[go: up one dir, main page]

WO2017016065A1 - Smart home system equipment authentication method and apparatus - Google Patents

Smart home system equipment authentication method and apparatus Download PDF

Info

Publication number
WO2017016065A1
WO2017016065A1 PCT/CN2015/091334 CN2015091334W WO2017016065A1 WO 2017016065 A1 WO2017016065 A1 WO 2017016065A1 CN 2015091334 W CN2015091334 W CN 2015091334W WO 2017016065 A1 WO2017016065 A1 WO 2017016065A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal device
fingerprint data
user fingerprint
authentication
decrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2015/091334
Other languages
French (fr)
Chinese (zh)
Inventor
郭靖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Original Assignee
Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yulong Computer Telecommunication Scientific Shenzhen Co Ltd filed Critical Yulong Computer Telecommunication Scientific Shenzhen Co Ltd
Publication of WO2017016065A1 publication Critical patent/WO2017016065A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B15/00Systems controlled by a computer
    • G05B15/02Systems controlled by a computer electric
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/26Pc applications
    • G05B2219/2642Domotique, domestic, home control, automation, smart house

Definitions

  • the invention relates to the field of smart homes, in particular to a device authentication method and device for a smart home system.
  • Smart home is a residential platform, using integrated wiring technology, network communication technology, security technology, automatic control technology, audio and video technology to integrate home life related facilities, and build an efficient management system for residential facilities and family schedules. Improve home safety, convenience, comfort, and artistry, and achieve an environmentally friendly and energy-saving living environment.
  • the smart home system may include a terminal device, an intelligent routing device, and a smart home device, and the smart home device includes a smart door lock, a smart refrigerator, a smart television, a smart air conditioner, or a smart washing machine, and the terminal device includes a smart terminal device such as a mobile phone, a computer, and a notebook.
  • the terminal device and the smart home device are connected to the intelligent routing device, and the terminal device controls and manages the smart home device through the intelligent routing device.
  • the terminal equipment In order to ensure the security of the smart home system, the terminal equipment needs to be authenticated to control the smart home equipment.
  • the terminal device In the existing smart home system security authentication technology, the terminal device is usually authenticated by setting a password or an access password, that is, the terminal inputs a password or a password, and matches the password or access password stored in the smart home device, and the technical solution
  • the security is low, and once the password or password is cracked by the criminals, the consequences are unimaginable.
  • the embodiment of the invention discloses a device authentication method and device for a smart home system, which can greatly improve the security of the smart home system, thereby preventing illegal users and terminals from intruding into the smart home system.
  • a first aspect of the embodiments of the present invention provides a device authentication method for a smart home system, including:
  • IMEI International Mobility Equipment Identity
  • the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control Message.
  • the encrypting the user fingerprint data and the IMEI by using the stored first authentication key and an encryption algorithm including:
  • the sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm.
  • the method After the storing the user fingerprint data, the authentication key, and the encryption algorithm, the method also includes:
  • the terminal device authentication When receiving the smart home control command input by the user, determining whether it is within the access period T, if within the access period T, generating a control message sent to the smart home device according to the smart home control command If it is not within the access period T of the terminal, the terminal device authentication is ended.
  • the method further includes:
  • the stored user fingerprint data is deleted after the access period T.
  • a second aspect of the embodiments of the present invention provides a device authentication method for a smart home system, which is used in a smart home device, and includes:
  • the terminal device If the decrypted IMEI passes the check, and the decrypted first user fingerprint data passes the check, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;
  • the terminal device fails to be authenticated, and the user's control is not performed according to the control message in the authentication data. command.
  • the verifying the decrypted IMEI includes:
  • the verifying the decrypted first user fingerprint data includes:
  • the method further includes:
  • the method further includes:
  • the terminal authentication succeeds, if the decryption After the first user fingerprint data fails the verification, the terminal device authentication fails.
  • the method further includes:
  • the second user fingerprint data of the stored terminal device is deleted after the access period T of the terminal device.
  • a third aspect of the embodiments of the present invention provides a terminal device, including:
  • a receiving unit configured to acquire first user fingerprint data
  • a processing unit configured to set a first authentication key and a first encryption algorithm, and store first user fingerprint data, the first authentication key, and an encryption algorithm acquired by the receiving unit;
  • the receiving unit is further configured to receive a smart home control command input by the user, and generate a control message sent to the smart home device according to the smart home control command;
  • the processing unit is further configured to use the stored first authentication key and an encryption algorithm to Encrypting the first user fingerprint data and the IMEI of the terminal device;
  • a sending unit configured to send the authentication data to the smart home device, to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, and the encrypted IMEI and the control message.
  • the processing unit is specifically configured to:
  • the sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm.
  • the processing unit is further configured to:
  • the receiving unit When the receiving unit receives the smart home control command input by the user, determining whether it is within the access period T, if it is within the access period T, generating and transmitting to the smart home according to the smart home control command The control message of the device; if not within the access period T of the terminal, the terminal device authentication is ended.
  • the processing unit is further configured to:
  • the stored user fingerprint data is deleted after the access period T.
  • a fourth aspect of the embodiments of the present invention provides a smart home device, including:
  • a receiving unit configured to acquire second user fingerprint data of the terminal device
  • a processing unit configured to set a second authentication key and a decryption algorithm of the terminal device, and store an IMEI of the terminal device, second user fingerprint data acquired by the receiving unit, the second authentication key, and a decryption algorithm;
  • the receiving unit is further configured to receive authentication data sent by the terminal device
  • the processing unit is further configured to:
  • Sending to the terminal device by using a second authentication key and a decryption algorithm of the stored terminal device Decrypting the first user fingerprint data and the IMEI in the sent authentication data;
  • the terminal device If the decrypted IMEI passes the check, and the decrypted first user fingerprint data passes the check, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;
  • the terminal device fails to be authenticated, and the user's control is not performed according to the control message in the authentication data. command.
  • the processing unit is specifically configured to:
  • the processing unit is specifically configured to:
  • the processing unit is further configured to:
  • the terminal authentication succeeds, if the decryption After the first user fingerprint data fails the verification, the terminal device authentication fails.
  • the processing unit is further configured to:
  • the second user fingerprint data of the stored terminal device is deleted after the access period T of the terminal device.
  • the technical solution provided by the embodiment of the present invention enables the terminal device and the smart home device to respectively acquire and store the first user fingerprint data and the second user fingerprint data of the terminal device, and the terminal uses the first smart home control command input by the user.
  • the authentication key and the encryption algorithm encrypt the first user fingerprint data and the IMEI of the terminal device, and send the encrypted data and the smart home control message as authentication data to the smart home device, and the smart home device uses the authentication data.
  • the second authentication key and the decryption algorithm perform decryption, and use the stored second fingerprint data and the IMEI to check the first user fingerprint data and the IMEI in the authentication data to implement terminal authentication.
  • the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism.
  • the terminal device authentication is started, that is, the authentication data is sent to the smart home device, otherwise the terminal device authentication is cancelled, and if the smart home device is accessed, After receiving the authentication data of the terminal within the time limit T, the terminal device is authenticated, otherwise the terminal device authentication fails, which can effectively control the access rights of the terminal device, and further enhance the security of the smart home system.
  • FIG. 1 is a schematic structural diagram of a smart home system according to an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of a device authentication method of a smart home system according to Embodiment 1 of the present invention
  • FIG. 3 is a schematic flowchart of a device authentication method of a smart home system according to Embodiment 2 of the present invention.
  • FIG. 4 is a schematic flowchart of a device authentication method of a smart home system according to Embodiment 3 of the present invention.
  • FIG. 5 is a schematic flowchart of another device authentication method of a smart home system according to Embodiment 4 of the present invention.
  • FIG. 6 is a schematic structural diagram of a terminal device according to Embodiment 5 of the present invention.
  • FIG. 7 is a schematic structural diagram of a smart home device according to Embodiment 6 of the present invention.
  • FIG. 8 is a schematic structural diagram of another terminal device according to Embodiment 7 of the present invention.
  • FIG. 9 is a schematic structural diagram of another smart home device according to Embodiment 8 of the present invention.
  • FIG. 1 is a schematic structural diagram of a smart home system.
  • the smart home system includes a terminal device 11 , an intelligent routing device 12 , and a smart home device 13 , and the smart home device 13 can be a smart door lock.
  • Intelligent appliances such as smart refrigerators, smart TVs, smart air conditioners or smart washing machines that can be managed by the terminal device 11, and the terminal devices include mobile phones, tablet computers, notebook computers, handheld computers, mobile internet devices (MIDs), etc. Equipment for home control functions.
  • MIDs mobile internet devices
  • the terminal device 11, the smart home device 13 and the intelligent routing device 12 are connected through a wireless network, for example, via a wireless local area network (WiFi) or Bluetooth connection, and the terminal device 11 controls and manages the smart home device 13 through the intelligent routing device 12.
  • WiFi wireless local area network
  • the connection between the terminal device 11 and the smart home device 13 and the intelligent routing device 12 is a wireless connection, and in practical applications, it may also be a wired connection.
  • the embodiment of the invention provides a device authentication method and device for a smart home system, which is used for authenticating a terminal device by a smart home device in a smart home system.
  • the embodiment of the present invention provides a device authentication method for a smart home system, which is used in a terminal device of a smart home system, as shown in FIG. 2, a device authentication method for a smart home system according to Embodiment 1 of the present invention
  • the steps can be included:
  • S101 Acquire first user fingerprint data, set a first authentication key and a first encryption algorithm, and store first user fingerprint data, a first authentication key, and an encryption algorithm.
  • the terminal device in the smart home system controls and manages the smart home device to be authenticated by the smart home device.
  • the embodiment of the invention provides a method for combining fingerprint matching and data encryption to realize authentication of the terminal device, thereby greatly improving the smart home system.
  • the security of device authentication is a method for combining fingerprint matching and data encryption to realize authentication of the terminal device, thereby greatly improving the smart home system.
  • the terminal device and the smart home device should obtain user fingerprint data for authenticating the terminal device, where the user enters the first user fingerprint data in the terminal device, and the second user fingerprint data is entered in the smart home device, in the smart
  • the second user fingerprint data in the home device is bound to the IMEI of the terminal device.
  • the terminal device is authenticated and authenticated by using the fingerprint data of the user, and the user inputs the first user fingerprint data and the second user fingerprint data in the terminal device and the smart home device respectively, and the same user is at the terminal.
  • the first user fingerprint data entered by the device and The second user fingerprint data entered by the smart home device should be consistent, so that the smart home device can authenticate the terminal device.
  • the terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home.
  • the user fingerprint data of the host terminal device is the fingerprint data of the home owner, and the user fingerprint data of the guest terminal device may be the fingerprint data of the host or the visitor. If the owner simultaneously enters the fingerprint in the owner terminal device and the guest terminal device, the different fingers should be entered. To distinguish.
