提示信号;以及当所述待接入设备接入所述无线体域网后,所述终端与所述待接入设备通过WIFI、蓝牙、红外、NFC、有线网络、无线网络中的至少一种方式通信。In the above technical solution, preferably, it further includes: when the terminal allows or prohibits the device to be accessed from accessing the wireless body area network, sending a prompt signal; and when the device to be accessed accesses the wireless body area network After the wireless body area network, the terminal communicates with the device to be accessed through at least one of WIFI, Bluetooth, infrared, NFC, wired network, and wireless network.
在该技术方案中,通过向用户发送提示信息,使得用户了解当前待接入设备的接入状态,以对待接入设备的接入状态进行有效的监控。当然,还可以根据接入设备和终端当前所处的环境,为终端和接入设备选择更为便捷的通信方式,如WIFI、蓝牙、红外、NFC、有线网络、无线网络等。In this technical solution, by sending prompt information to the user, the user is made aware of the current access status of the device to be accessed, so as to effectively monitor the access status of the device to be accessed. Of course, you can also choose a more convenient communication method for the terminal and the access device according to the current environment of the access device and the terminal, such as WIFI, Bluetooth, infrared, NFC, wired network, wireless network, etc.
在上述技术中,优选地,上述任一项技术方案中的设备接入的处理方法,所述待接入设备包括:普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备中的至少一种设备。In the above technologies, preferably, in the processing method of device access in any of the above technical solutions, the device to be connected includes: at least one of ordinary mobile devices, wearable devices, wearable sensors and medical devices kind of equipment.
在该技术方案中,待接入设备包括但不限于普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备,所有可以通过无线体域网与终端进行通信,以提高用户便利性的设备均可。In this technical solution, the devices to be accessed include but are not limited to ordinary mobile devices, wearable devices, wearable sensors and medical devices, and all devices that can communicate with terminals through wireless body area networks to improve user convenience are Can.
图2示出了根据本发明的一个实施例的设备接入的处理装置的示意框图。Fig. 2 shows a schematic block diagram of an apparatus for processing device access according to an embodiment of the present invention.
如图2所示,根据本发明的一个实施例的设备接入的处理装置200,包括:发送单元202,当终端接收到来自待接入设备的设备接入请求时,向所述待接入设备发送第一随机码,以使所述待接入设备接收到所述第一随机码后,根据所述第一随机码、预存储的第二随机码和预存储的第一公共密钥,计算出第一目标密钥,并将所述第一目标密钥发送至所述终端;接收单元204,接收来自所述待接入设备的所述第二随机码和所述第一目标密钥;计算单元206,根据所述第一随机码、所述第二随机码和预存储的第二公共密钥,计算出第二目标密钥;判断单元,判断所述第二目标密钥与所述第一目标密钥是否相同;处理单元208,在判断结果为是时,允许所述待接入设备接入所述终端构建的无线体域网,否则,禁止所述待接入设备接入所述终端构建的无线体域网。As shown in FIG. 2, the device access processing device 200 according to an embodiment of the present invention includes: a sending unit 202, when the terminal receives a device access request from a device to be accessed, The device sends the first random code, so that after the device to be accessed receives the first random code, according to the first random code, the pre-stored second random code, and the pre-stored first public key, Calculate the first target key, and send the first target key to the terminal; the receiving unit 204 receives the second random code and the first target key from the device to be accessed The calculation unit 206 calculates the second target key according to the first random code, the second random code and the pre-stored second public key; the judging unit judges the relationship between the second target key and the Whether the first target key is the same; the processing unit 208, when the judgment result is yes, allows the device to be accessed to access the wireless body area network constructed by the terminal, otherwise, prohibits the device to be accessed to access The wireless body area network constructed by the terminal.