  • the host terminal device generally has permanent access rights, and the access period is infinitely long.
  • the guest terminal device is generally a temporary access right. After the access period is exceeded, the access rights of the guest terminal device are automatically canceled, and the different smart home devices may be the guest terminal device. Set different access periods.
  • a first authentication key and an encryption algorithm are set in the terminal device, and a second authentication key and a decryption algorithm are set in the smart home device for encrypting and decrypting the first user fingerprint data and the IMEI of the terminal.
  • the first authentication key and the second authentication key may be a public key or a different private key of each terminal device, and the first authentication key, the second authentication key, the encryption algorithm, and the decryption algorithm may be fixed settings. It is also possible that the negotiation between the terminal device and the smart home device is variable, and the embodiment of the present invention is not limited in terms of how to set the authentication key and the encryption and decryption algorithm.
  • the first user fingerprint data, the first authentication key, and the encryption algorithm may be stored in a Security Boot module in the terminal device that can ensure data security.
  • S102 Receive a smart home control command input by the user, and generate a control message sent to the smart home device according to the smart home control command.
  • the terminal device After receiving the smart home control command of the user, the terminal device generates a control message sent to the smart home device according to the control command, where the control message is used to instruct the smart home device to implement the related control operation according to the command of the user.
  • the first user fingerprint data and the IMEI of the terminal device are encrypted by using the first authentication key and the encryption algorithm stored in the secure boot module.
  • IMEI is the world's only fixed identifier of the terminal equipment, which is set when the terminal equipment is shipped from the factory. Set.
  • a part of the first user fingerprint data is generally used for terminal device authentication, and the terminal device may intercept a specified part of the first user fingerprint data to obtain the sampled first user fingerprint data, which is stored in the secure boot module.
  • the first authentication key and the encryption algorithm encrypt the sampled first user fingerprint data and simultaneously encrypt the IMEI.
  • S104 Send the authentication data to the smart home device to trigger the smart home device to implement the terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.
  • the terminal device After the terminal device encrypts the first user fingerprint data (or the sampled first user fingerprint data) and the IMEI, the first user fingerprint data, the IMEI, and the control message generated in step S102 are configured to be sent into the authentication data.
  • the authentication data triggers smart home devices to implement terminal device authentication.
  • the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and then the intelligent routing device forwards the authentication data to the smart home device.
  • the technical solution proposed by the present invention adopts a combination of user fingerprint and data encryption to authenticate the terminal of the smart home system, which can greatly improve the security of the smart home system, thereby preventing illegal users and terminals from intruding into the smart home system. It is a highly secure terminal device authentication mechanism.
  • a second embodiment of the present invention provides a device authentication method for a smart home system, which is used in a terminal device of a smart home system, as shown in FIG. 3, a device authentication method for a smart home system according to Embodiment 2 of the present invention The steps can be included:
  • S201 Acquire first user fingerprint data, set a first authentication key and a first encryption algorithm, and store first user fingerprint data, a first authentication key, and an encryption algorithm.
  • the terminal device is authenticated and authenticated by using the fingerprint data of the user, and the user inputs the first user fingerprint data and the second user fingerprint data in the terminal device and the smart home device respectively, in the smart home device.
  • the second user fingerprint data and the IMEI of the terminal device Bind.
  • the first user fingerprint data entered by the same user in the terminal device and the second user fingerprint data entered in the smart home device should be consistent, so that the smart home device authenticates the terminal device.
  • the terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home.
  • the user fingerprint data of the host terminal device is the fingerprint data of the home owner, and the user fingerprint data of the guest terminal device may be the fingerprint data of the host or the visitor. If the owner simultaneously enters the fingerprint in the owner terminal device and the guest terminal device, the different fingers should be entered. To distinguish.
  • the master terminal device is generally a permanent access right, the access period is infinitely long, and the guest terminal device is generally a temporary access right. After the access period is exceeded, the access right of the guest terminal device is automatically canceled. Therefore, the access period T can be set in the terminal device, and the terminal device authentication is cancelled when the access period T is exceeded, and the different access period T can be set for the guest terminal device for different smart home devices.
  • S203 Receive a smart home control command input by the user, and determine whether it is within the access period T.
  • the control message sent to the smart home device is generated according to the control command of the user, and the control message is used to instruct the smart home device to implement the related control operation according to the user's command.
  • the first user fingerprint data and the IMEI of the terminal device are encrypted by using the first authentication key and the encryption algorithm stored in the secure boot module.
  • a part of the first user fingerprint data is generally sent for the terminal device to recognize
  • the terminal device may intercept the specified part of the first user fingerprint data, obtain the sampled first user fingerprint data, and use the first authentication key and the encryption algorithm stored in the secure startup module to sample the first user fingerprint data. Encrypt and encrypt the IMEI at the same time.
  • S206 Send the authentication data to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.
  • the terminal device After the terminal device encrypts the first user fingerprint data (or the sampled first user fingerprint data) and the IMEI, the first user fingerprint data, the IMEI, and the control message generated in step S204 are configured to be sent into the authentication data.
  • the authentication data triggers smart home devices to implement terminal device authentication.
  • the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and then the intelligent routing device forwards the authentication data to the smart home device.
  • the terminal device may delete the stored user fingerprint data after the T time, so as to save storage space of the terminal device and better control access rights of the terminal device.
  • the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system.
  • the terminal device authentication is started, that is, the authentication data is sent to the smart home device, otherwise the terminal device authentication is cancelled, and the access authority of the terminal device can be effectively controlled, and further Enhance the security of smart home systems.
  • the third embodiment of the present invention provides a method for device authentication of a smart home system, which is used in a smart home device.
  • a method for device authentication of a smart home system according to Embodiment 3 of the present invention may include the following. step:
  • S301 Acquire second user fingerprint data of the terminal device, and set a second authentication password of the terminal device.
  • the key and decryption algorithm and store the IMEI of the terminal device, the second user fingerprint data, the second authentication key, and the decryption algorithm.
  • the terminal device in the smart home system controls and manages the smart home device to be authenticated by the smart home device.
  • the embodiment of the invention provides a method for combining fingerprint matching and data encryption to implement authentication of the terminal device.
  • the terminal device and the smart home device should obtain user fingerprint data for authenticating the terminal device, where the user enters the first user fingerprint data in the terminal device, and the second user fingerprint data is entered in the smart home device, in the smart
  • the second user fingerprint data in the home device is bound to the IMEI of the terminal device.
  • the terminal device is authenticated and authenticated by using the fingerprint data of the user, and the user inputs the first user fingerprint data and the second user fingerprint data in the terminal device and the smart home device respectively, and the same user is at the terminal.
  • the first user fingerprint data entered by the device and the second user fingerprint data entered in the smart home device should be consistent, so that the smart home device authenticates the terminal device.
  • the terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home.
  • the user fingerprint data of the host terminal device is the fingerprint data of the home owner, and the user fingerprint data of the guest terminal device may be the fingerprint data of the host or the visitor. If the owner simultaneously enters the fingerprint in the owner terminal device and the guest terminal device, the different fingers should be entered. To distinguish.
  • a second authentication key and a decryption algorithm are set in the smart home device for decrypting the first user fingerprint data sent by the terminal device and the IMEI of the terminal.
  • the decryption algorithm set in the smart device and the encryption algorithm set in the terminal device are inverse algorithms for the same terminal device to ensure successful decryption.
  • the second authentication key may be a public key or a different private key of each terminal device, and the second authentication key decryption algorithm may be fixedly set or may be negotiated between the terminal device and the smart home device.
  • the embodiment of the present invention is not limited to how to set the authentication key and the encryption and decryption algorithm.
  • the second user fingerprint data, the second authentication key, and the decryption algorithm may be stored in a Security Boot module in the smart home device that can ensure data security.
  • S302. Receive authentication data sent by the terminal device, and use the second authentication of the stored terminal device.
  • the key and decryption algorithm decrypts the first user fingerprint data and the IMEI in the authentication data sent by the terminal device.
  • the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and the intelligent routing device forwards the authentication data to the smart home device, and the smart home device
  • the authentication data sent by the terminal device is received from the intelligent routing device.
  • the smart home device When the smart home device receives the authentication data sent by the terminal device, first decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the stored second authentication key and the decryption algorithm.
  • the smart home device After the smart home device decrypts the first user fingerprint data and the IMEI in the authentication data, the decrypted IMEI is verified, and the decrypted first user fingerprint data is verified.
  • the smart home device first verifies the IMEI by comparing the decrypted IMEI with the stored IMEI of the terminal device. If the decrypted IMEI is consistent with the IMEI of the stored terminal device, it is determined that the decrypted IMEI passes the verification. If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI has not passed the verification.
  • the smart home device then verifies the first user fingerprint data according to the second user fingerprint data bound by the IMEI.
  • part of the user fingerprint data is generally used as a basis for terminal device authentication, and the smart home device intercepts the IMEI binding. a specified part of the second user fingerprint data to obtain the sampled second user fingerprint data, and compare the decrypted first user fingerprint data with the sampled second user fingerprint data, if the decrypted first user fingerprint data Consistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data passes the verification, and if the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, determining the first decrypted data User fingerprint data failed verification.
  • the smart home device determines that the terminal device authentication is successful, and executes the user's control command according to the control message in the authentication data.
  • the terminal device fails to authenticate, and the control command of the user is not executed according to the control message in the authentication data.
  • the terminal device authentication fails, and the user's control command is not executed according to the control message in the authentication data.
  • the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism.
  • a fourth embodiment of the present invention provides a method for device authentication of a smart home system, which is used in a smart home device.
  • a method for device authentication of a smart home system according to Embodiment 4 of the present invention may include the following. step:
  • the terminal device and the smart home device should obtain user fingerprint data for authenticating the terminal device, where the user enters the first user fingerprint data in the terminal device, and the second user fingerprint data is entered in the smart home device, in the smart
  • the second user fingerprint data in the home device is bound to the IMEI of the terminal device.
  • the first user fingerprint data entered by the same user in the terminal device and the second user fingerprint data entered in the smart home device should be consistent, so that the smart home device authenticates the terminal device.
  • a second authentication key and a decryption algorithm are set in the smart home device for decrypting the first user fingerprint data sent by the terminal device and the IMEI of the terminal.
  • the decryption algorithm set in the smart device and the encryption algorithm set in the terminal device are inverse algorithms for the same terminal device, To ensure successful decryption.
  • the second authentication key may be a public key or a different private key of each terminal device, and the second authentication key decryption algorithm may be fixedly set or may be negotiated between the terminal device and the smart home device.
  • the embodiment of the present invention is not limited to how to set the authentication key and the encryption and decryption algorithm.
  • the terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home.
  • the master terminal device is generally a permanent access right, the access period is infinitely long, and the guest terminal device is generally a temporary access right. After the access period is exceeded, the access right of the guest terminal device is automatically canceled. Therefore, the smart home device can set the access period T for the terminal device. If the access period T is exceeded, the terminal device authentication is cancelled. For different smart home devices, different access periods T can be set for the guest terminal device, and the set access period is set. T is bound to the IMEI of the terminal.
  • the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and the intelligent routing device forwards the authentication data to the smart home device, and the smart home device
  • the authentication data sent by the terminal device is received from the intelligent routing device.
  • the smart home device When the smart home device receives the authentication data sent by the terminal device, first decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the stored second authentication key and the decryption algorithm.
  • the smart home device first verifies the IMEI by comparing the decrypted IMEI with the stored IMEI of the terminal device. If the decrypted IMEI is consistent with the IMEI of the stored terminal device, it is determined that the decrypted IMEI passes the verification. If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI has not passed the verification.
  • the smart home device determines that the terminal device authentication fails, and does not execute the user's control command according to the control message in the authentication data.
  • the smart terminal device acquires the access period T bound to the IMEI, and verifies whether the terminal device has the access right, that is, whether it is within the access period.
  • the terminal device can be authenticated.
  • the smart home device verifies the first user fingerprint data according to the second user fingerprint data bound by the IMEI.
  • part of the user fingerprint data is generally used as a basis for terminal device authentication, and the smart home device intercepts the IMEI binding.
  • Specifying a portion of the second user fingerprint data to obtain the sampled second user fingerprint data and comparing the decrypted first user fingerprint data with the sampled second user fingerprint data, if the decrypted first user fingerprint data and If the sampled second user fingerprint data is consistent, it is determined that the decrypted first user fingerprint data passes the verification, and if the decrypted first user fingerprint data is different from the sampled second user fingerprint data, the decrypted first user is determined. The fingerprint data did not pass the check.
  • the smart home device determines that the terminal device authentication is successful, and executes the user's control command according to the control message in the authentication data.
  • the smart home device determines that the terminal device authentication fails, and does not execute the user's control command according to the control message in the authentication data.
  • the stored user fingerprint data of the terminal device may be deleted after the access period T time of the terminal device, so as to save the storage space of the smart home device. And better control access to the terminal device.
  • the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system.
  • the smart home device receives the authentication data of the terminal within the access period T, the terminal device is authenticated, otherwise the terminal device authentication fails, thereby effectively controlling the access rights of the terminal device, and further enhancing the security of the smart home system. .
  • the fifth embodiment of the present invention provides a terminal device for implementing the device authentication method of the smart home system proposed by the present invention.
  • the device a00 may include a receiving unit a10, a processing unit a20, and a transmitting unit.
  • the receiving unit a10 is configured to acquire first user fingerprint data.
  • the processing unit a20 is configured to set a first authentication key and a first encryption algorithm, and store first user fingerprint data, a first authentication key, and an encryption algorithm acquired by the receiving unit a10;
  • the receiving unit a10 is further configured to receive a smart home control command input by the user, and generate a control message sent to the smart home device according to the smart home control command;
  • the processing unit a20 is further configured to encrypt the first user fingerprint data and the IMEI of the terminal device by using the stored first authentication key and an encryption algorithm;
  • the sending unit a30 is configured to send the authentication data to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.
  • the specific implementation method for the processing unit a20 to encrypt the first user fingerprint data and the IMEI of the terminal device by using the stored first authentication key and the encryption algorithm is to intercept the specified part of the stored first user fingerprint data to obtain the sampled First user fingerprint data; the sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm.
  • the processing unit a20 is further configured to set an access period T of the terminal device; when the receiving unit receives the smart home control command input by the user, determine whether it is within the access period T, if the access period T Then, the control message sent to the smart home device is generated according to the smart home control command; if not within the access period T of the terminal, the terminal device authentication is ended.
  • the processing unit a20 is further configured to delete the stored user fingerprint data after the access period T.
  • the technical solution proposed by the present invention adopts a combination of user fingerprint and data encryption to authenticate the terminal of the smart home system, which can greatly improve the security of the smart home system, thereby preventing illegal users and terminals from intruding into the smart home system. It is a highly secure terminal device authentication mechanism.
  • the sixth embodiment of the present invention provides a smart home device for implementing the device authentication method of the smart home system proposed by the present invention.
  • the device b00 may include a receiving unit b10 and a processing unit b20.
  • a receiving unit b10 configured to acquire second user fingerprint data of the terminal device
  • a processing unit b20 configured to set a second authentication key and a decryption algorithm of the terminal device, and store an IMEI of the terminal device, second user fingerprint data acquired by the receiving unit b10, a second authentication key, and a decryption algorithm;
  • the receiving unit b10 is further configured to receive the authentication data sent by the terminal device;
  • the processing unit b20 is further configured to:
  • the terminal device If the decrypted IMEI passes the verification, and the decrypted first user fingerprint data passes the verification, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;
  • the terminal device authentication fails, and the user's control command is not executed according to the control message in the authentication data.
  • the specific method for the processing unit b20 to verify the decrypted IMEI is to compare the decrypted IMEI with the stored IMEI of the terminal device, and if the decrypted IMEI matches the IMEI of the stored terminal device, determine the decrypted IMEI passes verification, if the decrypted IMEI and the end of storage If the IMEI of the end device is inconsistent, it is determined that the decrypted IMEI has not passed the check.
  • the specific method for verifying the decrypted first user fingerprint data by the processing unit b20 is: intercepting a specified part of the second user fingerprint data of the stored terminal device to obtain the sampled second user fingerprint data; Comparing the first user fingerprint data with the sampled second user fingerprint data, and if the decrypted first user fingerprint data is consistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data passes the verification, if After the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, it is determined that the decrypted first user fingerprint data fails the verification.
  • the processing unit b20 is further configured to set an access period T of the terminal device
  • the decrypted first user fingerprint data is verified. If the decrypted user fingerprint data passes the verification, the terminal authentication succeeds, and if the decrypted first user fingerprint data is not After verification, the terminal device authentication fails.
  • the processing unit b20 is further configured to delete the second user fingerprint data of the stored terminal device after the access period T of the terminal device.
  • the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism.
  • the seventh embodiment of the present invention provides another terminal device for implementing the device authentication method of the smart home system proposed by the present invention.
  • the device c00 includes a processor c10, a memory c20, a bus system c30, a receiver c40, and a transmitter c50.
  • the processor c10, the memory c20, the receiver c40 and the transmitter c50 are connected by a bus system c30 for storing instructions for executing the instructions stored in the memory c20 to control the receiver c40 to receive.
  • Signal, and control transmitter c50 to send a signal to complete the steps in the above mobile payment method.
  • the receiver c40 and the transmitter c50 may be the same or different physical entities. When they are the same physical entity, they can be collectively referred to as transceivers.
  • the method steps performed by the device c00 may at least include:
  • the authentication data is sent to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.
  • the device d00 includes a processor d10, a memory d20, a bus system d30, a receiver d40, and a transmitter d50.
  • the processor d10, the memory d20, the receiver d40 and the transmitter d50 are connected by a bus system d30 for storing instructions, and the processor d10 is configured to execute the instructions stored in the memory d20 to control the receiver d40 to receive Signal, and control the transmitter d50 to send a signal to complete the steps in the above mobile payment method.
  • the receiver d40 and the transmitter d50 may be the same or different physical entities. When they are the same physical entity, they can be collectively referred to as transceivers.
  • the method steps performed by the device d00 may at least include:
  • Receiving authentication data sent by the terminal device decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the second authentication key and the decryption algorithm of the stored terminal device;
  • the terminal device If the decrypted IMEI passes the verification, and the decrypted first user fingerprint data passes the verification, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;
  • the terminal device authentication fails, and the user's control command is not executed according to the control message in the authentication data.
  • aspects of the present invention, or possible implementations of various aspects may be embodied as a system, method, or computer program product.
  • aspects of the invention, or possible implementations of various aspects may take the form of a computer program product, which is a computer readable program code stored in a computer readable medium.
  • the computer readable medium can be a computer readable data medium or a computer readable storage medium.
  • the computer readable storage medium includes, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing, such as random access memory (RAM), read only memory (ROM), Erase programmable read-only memory (EPROM or flash memory), optical fiber, portable read-only memory (CD-ROM).
  • the processor in the computer reads the computer readable program code stored in the computer readable medium such that the processor is capable of performing the various functional steps specified in each step of the flowchart, or a combination of steps; A device that functions as specified in each block, or combination of blocks.
  • the computer readable program code can execute entirely on the user's computer, partly on the user's computer, as a separate software package, partly on the user's local computer and partly on the remote computer, or entirely on the remote computer or server. carried out. It should also be noted that in some alternative implementations, the functions noted in the various steps in the flowcharts or in the blocks in the block diagrams may not occur in the order noted. For example, two steps, or two blocks, shown in succession may be executed substantially concurrently or the blocks may be executed in the reverse order.
  • the disclosed apparatus may be implemented in other ways.
  • the device embodiments described above are merely illustrative.
  • the division of the functional units is only a logical function division.
  • there may be other division manners for example, multiple units may be combined into the same subsystem.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Quality & Reliability (AREA)
  • Manufacturing & Machinery (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Telephonic Communication Services (AREA)
  • Selective Calling Equipment (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Disclosed is a smart home system equipment authentication method. The method comprises: acquiring first user fingerprint data, and storing the first user fingerprint data and a first authentication key and encryption algorithm; receiving a smart home control command input by a user and generating a control message; encrypting the first user fingerprint data and an IMEI of terminal equipment by use of the stored first authentication key and encryption algorithm; and sending authentication data to smart home equipment, so as to trigger the smart home equipment to realize terminal equipment authentication according to the authentication data, wherein the authentication data comprises the encrypted first user fingerprint data, the encrypted IMEI and the control message. In the present invention, by means of the equipment authentication method combining fingerprint matching and data encryption, the security of the smart home system can be greatly improved, and illegal users and terminals are prevented from intruding into the smart home system.