在该技术方案中,通过向待接入设备发送一个第一随机码,可以使待接入设备根据第一随机码、预存储的第二随机码和第一公开密钥,按照自身的加密算法计算出一个第一目标密钥,并将第一目标密钥发送至终端,这样,终端就可以根据第一随机码、预存储的第二随机码和第二公开密钥,按照自身的算法计算出一个第二目标密码,并与所接收到的第一目标密钥进行比对,以根据判断结果判断该待接入设备是否为终端允许接入的合法设备,若是,则允许该待接入设备接入终端构建的无线体域网,否则,说明该待接入设备是非法设备,会对无线体域网的安全性带来威胁,则禁止该待接入设备接入终端构建的无线体域网,从而实现通过简单的、计算量较低的加密算法就可以高效地完成对待接入设备进入无线体域网的安全认证,可以有效地避免非法待接入设备接入终端构建的无线体域网而对该无线体域网造成破坏。In this technical solution, by sending a first random code to the device to be accessed, the device to be accessed can be encrypted according to its own encryption algorithm according to the first random code, the pre-stored second random code and the first public key. Calculate a first target key, and send the first target key to the terminal, so that the terminal can calculate according to its own algorithm according to the first random code, the pre-stored second random code and the second public key Generate a second target password, and compare it with the received first target key to judge whether the device to be accessed is a legal device that the terminal allows access according to the judgment result, and if so, allow the device to be accessed Otherwise, it means that the device to be connected is an illegal device, which will pose a threat to the security of the wireless body area network, and the device to be connected is prohibited from accessing the wireless body area network built by the terminal. In this way, the security authentication of the device to be accessed into the wireless body area network can be efficiently completed through a simple encryption algorithm with a low amount of calculation, which can effectively prevent the wireless body area network constructed by the illegal device to be accessed from accessing the terminal. area network and cause damage to the wireless body area network.
在上述技术方案中,优选地,所述计算单元206还用于:在允许所述待接入设备接入所述终端构建的无线体域网之后,根据所述第二随机码和所述第二公共密钥,计算出第三目标密钥;所述发送单元还用于:将所述第三目标密钥发送至所述待接入设备,以使所述待接入设备根据所述第二随机码和所述第一公共密钥,计算出第四目标密钥后,判定所述第三目标密钥与所述第四目标密钥是否相同,并在判定结果为相同时,向所述终端发送接入所述无线体域网的确认信息,否则,不发送接入所述无线体域网的确认信息。In the above technical solution, preferably, the calculation unit 206 is further configured to: after allowing the device to be accessed to access the wireless body area network constructed by the terminal, according to the second random code and the first Two public keys are used to calculate a third target key; the sending unit is further configured to: send the third target key to the device to be accessed, so that the device to be accessed is configured according to the first Two random codes and the first public key, after calculating the fourth target key, determine whether the third target key is the same as the fourth target key, and when the result of the determination is the same, report to the The terminal sends confirmation information for accessing the wireless body area network, otherwise, does not send confirmation information for accessing the wireless body area network.