Description

一种智能家居系统的设备认证方法及装置Device authentication method and device for smart home system 技术领域Technical field

本发明涉及智能家居领域,尤其涉及一种智能家居系统的设备认证方法及装置。The invention relates to the field of smart homes, in particular to a device authentication method and device for a smart home system.

背景技术Background technique

智能家居是以住宅为平台,利用综合布线技术、网络通信技术、安全防范技术、自动控制技术、音视频技术将家居生活有关的设施集成起来,构建高效的住宅设施与家庭日程事务的管理系统,提升家居安全性、便利性、舒适性、艺术性,并实现环保节能的居住环境。Smart home is a residential platform, using integrated wiring technology, network communication technology, security technology, automatic control technology, audio and video technology to integrate home life related facilities, and build an efficient management system for residential facilities and family schedules. Improve home safety, convenience, comfort, and artistry, and achieve an environmentally friendly and energy-saving living environment.

智能家居系统可以包括终端设备、智能路由设备和智能家居设备,智能家居设备包括智能门锁、智能冰箱、智能电视机、智能空调或智能洗衣机等,终端设备包括手机、电脑和笔记本等智能终端设备,终端设备、智能家居设备与智能路由设备相连接,终端设备通过智能路由设备控制和管理智能家居设备。The smart home system may include a terminal device, an intelligent routing device, and a smart home device, and the smart home device includes a smart door lock, a smart refrigerator, a smart television, a smart air conditioner, or a smart washing machine, and the terminal device includes a smart terminal device such as a mobile phone, a computer, and a notebook. The terminal device and the smart home device are connected to the intelligent routing device, and the terminal device controls and manages the smart home device through the intelligent routing device.