在该技术方案中,在终端根据第二随机码和第二公共密钥,计算出第三目标密钥后,可以将第三目标密钥传送至待接入设备,以使待接入设备根据第二随机码和第一公开密钥,计算出第四目标密钥后,将第四目标密钥与接收到的第三目标密钥进行比对,若比较结果为第三目标密钥与第四目标密钥相同,则待接入设备就会再次确认接入了正确的无线体域网,就会向终端发送确认信息,以完成接入,当然,当判断结果为第三目标密钥与第四目标密钥不相同时,说明待接入设备有可能误接入了错误的无线体域网,也即目前终端所构建的无线体域网并不是待接入设备真正需要接入的无线体域网,则该待接入设备就不会向终端发送确认信息,也不会接入该无线体域网,通过上述过程,可以实现待接入设备的接入认证过程的双向认证,提高待接入设备接入过程的准确性,这样不仅可以防止非法待接入设备接入当前终端构建的无线体域网,提高无线体域网接入安全性,又可以防止待接入设备误接入错误的无线体域网,从而提高待接入设备接入过程的准确性,当然,由于该双向认证过程不需要对待接入设备的类型进行限定,因此,该双向认证方法具有很高的通用性,适用于对各种类型的待接入设备进行安全认证。In this technical solution, after the terminal calculates the third target key according to the second random code and the second public key, it can transmit the third target key to the device to be accessed, so that the device to be accessed can use the The second random code and the first public key, after calculating the fourth target key, compare the fourth target key with the received third target key, if the comparison result is that the third target key and the first The four target keys are the same, and the device to be connected will confirm that it has connected to the correct wireless body area network again, and will send a confirmation message to the terminal to complete the access. Of course, when the judgment result is that the third target key is the same as When the fourth target key is different, it means that the device to be accessed may have mistakenly connected to the wrong wireless body area network, that is, the wireless body area network currently constructed by the terminal is not the wireless body area network that the device to be accessed actually needs to access. Body area network, the device to be connected will not send confirmation information to the terminal, nor will it access the wireless body area network. Through the above process, the two-way authentication of the access authentication process of the device to be connected can be realized, improving The accuracy of the access process of the equipment to be accessed can not only prevent illegal equipment to be accessed from accessing the wireless body area network constructed by the current terminal, improve the access security of the wireless body area network, but also prevent the equipment to be accessed from being mistakenly connected wrong wireless body area network, thereby improving the accuracy of the access process of the device to be accessed. Of course, since the two-way authentication process does not need to limit the type of the device to be accessed, the two-way authentication method has high versatility. It is suitable for security authentication of various types of devices to be connected.
在上述技术方案中,优选地,还包括:当所述待接入设备为所述终端允许接入的待接入设备时,所述第一公共密钥和所述第二公共密钥相同,以及所述待接入设备计算所述第一目标密钥和所述第四目标密钥时使用的算法与所述终端计算所述第二目标密钥和所述第三目标密钥时使用的算法相同。In the above technical solution, preferably, further comprising: when the device to be accessed is a device to be accessed that is permitted by the terminal, the first public key is the same as the second public key, And the algorithm used by the device to be accessed when calculating the first target key and the fourth target key is the same as the algorithm used by the terminal when calculating the second target key and the third target key The algorithm is the same.
在该技术方案中,通过向终端和终端允许接入的合法待接入设备预置相同的第一公共密钥和所述第二公共密钥,以及控制他们使用相同的加密算法,可以确保在待接入设备接入终端构建的无线体域网的过程中,唯有合法的待接入设备才能计算出与终端相同的目标密钥,进而顺利地通过无线体域网的接入安全认证,而非法待接入设备由于并不具备与终端相同的加密计算中不可以缺少的公共密钥,更不具备与终端相同的加密算法,因此,不可能计算出与终端相同的目标密钥,从而无法顺利地通过无线体域网的接入安全认证,无法接入终端构建的无线体域网,这样就可以实现最大程度地确保待接入设备接入无线体域网的安全性。其中,第一公开密钥和第二公开密钥包括但不限于:用户设定的口令、密码等。用以获得目标密钥的计算方法优选地采用密码学哈希函数。In this technical solution, by presetting the same first public key and the second public key to the terminal and the legal equipment to be accessed that the terminal is allowed to access, and controlling them to use the same encryption algorithm, it can be ensured that During the process of accessing the wireless body area network built by the terminal, only the legal waiting device can calculate the same target key as the terminal, and then successfully pass the access security authentication of the wireless body area network. However, because the illegal device to be accessed does not have the same public key as the terminal, and does not have the same encryption algorithm as the terminal, it is impossible to calculate the same target key as the terminal, thus Unable to successfully pass the access security authentication of the wireless body area network, and unable to access the wireless body area network constructed by the terminal, so as to ensure the security of the access device to the wireless body area network to the greatest extent. Wherein, the first public key and the second public key include but are not limited to: passwords, passwords, etc. set by users. The calculation method used to obtain the target key preferably adopts a cryptographic hash function.
在上述技术方案中,优选地,还包括:提示单元210,当所述终端允许或禁止所述待接入设备接入所述无线体域网时,发出提示信号;以及控制单元212,当所述待接入设备接入所述无线体域网后,控制所述终端与所述待接入设备通过WIFI、蓝牙、红外、NFC、有线网络、无线网络中的至少一种方式通信。In the above technical solution, preferably, further comprising: a prompt unit 210, sending a prompt signal when the terminal allows or prohibits the device to be accessed from accessing the wireless body area network; and a control unit 212, when the After the device to be accessed accesses the wireless body area network, control the terminal to communicate with the device to be accessed through at least one of WIFI, Bluetooth, infrared, NFC, wired network, and wireless network.
在该技术方案中,通过向用户发送提示信息,使得用户了解当前待接入设备的接入状态,以对待接入设备的接入状态进行有效的监控。当然,还可以根据接入设备和终端当前所处的环境,为终端和接入设备选择更为便捷的通信方式,如WIFI、蓝牙、红外、NFC、有线网络、无线网络等。In this technical solution, by sending prompt information to the user, the user is made aware of the current access status of the device to be accessed, so as to effectively monitor the access status of the device to be accessed. Of course, you can also choose a more convenient communication method for the terminal and the access device according to the current environment of the access device and the terminal, such as WIFI, Bluetooth, infrared, NFC, wired network, wireless network, etc.
在上述技术方案中,优选地,所述待接入设备包括:普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备中的至少一种设备。In the above technical solution, preferably, the device to be accessed includes: at least one device among ordinary mobile devices, wearable devices, wearable sensors and medical devices.
在该技术方案中,待接入设备包括但不限于普通移动设备、可穿戴设备、可穿戴式传感器和医疗设备,所有可以通过无线体域网与终端进行通信,以提高用户便利性的设备均可。In this technical solution, the devices to be accessed include but are not limited to ordinary mobile devices, wearable devices, wearable sensors and medical devices, and all devices that can communicate with terminals through wireless body area networks to improve user convenience are Can.
图3示出了根据本发明的一个实施例的终端的结构示意图。Fig. 3 shows a schematic structural diagram of a terminal according to an embodiment of the present invention.
如图3所示,根据本发明的一个实施例的终端300,包括如上述技术方案中任一项所述的设备接入的处理装置200,因此,该终端具有和上述技术方案中任一项所述的设备接入的处理装置200相同的技术效果,在此不再赘述。As shown in FIG. 3, a terminal 300 according to an embodiment of the present invention includes a device access processing device 200 according to any one of the above technical solutions, therefore, the terminal has the same The technical effect of the processing apparatus 200 for device access described above is the same, and will not be repeated here.
图4示出了根据本发明的一个实施例的WBAN的结构示意图;图5示出了根据本发明的另一个实施例的设备接入的处理方法的流程示意图;图6示出了根据本发明的一个实施例的主站配置的流程示意图;图7示出了根据本发明的一个实施例的待接入设备配置的流程示意图;图8示出了根据本发明的一个实施例的主站与待接入设备之间双向认证过程的流程示意图。Fig. 4 shows a schematic structural diagram of a WBAN according to an embodiment of the present invention; Fig. 5 shows a schematic flowchart of a processing method for device access according to another embodiment of the present invention; Fig. 6 shows Fig. 7 shows a schematic flow diagram of configuration of a device to be accessed according to an embodiment of the present invention; Fig. 8 shows a schematic flow diagram of a master station and a device according to an embodiment of the present invention Schematic flow chart of the two-way authentication process between devices to be connected.
下面结合图4至图8,对本发明的技术方案作进一步说明。The technical solution of the present invention will be further described below with reference to FIG. 4 to FIG. 8 .