为了保证智能家居系统的安全性,终端设备需经过安全认证才能控制智能家居设备。在现有的智能家居系统安全认证技术中,通常通过设置密码或访问口令对终端设备进行认证,即终端输入密码或口令,与智能家居设备中保存的密码或访问口令进行匹配,该技术方案的安全性较低,一旦密码或口令被不法分子破解则后果不堪设想。In order to ensure the security of the smart home system, the terminal equipment needs to be authenticated to control the smart home equipment. In the existing smart home system security authentication technology, the terminal device is usually authenticated by setting a password or an access password, that is, the terminal inputs a password or a password, and matches the password or access password stored in the smart home device, and the technical solution The security is low, and once the password or password is cracked by the criminals, the consequences are unimaginable.

因此,设计一种安全性较高的终端设备认证机制,是亟待解决的问题。Therefore, designing a highly secure terminal device authentication mechanism is an urgent problem to be solved.

发明内容Summary of the invention

本发明实施例公开了一种智能家居系统的设备认证方法及装置,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统。The embodiment of the invention discloses a device authentication method and device for a smart home system, which can greatly improve the security of the smart home system, thereby preventing illegal users and terminals from intruding into the smart home system.

本发明实施例第一方面提供了一种智能家居系统的设备认证方法,包括: A first aspect of the embodiments of the present invention provides a device authentication method for a smart home system, including:

获取第一用户指纹数据,设置第一认证密钥和第一加密算法,并存储所述第一用户指纹数据、所述第一认证密钥和加密算法;Obtaining first user fingerprint data, setting a first authentication key and a first encryption algorithm, and storing the first user fingerprint data, the first authentication key, and an encryption algorithm;

接收用户输入的智能家居控制命令,根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;Receiving a smart home control command input by the user, and generating, according to the smart home control command, a control message sent to the smart home device;

使用所述存储的第一认证密钥和加密算法对所述第一用户指纹数据和终端设备的国际移动终端标识(IMEI,International Mobility Equipment Identity)进行加密;Encrypting the first user fingerprint data and an International Mobility Equipment Identity (IMEI) of the terminal device by using the stored first authentication key and an encryption algorithm;

将认证数据发送给智能家居设备,以触发所述智能家居设备根据所述认证数据实现终端设备认证,其中,所述认证数据包括加密后的第一用户指纹数据、加密后的IMEI和所述控制消息。Sending the authentication data to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control Message.

结合第一方面,在本发明实施例的第一种可能的实现方式中,所述使用所述存储的第一认证密钥和加密算法对所述用户指纹数据和IMEI进行加密,包括:With reference to the first aspect, in a first possible implementation manner of the embodiment of the present invention, the encrypting the user fingerprint data and the IMEI by using the stored first authentication key and an encryption algorithm, including:

截取所述存储的第一用户指纹数据中的指定部分,以得到采样的第一用户指纹数据;Intercepting a specified part of the stored first user fingerprint data to obtain sampled first user fingerprint data;

使用所述存储的第一认证密钥和加密算法对所述采样的第一用户指纹数据和IMEI进行加密。The sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm.

结合第一方面或第一方面的第一种可能的实现方式,在第二种可能的实现方式中,在所述存储所述用户指纹数据、所述认证密钥和加密算法之后,所述方法还包括:With reference to the first aspect or the first possible implementation manner of the first aspect, in a second possible implementation, after the storing the user fingerprint data, the authentication key, and the encryption algorithm, the method Also includes:

设置终端设备的访问期限T;Setting the access period T of the terminal device;

当接收到用户输入的智能家居控制命令时,判断是否在所述访问期限T内,若在所述访问期限T内,则根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;若不在所述终端的访问期限T内,则结束终端设备认证。When receiving the smart home control command input by the user, determining whether it is within the access period T, if within the access period T, generating a control message sent to the smart home device according to the smart home control command If it is not within the access period T of the terminal, the terminal device authentication is ended.

结合第一方面的第二种可能的实现方式,在第三种可能的实现方式中,在所述设置访问期限T的步骤之后,所述方法还包括: With reference to the second possible implementation of the first aspect, in a third possible implementation, after the step of setting the access period T, the method further includes:

在所述访问期限T之后删除所述存储的用户指纹数据。The stored user fingerprint data is deleted after the access period T.

本发明实施例第二方面提供了一种智能家居系统的设备认证方法,用于智能家居设备中,包括:A second aspect of the embodiments of the present invention provides a device authentication method for a smart home system, which is used in a smart home device, and includes:

获取终端设备的第二用户指纹数据,设置终端设备的第二认证密钥和解密算法,并存储所述终端设备的IMEI、所述第二用户指纹数据、所述第二认证密钥和解密算法;Obtaining second user fingerprint data of the terminal device, setting a second authentication key and a decryption algorithm of the terminal device, and storing the IMEI of the terminal device, the second user fingerprint data, the second authentication key, and a decryption algorithm ;

接收终端设备发送的认证数据;Receiving authentication data sent by the terminal device;

使用所述存储的终端设备的第二认证密钥和解密算法对所述终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密;Decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the second authentication key and the decryption algorithm of the stored terminal device;

对所述解密后的IMEI进行校验,并且对所述解密后的第一用户指纹数据进行校验;Performing verification on the decrypted IMEI, and verifying the decrypted first user fingerprint data;

若所述解密后的IMEI通过校验,并且所述解密后的第一用户指纹数据通过校验,则所述终端设备认证成功,根据所述认证数据中的控制消息执行用户的控制命令;If the decrypted IMEI passes the check, and the decrypted first user fingerprint data passes the check, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;

若所述解密后的IMEI未通过校验,或者所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败,不根据所述认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI fails the verification, or the decrypted first user fingerprint data fails the verification, the terminal device fails to be authenticated, and the user's control is not performed according to the control message in the authentication data. command.

结合第二方面,在第一种可能的实现方式中,所述对所述解密后的IMEI进行校验,包括:With reference to the second aspect, in a first possible implementation, the verifying the decrypted IMEI includes:

将所述解密后的IMEI与所述存储的终端设备的IMEI进行比较,若所述解密后的IMEI与所述存储的终端设备的IMEI一致,则判断所述解密后的IMEI通过校验,若所述解密后的IMEI与所述存储的终端设备的IMEI不一致,则判断所述解密后的IMEI未通过校验。Comparing the decrypted IMEI with the IMEI of the stored terminal device, and if the decrypted IMEI matches the IMEI of the stored terminal device, determining that the decrypted IMEI passes the verification, if If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI fails the verification.

结合第二方面,在第二种可能的实现方式中,所述对所述解密后的第一用户指纹数据进行校验,包括:With reference to the second aspect, in a second possible implementation, the verifying the decrypted first user fingerprint data includes:

截取所述存储的终端设备的第二用户指纹数据中的指定部分,以得到采 样的第二用户指纹数据;Intercepting a specified part of the second user fingerprint data of the stored terminal device to obtain Second user fingerprint data;

将所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据进行比较,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据一致,则判断所述解密后的第一用户指纹数据通过校验,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据不一致,则判断所述解密后的第一用户指纹数据未通过校验。Comparing the decrypted first user fingerprint data with the sampled second user fingerprint data, and if the decrypted first user fingerprint data is consistent with the sampled second user fingerprint data, determining the location Determining, the decrypted first user fingerprint data is verified, and if the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data fails check.

结合第一方面至第一方面的第二种可能的实现方式中的任意一种,在第三种可能的实现方式中,在所述存储所述终端设备的IMEI、所述第二用户指纹数据、所述第二认证密钥和解密算法的步骤之后,所述方法还包括:In combination with the first aspect to any one of the second possible implementation manners of the first aspect, in a third possible implementation, the storing the IMEI of the terminal device, the second user fingerprint data After the step of the second authentication key and the decryption algorithm, the method further includes:

设置所述终端设备的访问期限T;Setting an access period T of the terminal device;

在所述解密后的IMEI通过校验之后,所述方法还包括:After the decrypted IMEI passes the verification, the method further includes:

判断接收到所述终端设备发送的认证数据的时间是否在所述终端设备的访问期限T内,若不在所述终端设备的访问期限T内,所述终端设备认证失败;Determining whether the time when the authentication data sent by the terminal device is received is within the access period T of the terminal device; if not within the access period T of the terminal device, the terminal device fails to be authenticated;

若在所述终端设备的访问期限T内,则对所述解密后的第一用户指纹数据进行校验,若所述解密后的用户指纹数据通过校验,则终端认证成功,若所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败。And if the decrypted first user fingerprint data is verified within the access period T of the terminal device, if the decrypted user fingerprint data passes the verification, the terminal authentication succeeds, if the decryption After the first user fingerprint data fails the verification, the terminal device authentication fails.