如图4所示,根据本发明的一个实施例的WBAN的结构,WBAN是附着在人体上的一种网络,由一套小巧可移动、具有通信功能的传感器和一个身体主站组成。身体主站通常为智能手机、平板电脑等计算、存储能力较强的设备。另外,本实施例的设备接入的处理方案包括三个流程:待接入设备的大体接入流程(如图5所示):主站配置流程(如图6所示)、待接入设备配置流程(如图7所示)、待接入设备的接入认证流程(如图8所示)。该方案使用的参数和符号包括:h:密码学哈希函数;s:秘密值即公开密钥,包含但不限于用户设定的口令、密码之类的值。以下对上述三个流程具体说明:As shown in Fig. 4, according to the structure of the WBAN according to an embodiment of the present invention, the WBAN is a network attached to the human body, consisting of a set of small and movable sensors with communication functions and a body master station. The body master station is usually a smart phone, tablet computer and other devices with strong computing and storage capabilities. In addition, the device access processing scheme of this embodiment includes three processes: the general access process of the device to be accessed (as shown in Figure 5): the master station configuration process (as shown in Figure 6), the device to be accessed The configuration process (as shown in Figure 7), and the access authentication process of the device to be connected (as shown in Figure 8). The parameters and symbols used in this scheme include: h: cryptographic hash function; s: secret value or public key, including but not limited to values such as passwords and passwords set by users. The following is a detailed description of the above three processes:
待接入设备的大体接入流程,包括:The general access process of the device to be connected, including:
步骤502,对主站(通常为智能手机、平板电脑等计算、存储能力较强的移动设备)进行配置,即为主站配置必要的认证参数;Step 502, configure the master station (usually smart phones, tablet computers and other mobile devices with strong computing and storage capabilities), that is, configure the master station with necessary authentication parameters;
步骤504,对待接入设备进行配置;Step 504, configuring the device to be accessed;
步骤506,对待接入设备进行安全认证。Step 506, performing security authentication on the device to be accessed.
主站配置流程,具体包含以下步骤:The master station configuration process includes the following steps:
步骤602,用户为主站输入秘密值s。Step 602, the user inputs a secret value s for the master station.
步骤604,主站执行其他必要的WBAN参数,以完成初始化操作。Step 604, the master station executes other necessary WBAN parameters to complete the initialization operation.
待接入设备配置,具体包含以下步骤:The configuration of the device to be connected includes the following steps:
步骤702,在确定要接入到当前身体主站的WBAN时,用户为待接入设备输入与主站配置过程中相同的秘密值s。Step 702, when determining to access the WBAN of the current body master station, the user inputs the same secret value s as in the configuration process of the master station for the device to be connected.
步骤704,待接入设备执行其他必要的WBAN参数,以完成初始化。Step 704, the device to be accessed executes other necessary WBAN parameters to complete initialization.
接入认证流程如下:The access authentication process is as follows:
在完成上述的主站配置和待接入设备配置后,开始进行接入认证,接入认证过程共涉及三条消息交互,如图8所示:当身体主站接收到待接入设备发送的设备接入请求时,身体主站选取一随机码a,并发送随机码a至待接入设备,待接入设备根据接收到的随机码a、预存的随机码b及秘密值s,采用密码学哈希函数计算获得目标密钥c1(c1=h(a,b,s))即第一目标密钥,并将第一目标密钥c1及随机码b发送至身体主站,同时身体主站根据自身的随机码a、接收到的随机码b及自身的秘密值s,采用密码学哈希函数计算获得目标密钥c2(c2=h(a,b,s))即第二目标密钥,身体主站通过判断计算所得的第二目标密钥c2与接收到的第一目标密钥c1是否相同,在判断c1与c2不相同时,禁止待接入设备接入WBAN;在判断c1与c2相同时,允许待接入设备接入WBAN,以完成对待接入设备身份的认证(在本实施例中,由于待接入设备与身体主体具有相同的加密计算中不可以缺少的公共密钥和相同的加密算法,因此,该待接入设备是身体主体允许接入的合法设备,c1与c2相同)。在允许待接入设备接入身体主站构建的无线体域网之后,身体主站根据获得的随机码b及自身的秘密值s,采用密码学哈希函数计算获得目标密钥d1(d1=h(b,s))即第三目标密钥,并将第三目标密钥d1发送至待接入设备,同时待接入设备根据自身随机码b及自身秘密值s,采用密码学哈希函数计算获得目标密钥d2(d2=h(b,s))即第四目标密钥,待接入设备通过判断计算获得第四目标密钥d2与接收到的第三目标密钥d1是否相同,在判断d1与d2相同时,待接入设备就会再次确认接入了正确的无线体域网,就会向终端发送确认信息,以完成接入,当然,在判断d1与d2不相同时,说明待接入设备有可能误接入了错误的无线体域网,也即目前身体主站所构建的无线体域网并不是待接入设备真正需要接入的无线体域网,则该待接入设备就不会向终端发送确认信息,也不会接入该无线体域网,以完成对身体主站身份的认证,从而实现身体主站和待接入设备之间的双向认证(当然,在本实施例中,由于待接入设备与身体主体具有相同的加密计算中不可以缺少的公共密钥和相同的加密算法,因此,该待接入设备是身体主体允许接入的合法设备,d1与d2相同)。