结合第二方面的第三种可能的实现方式,在第四种可能的实现方式中,在所述设置所述终端设备的访问期限T之后,所述方法还包括:With the third possible implementation of the second aspect, in a fourth possible implementation, after the setting the access period T of the terminal device, the method further includes:

在所述终端设备的访问期限T之后删除所述存储的终端设备的第二用户指纹数据。The second user fingerprint data of the stored terminal device is deleted after the access period T of the terminal device.

本发明实施例第三方面提供一种终端设备,包括:A third aspect of the embodiments of the present invention provides a terminal device, including:

接收单元,用于获取第一用户指纹数据;a receiving unit, configured to acquire first user fingerprint data;

处理单元,用于设置第一认证密钥和第一加密算法,并存储所述接收单元获取的第一用户指纹数据、所述第一认证密钥和加密算法;a processing unit, configured to set a first authentication key and a first encryption algorithm, and store first user fingerprint data, the first authentication key, and an encryption algorithm acquired by the receiving unit;

所述接收单元还用于,接收用户输入的智能家居控制命令,根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;The receiving unit is further configured to receive a smart home control command input by the user, and generate a control message sent to the smart home device according to the smart home control command;

所述处理单元还用于,使用所述存储的第一认证密钥和加密算法对所述 第一用户指纹数据和终端设备的IMEI进行加密;The processing unit is further configured to use the stored first authentication key and an encryption algorithm to Encrypting the first user fingerprint data and the IMEI of the terminal device;

发送单元,用于将认证数据发送给智能家居设备,以触发所述智能家居设备根据所述认证数据实现终端设备认证,其中,所述认证数据包括加密后的第一用户指纹数据、加密后的IMEI和所述控制消息。a sending unit, configured to send the authentication data to the smart home device, to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, and the encrypted IMEI and the control message.

结合第三方面,在第一种可能的实现方式中,所述处理单元具体用于:With reference to the third aspect, in a first possible implementation, the processing unit is specifically configured to:

截取所述存储的第一用户指纹数据中的指定部分,以得到采样的第一用户指纹数据;Intercepting a specified part of the stored first user fingerprint data to obtain sampled first user fingerprint data;

使用所述存储的第一认证密钥和加密算法对所述采样的第一用户指纹数据和IMEI进行加密。The sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm.

结合第三方面或第三方面的第一种可能的实现方式,在第二种可能的实现方式中,所述处理单元还用于:With reference to the third aspect or the first possible implementation manner of the third aspect, in a second possible implementation manner, the processing unit is further configured to:

设置终端设备的访问期限T;Setting the access period T of the terminal device;

当所述接收单元接收到用户输入的智能家居控制命令时,判断是否在所述访问期限T内,若在所述访问期限T内,则根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;若不在所述终端的访问期限T内,则结束终端设备认证。When the receiving unit receives the smart home control command input by the user, determining whether it is within the access period T, if it is within the access period T, generating and transmitting to the smart home according to the smart home control command The control message of the device; if not within the access period T of the terminal, the terminal device authentication is ended.

结合第三方面的第二种可能的实现方式,在第三种可能的实现方式中,所述处理单元还用于:In conjunction with the second possible implementation of the third aspect, in a third possible implementation, the processing unit is further configured to:

在所述访问期限T之后删除所述存储的用户指纹数据。The stored user fingerprint data is deleted after the access period T.

本发明实施例第四方面提供了一种智能家居设备,包括:A fourth aspect of the embodiments of the present invention provides a smart home device, including:

接收单元,用于获取终端设备的第二用户指纹数据;a receiving unit, configured to acquire second user fingerprint data of the terminal device;

处理单元,用于设置终端设备的第二认证密钥和解密算法,并存储所述终端设备的IMEI、所述接收单元获取的第二用户指纹数据、所述第二认证密钥和解密算法;a processing unit, configured to set a second authentication key and a decryption algorithm of the terminal device, and store an IMEI of the terminal device, second user fingerprint data acquired by the receiving unit, the second authentication key, and a decryption algorithm;

所述接收单元还用于,接收终端设备发送的认证数据;The receiving unit is further configured to receive authentication data sent by the terminal device;

所述处理单元还用于:The processing unit is further configured to:

使用所述存储的终端设备的第二认证密钥和解密算法对所述终端设备发 送的认证数据中的第一用户指纹数据和IMEI进行解密;Sending to the terminal device by using a second authentication key and a decryption algorithm of the stored terminal device Decrypting the first user fingerprint data and the IMEI in the sent authentication data;

对所述解密后的IMEI进行校验,并且对所述解密后的第一用户指纹数据进行校验;Performing verification on the decrypted IMEI, and verifying the decrypted first user fingerprint data;

若所述解密后的IMEI通过校验,并且所述解密后的第一用户指纹数据通过校验,则所述终端设备认证成功,根据所述认证数据中的控制消息执行用户的控制命令;If the decrypted IMEI passes the check, and the decrypted first user fingerprint data passes the check, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;

若所述解密后的IMEI未通过校验,或者所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败,不根据所述认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI fails the verification, or the decrypted first user fingerprint data fails the verification, the terminal device fails to be authenticated, and the user's control is not performed according to the control message in the authentication data. command.

结合第四方面,在第一种可能的实现方式中,所述处理单元具体用于:With reference to the fourth aspect, in a first possible implementation, the processing unit is specifically configured to:

将所述解密后的IMEI与所述存储的终端设备的IMEI进行比较,若所述解密后的IMEI与所述存储的终端设备的IMEI一致,则判断所述解密后的IMEI通过校验,若所述解密后的IMEI与所述存储的终端设备的IMEI不一致,则判断所述解密后的IMEI未通过校验。Comparing the decrypted IMEI with the IMEI of the stored terminal device, and if the decrypted IMEI matches the IMEI of the stored terminal device, determining that the decrypted IMEI passes the verification, if If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI fails the verification.

结合第四方面,在第二种可能的实现方式中,所述处理单元具体用于:With reference to the fourth aspect, in a second possible implementation manner, the processing unit is specifically configured to:

截取所述存储的终端设备的第二用户指纹数据中的指定部分,以得到采样的第二用户指纹数据;Obtaining a specified part of the second user fingerprint data of the stored terminal device to obtain sampled second user fingerprint data;

将所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据进行比较,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据一致,则判断所述解密后的第一用户指纹数据通过校验,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据不一致,则判断所述解密后的第一用户指纹数据未通过校验。Comparing the decrypted first user fingerprint data with the sampled second user fingerprint data, and if the decrypted first user fingerprint data is consistent with the sampled second user fingerprint data, determining the location Determining, the decrypted first user fingerprint data is verified, and if the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data fails check.

结合第四方面至第四方面的第二种可能的实现方式中的任意一种,在第三种可能的实现方式中,所述处理单元还用于:With reference to any one of the fourth aspect to the second possible implementation of the fourth aspect, in a third possible implementation, the processing unit is further configured to:

设置所述终端设备的访问期限T;Setting an access period T of the terminal device;

判断接收到所述终端设备发送的认证数据的时间是否在所述终端设备的访问期限T内,若不在所述终端设备的访问期限T内,所述终端设备认证失败; Determining whether the time when the authentication data sent by the terminal device is received is within the access period T of the terminal device; if not within the access period T of the terminal device, the terminal device fails to be authenticated;

若在所述终端设备的访问期限T内,则对所述解密后的第一用户指纹数据进行校验,若所述解密后的用户指纹数据通过校验,则终端认证成功,若所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败。And if the decrypted first user fingerprint data is verified within the access period T of the terminal device, if the decrypted user fingerprint data passes the verification, the terminal authentication succeeds, if the decryption After the first user fingerprint data fails the verification, the terminal device authentication fails.

结合第四方面的第三种可能的实现方式,在第四种可能的实现方式中,所述处理单元还用于:In conjunction with the third possible implementation of the fourth aspect, in a fourth possible implementation, the processing unit is further configured to:

在所述终端设备的访问期限T之后删除所述存储的终端设备的第二用户指纹数据。The second user fingerprint data of the stored terminal device is deleted after the access period T of the terminal device.