After completing the above configuration of the master station and the configuration of the device to be accessed, the access authentication is started. The access authentication process involves three message interactions, as shown in Figure 8: When the master station of the body receives the device sent by the device to be accessed When accessing the request, the body master station selects a random code a, and sends the random code a to the device to be accessed, and the device to be accessed uses the cryptographic Calculate the hash function to obtain the target key c1 (c1=h(a, b, s)), that is, the first target key, and send the first target key c1 and the random code b to the body master station, and the body master station According to its own random code a, the received random code b and its own secret value s, the target key c2 (c2=h(a, b, s)) is obtained through cryptographic hash function calculation, which is the second target key , the body master station judges whether the calculated second target key c2 is the same as the received first target key c1. When c2 is the same, the device to be accessed is allowed to access the WBAN to complete the authentication of the identity of the device to be accessed (in this embodiment, since the device to be accessed and the body subject have the same public key that is indispensable in the encryption calculation and the same encryption algorithm, therefore, the device to be accessed is a legal device allowed by the body subject, c1 and c2 are the same). After allowing the device to be accessed to access the wireless body area network constructed by the body master station, the body master station calculates and obtains the target key d1 (d1= h(b, s)) is the third target key, and the third target key d1 is sent to the device to be accessed, and the device to be accessed uses cryptographic hashing according to its own random code b and its own secret value s The function calculation obtains the target key d2 (d2=h(b, s)), that is, the fourth target key, and the device to be accessed judges whether the calculated fourth target key d2 is the same as the received third target key d1 , when it is judged that d1 and d2 are the same, the device to be connected will reconfirm that it has connected to the correct wireless body area network, and will send a confirmation message to the terminal to complete the access. Of course, when it is judged that d1 is not the same as d2 , indicating that the device to be connected may have mistakenly connected to the wrong wireless body area network, that is, the wireless body area network constructed by the current body master station is not the wireless body area network that the device to be connected really needs to access, then the The device to be connected will not send confirmation information to the terminal, nor will it access the wireless body area network to complete the authentication of the identity of the body master station, thereby realizing two-way authentication between the body master station and the device to be connected ( Of course, in this embodiment, since the device to be accessed has the same public key and the same encryption algorithm that are indispensable in encryption calculations as the body subject, the device to be accessed is a legal system that the body subject allows access to. device, d1 is the same as d2).