本发明实施例提供的技术方案能够使终端设备和智能家居设备分别获取和存储终端设备的第一用户指纹数据、第二用户指纹数据,终端收到用户输入的智能家居控制命令后,使用第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密,将该加密后的数据和智能家居控制消息作为认证数据发送给智能家居设备,智能家居设备收到该认证数据后使用第二认证密钥和解密算法进行解密,并使用存储的第二指纹数据和IMEI对认证数据中的第一用户指纹数据和IMEI进行校验以实现终端认证。可见,本发明提出的技术方案采用了用户指纹匹配和数据加密相结合的方法对控制智能家居系统的终端进行认证,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统,是一种安全性较高的终端设备认证机制。The technical solution provided by the embodiment of the present invention enables the terminal device and the smart home device to respectively acquire and store the first user fingerprint data and the second user fingerprint data of the terminal device, and the terminal uses the first smart home control command input by the user. The authentication key and the encryption algorithm encrypt the first user fingerprint data and the IMEI of the terminal device, and send the encrypted data and the smart home control message as authentication data to the smart home device, and the smart home device uses the authentication data. The second authentication key and the decryption algorithm perform decryption, and use the stored second fingerprint data and the IMEI to check the first user fingerprint data and the IMEI in the authentication data to implement terminal authentication. It can be seen that the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism.

进一步的,若终端设备在访问期限T内收到用户的智能终端控制命令则开始终端设备认证,即向智能家居设备发送认证数据,否则取消终端设备认证,另一方面,若智能家居设备在访问期限T内收到终端的认证数据则对终端设备进行认证,否则终端设备认证失败,这样可以有效控制终端设备的访问权限,进一步增强了智能家居系统的安全性。Further, if the terminal device receives the smart terminal control command of the user within the access period T, the terminal device authentication is started, that is, the authentication data is sent to the smart home device, otherwise the terminal device authentication is cancelled, and if the smart home device is accessed, After receiving the authentication data of the terminal within the time limit T, the terminal device is authenticated, otherwise the terminal device authentication fails, which can effectively control the access rights of the terminal device, and further enhance the security of the smart home system.

附图说明DRAWINGS

为了更清楚地说明本发明实施例中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明 的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings to be used in the embodiments will be briefly described below. Obviously, the drawings in the following description are merely the present invention. Some of the embodiments can be obtained by those of ordinary skill in the art in view of the drawings without any inventive effort.

图1是本发明实施例供的智能家居系统的结构示意图;1 is a schematic structural diagram of a smart home system according to an embodiment of the present invention;

图2是本发明实施例一提供的一种智能家居系统的设备认证方法的流程示意图;2 is a schematic flowchart of a device authentication method of a smart home system according to Embodiment 1 of the present invention;

图3是本发明实施例二提供的一种智能家居系统的设备认证方法的流程示意图;3 is a schematic flowchart of a device authentication method of a smart home system according to Embodiment 2 of the present invention;

图4是本发明实施例三提供的一种智能家居系统的设备认证方法的流程示意图;4 is a schematic flowchart of a device authentication method of a smart home system according to Embodiment 3 of the present invention;

图5是本发明实施例四提供的另一种智能家居系统的设备认证方法的流程示意图;FIG. 5 is a schematic flowchart of another device authentication method of a smart home system according to Embodiment 4 of the present invention; FIG.

图6是本发明实施例五提供的一种终端设备的结构示意图;FIG. 6 is a schematic structural diagram of a terminal device according to Embodiment 5 of the present invention; FIG.

图7是本发明实施例六提供的一种智能家居设备的结构示意图;7 is a schematic structural diagram of a smart home device according to Embodiment 6 of the present invention;

图8是本发明实施例七提供的另一种终端设备的结构示意图;FIG. 8 is a schematic structural diagram of another terminal device according to Embodiment 7 of the present invention; FIG.

图9是本发明实施例八提供的另一种智能家居设备的结构示意图。FIG. 9 is a schematic structural diagram of another smart home device according to Embodiment 8 of the present invention.

具体实施方式detailed description

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.

以下分别对每个实施例进行说明。Each embodiment will be described below separately.

本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”和“第四”等是用于区别不同对象,而不是用于描述特定顺序。此外,术语“包括”和“具有”以及它们任何变形,意图在于覆盖不排他的包含。例如包含了一系列步骤或单元的过程、方法、系统、产品或设备没有限定于已列出的步骤或单元,而是可选地还包括没有列出的步骤或单元,或可选地 还包括对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second", "third" and "fourth" and the like in the specification and claims of the present invention and the above drawings are used to distinguish different objects, and are not intended to describe a specific order. Furthermore, the terms "comprises" and "comprising" and "comprising" are intended to cover a non-exclusive inclusion. For example, a process, method, system, product, or device that comprises a series of steps or units is not limited to the listed steps or units, but optionally also includes steps or units not listed, or alternatively Other steps or units inherent to these processes, methods, products, or devices are also included.

首先参见图1,图1为智能家居系统的结构示意图,其中,如图1所示,智能家居系统包括终端设备11、智能路由设备12和智能家居设备13,智能家居设备13可以为智能门锁、智能冰箱、智能电视机、智能空调或智能洗衣机等可通过终端设备11管理的家电,终端设备包括手机、平板电脑、笔记本电脑、掌上电脑、移动互联网设备(MID,mobile internet device)等具备智能家居控制功能的设备。终端设备11、智能家居设备13与智能路由设备12通过无线网络相连接,例如通过无线局域网WiFi或蓝牙连接,终端设备11通过智能路由设备12控制和管理智能家居设备13。在图1中,终端设备11和智能家居设备13与智能路由设备12的连接是无线连接,在实际应用中,也可能为有线连接。First, referring to FIG. 1 , FIG. 1 is a schematic structural diagram of a smart home system. As shown in FIG. 1 , the smart home system includes a terminal device 11 , an intelligent routing device 12 , and a smart home device 13 , and the smart home device 13 can be a smart door lock. Intelligent appliances such as smart refrigerators, smart TVs, smart air conditioners or smart washing machines that can be managed by the terminal device 11, and the terminal devices include mobile phones, tablet computers, notebook computers, handheld computers, mobile internet devices (MIDs), etc. Equipment for home control functions. The terminal device 11, the smart home device 13 and the intelligent routing device 12 are connected through a wireless network, for example, via a wireless local area network (WiFi) or Bluetooth connection, and the terminal device 11 controls and manages the smart home device 13 through the intelligent routing device 12. In FIG. 1, the connection between the terminal device 11 and the smart home device 13 and the intelligent routing device 12 is a wireless connection, and in practical applications, it may also be a wired connection.

本发明实施例提供了一种智能家居系统的设备认证方法及装置,用于智能家居系统中的智能家居设备对终端设备进行认证。The embodiment of the invention provides a device authentication method and device for a smart home system, which is used for authenticating a terminal device by a smart home device in a smart home system.

本发明实施例一提供一种智能家居系统的设备认证的方法,用于智能家居系统的终端设备中,如图2所示,本发明实施例一提供的一种智能家居系统的设备认证的方法可以包括以下步骤:The embodiment of the present invention provides a device authentication method for a smart home system, which is used in a terminal device of a smart home system, as shown in FIG. 2, a device authentication method for a smart home system according to Embodiment 1 of the present invention The steps can be included:

S101、获取第一用户指纹数据,设置第一认证密钥和第一加密算法,并存储第一用户指纹数据、第一认证密钥和加密算法。S101. Acquire first user fingerprint data, set a first authentication key and a first encryption algorithm, and store first user fingerprint data, a first authentication key, and an encryption algorithm.

智能家居系统中的终端设备控制和管理智能家居设备必须经过智能家居设备认证,本发明实施例提出了一种指纹匹配和数据加密相结合的方法实现对终端设备的认证,大大提高了智能家居系统中设备认证的安全性。The terminal device in the smart home system controls and manages the smart home device to be authenticated by the smart home device. The embodiment of the invention provides a method for combining fingerprint matching and data encryption to realize authentication of the terminal device, thereby greatly improving the smart home system. The security of device authentication.