在上述设备接入的处理方案的具体流程中,通过向身体主站和身体主站允许接入的合法待接入设备预置相同的秘密值s,以及控制他们使用相同的加密算法密码学哈希函数h,可以确保在待接入设备接入终端构建的无线体域网的过程中,唯有合法的待接入设备才能计算出与终端相同的目标密钥,进而顺利地通过无线体域网的接入安全认证,而非法待接入设备由于并不具备与终端相同的加密计算中不可以缺少的公共密钥,更不具备与身体主站相同的加密算法,因此,不可能计算出与身体主站相同的目标密钥,从而无法顺利地通过无线体域网的接入安全认证,无法接入身体主站构建的无线体域网,这样就可以实现最大程度地确保待接入设备接入无线体域网的安全性。In the specific flow of the processing scheme for the above-mentioned device access, by presetting the same secret value s to the body master station and legal devices to be accessed by the body master station, and controlling them to use the same encryption algorithm cryptographic hash The Greek function h can ensure that only the legitimate device to be accessed can calculate the same target key as the terminal when the device to be accessed accesses the wireless body area network constructed by the terminal, and then pass through the wireless body area network smoothly. Network access security authentication, and the illegal access equipment does not have the same public key as the terminal and the same encryption algorithm as the body master station, so it is impossible to calculate The same target key as the main station of the body, so that it cannot pass the access security authentication of the wireless body area network smoothly, and cannot access the wireless body area network built by the main station of the body, so that the device to be accessed can be guaranteed to the greatest extent Security for accessing wireless body area networks.
以上结合附图详细说明了本发明的技术方案,本发明提出了一种新的设备接入的处理方案,该方案通用、计算量低、且能高效地对无线体域网中的接入设备进行安全认证。The technical scheme of the present invention has been described in detail above in conjunction with the accompanying drawings. The present invention proposes a new processing scheme for device access, which is universal, low in calculation, and can efficiently control the access equipment in the wireless body area network. Perform security authentication.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. For those skilled in the art, the present invention may have various modifications and changes. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the protection scope of the present invention.
Claims (11)
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510184781.9A CN105636032B (en) | 2015-04-17 | 2015-04-17 | equipment access processing method, equipment access processing device and terminal |
| PCT/CN2015/078021 WO2016165165A1 (en) | 2015-04-17 | 2015-04-30 | Device access processing method, device access processing apparatus and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510184781.9A CN105636032B (en) | 2015-04-17 | 2015-04-17 | equipment access processing method, equipment access processing device and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105636032A true CN105636032A (en) | 2016-06-01 |
| CN105636032B CN105636032B (en) | 2019-12-10 |
Family
ID=56050422
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510184781.9A Active CN105636032B (en) | 2015-04-17 | 2015-04-17 | equipment access processing method, equipment access processing device and terminal |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105636032B (en) |
| WO (1) | WO2016165165A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106792667A (en) * | 2016-12-23 | 2017-05-31 | 北京光年无限科技有限公司 | A kind of network access verifying method and robot for robot |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR102477582B1 (en) * | 2019-09-20 | 2022-12-14 | 센젠 인스티튜트스 오브 어드밴스트 테크놀로지, 차이니즈 아카데미 오브 사이언시스 | Wireless body area network key distribution device, wireless body area network key generation method, wireless body area network distribution method and related devices |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020073322A1 (en) * | 2000-12-07 | 2002-06-13 | Dong-Gook Park | Countermeasure against denial-of-service attack on authentication protocols using public key encryption |
| CN1665183A (en) * | 2005-03-23 | 2005-09-07 | 西安电子科技大学 | Key Agreement Method in WAPI Authentication Mechanism |
| CN101378320A (en) * | 2008-09-27 | 2009-03-04 | 北京数字太和科技有限责任公司 | Authentication method and system |
| CN102118387A (en) * | 2010-01-04 | 2011-07-06 | Tata咨询服务有限公司 | System and method for secure transaction of data between wireless communication device and server |
| CN103338448A (en) * | 2013-06-07 | 2013-10-02 | 国家电网公司 | Wireless local area network security communication method based on quantum key distribution |
| CN104486759A (en) * | 2014-12-15 | 2015-04-01 | 北京极科极客科技有限公司 | Method accessing wireless network without obstacle |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100370772C (en) * | 2004-06-04 | 2008-02-20 | 华为技术有限公司 | A method for wireless local area network mobile terminal access |
-
2015
- 2015-04-17 CN CN201510184781.9A patent/CN105636032B/en active Active
- 2015-04-30 WO PCT/CN2015/078021 patent/WO2016165165A1/en not_active Ceased
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020073322A1 (en) * | 2000-12-07 | 2002-06-13 | Dong-Gook Park | Countermeasure against denial-of-service attack on authentication protocols using public key encryption |
| CN1665183A (en) * | 2005-03-23 | 2005-09-07 | 西安电子科技大学 | Key Agreement Method in WAPI Authentication Mechanism |
| CN101378320A (en) * | 2008-09-27 | 2009-03-04 | 北京数字太和科技有限责任公司 | Authentication method and system |
| CN102118387A (en) * | 2010-01-04 | 2011-07-06 | Tata咨询服务有限公司 | System and method for secure transaction of data between wireless communication device and server |
| CN103338448A (en) * | 2013-06-07 | 2013-10-02 | 国家电网公司 | Wireless local area network security communication method based on quantum key distribution |
| CN104486759A (en) * | 2014-12-15 | 2015-04-01 | 北京极科极客科技有限公司 | Method accessing wireless network without obstacle |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106792667A (en) * | 2016-12-23 | 2017-05-31 | 北京光年无限科技有限公司 | A kind of network access verifying method and robot for robot |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105636032B (en) | 2019-12-10 |
| WO2016165165A1 (en) | 2016-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10651984B2 (en) | Method for controlling access to an in-vehicle wireless network | |
| EP3308519B1 (en) | System, apparatus and method for transferring ownership of a device from manufacturer to user using an embedded resource | |
| CN204948095U (en) | Authenticate device and the mutual system guaranteeing between application program and user | |
| US8745392B2 (en) | Two-way authentication between two communication endpoints using a one-way out-of band (OOB) channel | |
| US9807610B2 (en) | Method and apparatus for seamless out-of-band authentication | |
| EP3420677B1 (en) | System and method for service assisted mobile pairing of password-less computer login | |
| CN104579668B (en) | The verification method and cipher protection apparatus and verifying system of a kind of user identity | |
| US20160066184A1 (en) | Pairing Computing Devices According To A Multi-Level Security Protocol | |
| KR20160097323A (en) | Near field communication authentication mechanism | |
| WO2015120373A1 (en) | Assisted device provisioning in a network | |
| CN110545252B (en) | A method, terminal, control function entity and application server for authentication and information protection | |
| JP6284088B2 (en) | Identity verification and anti-theft system and method using a one-time random key | |
| CN104488302B (en) | Wireless connection authentication method and server | |
| EP3668120A1 (en) | Hearing device with service mode and related method | |
| US11461165B2 (en) | Techniques for repairing an inoperable auxiliary device using another device | |
| WO2016188053A1 (en) | Wireless network access method, device, and computer storage medium | |
| CN111404933B (en) | Authentication method, electronic equipment and authentication server | |
| CN105636032B (en) | equipment access processing method, equipment access processing device and terminal | |
| CN107950003A (en) | Dual user certification | |
| KR20240175040A (en) | Method for operating a security system in an environment where a user information receiving device and a key security device are distinguished | |
| DK201470778A1 (en) | Hearing device with service mode and related method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20250704 Address after: 101200 North Street, Hanzhuang Town, Jinhai Lake, Pinggu District, Beijing - 232109 (Cluster Registration) Patentee after: Beijing Longchuang Yongyue Technology Co.,Ltd. Country or region after: China Address before: 518040 Guangdong city in Shenzhen Province, Che Kung Temple Tian An Digital City, the innovation and Technology Square, B Building 8 floor Patentee before: YULONG COMPUTER TELECOMMUNICATION SCIENTIFIC (SHENZHEN) Co.,Ltd. Country or region before: China |
|
| TR01 | Transfer of patent right |