首先,终端设备和智能家居设备应获取用于认证终端设备的用户指纹数据,用户在终端设备中录入的为第一用户指纹数据,在智能家居设备中录入的为第二用户指纹数据,在智能家居设备中第二用户指纹数据跟该终端设备的IMEI绑定。在本发明提出的技术方案中,利用用户的指纹数据对终端设备进行鉴权和认证,用户分别在终端设备和智能家居设备中录入第一用户指纹数据和第二用户指纹数据,同一用户在终端设备录入的第一用户指纹数据和在 智能家居设备录入的第二用户指纹数据应一致,以便于智能家居设备对终端设备进行认证。First, the terminal device and the smart home device should obtain user fingerprint data for authenticating the terminal device, where the user enters the first user fingerprint data in the terminal device, and the second user fingerprint data is entered in the smart home device, in the smart The second user fingerprint data in the home device is bound to the IMEI of the terminal device. In the technical solution proposed by the present invention, the terminal device is authenticated and authenticated by using the fingerprint data of the user, and the user inputs the first user fingerprint data and the second user fingerprint data in the terminal device and the smart home device respectively, and the same user is at the terminal. The first user fingerprint data entered by the device and The second user fingerprint data entered by the smart home device should be consistent, so that the smart home device can authenticate the terminal device.

终端设备可分为主人终端设备和访客终端设备,访客终端设备是为家中作客的客人提供方便而授权使用的终端设备。主人终端设备的用户指纹数据为家庭主人的指纹数据,访客终端设备的用户指纹数据可以为主人或访客的指纹数据,若主人同时在主人终端设备和访客终端设备中录入指纹,则应录入不同手指以示区分。主人终端设备一般为永久访问权限,访问期限为无限长时间,访客终端设备一般为临时访问权限,超过访问期限后,访客终端设备的访问权限自动取消,针对不同的智能家居设备可为访客终端设备设置不同的访问期限。The terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home. The user fingerprint data of the host terminal device is the fingerprint data of the home owner, and the user fingerprint data of the guest terminal device may be the fingerprint data of the host or the visitor. If the owner simultaneously enters the fingerprint in the owner terminal device and the guest terminal device, the different fingers should be entered. To distinguish. The host terminal device generally has permanent access rights, and the access period is infinitely long. The guest terminal device is generally a temporary access right. After the access period is exceeded, the access rights of the guest terminal device are automatically canceled, and the different smart home devices may be the guest terminal device. Set different access periods.

此外,在终端设备中设置第一认证密钥和加密算法,在智能家居设备中设置第二认证密钥和解密算法,用于对第一用户指纹数据和终端的IMEI进行加密和解密。第一认证密钥和第二认证密钥可以是公共密钥也可以是每个终端设备不同的私有密钥,第一认证密钥、第二认证密钥、加密算法和解密算法可以是固定设置的也可以是在终端设备和智能家居设备之间协商可变的,对具体如何设置认证密钥和加解密算法本发明实施例不予限定。In addition, a first authentication key and an encryption algorithm are set in the terminal device, and a second authentication key and a decryption algorithm are set in the smart home device for encrypting and decrypting the first user fingerprint data and the IMEI of the terminal. The first authentication key and the second authentication key may be a public key or a different private key of each terminal device, and the first authentication key, the second authentication key, the encryption algorithm, and the decryption algorithm may be fixed settings. It is also possible that the negotiation between the terminal device and the smart home device is variable, and the embodiment of the present invention is not limited in terms of how to set the authentication key and the encryption and decryption algorithm.

第一用户指纹数据、第一认证密钥和加密算法可存储在终端设备中可保证数据安全的安全启动(Security Boot)模块中。The first user fingerprint data, the first authentication key, and the encryption algorithm may be stored in a Security Boot module in the terminal device that can ensure data security.

S102、接收用户输入的智能家居控制命令,根据智能家居控制命令生成发送给智能家居设备的控制消息。S102. Receive a smart home control command input by the user, and generate a control message sent to the smart home device according to the smart home control command.

终端设备接收到用户的智能家居控制命令后,根据该控制命令生成发送到智能家居设备的控制消息,该控制消息用于指示智能家居设备根据用户的命令实现相关控制操作。After receiving the smart home control command of the user, the terminal device generates a control message sent to the smart home device according to the control command, where the control message is used to instruct the smart home device to implement the related control operation according to the command of the user.

S103、使用存储的第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密。S103. Encrypt the first user fingerprint data and the IMEI of the terminal device by using the stored first authentication key and an encryption algorithm.

终端设备生成发送给智能家居设备的控制消息之后,使用安全启动模块中存储的第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密。其中,IMEI是终端设备的全球唯一固定标识,在终端设备出厂时设 置。After the terminal device generates the control message sent to the smart home device, the first user fingerprint data and the IMEI of the terminal device are encrypted by using the first authentication key and the encryption algorithm stored in the secure boot module. Among them, IMEI is the world's only fixed identifier of the terminal equipment, which is set when the terminal equipment is shipped from the factory. Set.

在具体实现中,一般发送部分第一用户指纹数据用于终端设备认证,终端设备可以截取第一用户指纹数据中的指定部分,得到采样的第一用户指纹数据,使用在安全启动模块中存储的第一认证密钥和加密算法对该采样的第一用户指纹数据进行加密,并同时对IMEI进行加密。In a specific implementation, a part of the first user fingerprint data is generally used for terminal device authentication, and the terminal device may intercept a specified part of the first user fingerprint data to obtain the sampled first user fingerprint data, which is stored in the secure boot module. The first authentication key and the encryption algorithm encrypt the sampled first user fingerprint data and simultaneously encrypt the IMEI.

S104、将认证数据发送给智能家居设备,以触发智能家居设备根据认证数据实现终端设备认证,其中,认证数据包括加密后的第一用户指纹数据、加密后的IMEI和控制消息。S104: Send the authentication data to the smart home device to trigger the smart home device to implement the terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.

当终端设备对第一用户指纹数据(或采样的第一用户指纹数据)和IMEI进行加密之后,将该通过加密的第一用户指纹数据、IMEI和在步骤S102中生成的控制消息组成认证数据发送给智能家居设备,该认证数据触发智能家居设备实现终端设备认证。在具体实现中,终端设备与智能家居设备之间的通讯消息需要通过智能路由设备转发,终端设备将认证数据发送到智能路由设备,再由智能路由设备将认证数据转发给智能家居设备。After the terminal device encrypts the first user fingerprint data (or the sampled first user fingerprint data) and the IMEI, the first user fingerprint data, the IMEI, and the control message generated in step S102 are configured to be sent into the authentication data. For smart home devices, the authentication data triggers smart home devices to implement terminal device authentication. In a specific implementation, the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and then the intelligent routing device forwards the authentication data to the smart home device.

可见,本发明提出的技术方案采用了用户指纹和数据加密相结合的方法对控制智能家居系统的终端进行认证,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统,是一种安全性较高的终端设备认证机制。It can be seen that the technical solution proposed by the present invention adopts a combination of user fingerprint and data encryption to authenticate the terminal of the smart home system, which can greatly improve the security of the smart home system, thereby preventing illegal users and terminals from intruding into the smart home system. It is a highly secure terminal device authentication mechanism.

本发明实施例二提供一种智能家居系统的设备认证的方法,用于智能家居系统的终端设备中,如图3所示,本发明实施例二提供的一种智能家居系统的设备认证的方法可以包括以下步骤:A second embodiment of the present invention provides a device authentication method for a smart home system, which is used in a terminal device of a smart home system, as shown in FIG. 3, a device authentication method for a smart home system according to Embodiment 2 of the present invention The steps can be included:

S201、获取第一用户指纹数据,设置第一认证密钥和第一加密算法,并存储第一用户指纹数据、第一认证密钥和加密算法。S201. Acquire first user fingerprint data, set a first authentication key and a first encryption algorithm, and store first user fingerprint data, a first authentication key, and an encryption algorithm.

在本发明提出的技术方案中,利用用户的指纹数据对终端设备进行鉴权和认证,用户分别在终端设备和智能家居设备中录入第一用户指纹数据和第二用户指纹数据,在智能家居设备中第二用户指纹数据跟该终端设备的IMEI 绑定。同一用户在终端设备录入的第一用户指纹数据和在智能家居设备录入的第二用户指纹数据应一致,以便于智能家居设备对终端设备进行认证。In the technical solution proposed by the present invention, the terminal device is authenticated and authenticated by using the fingerprint data of the user, and the user inputs the first user fingerprint data and the second user fingerprint data in the terminal device and the smart home device respectively, in the smart home device. The second user fingerprint data and the IMEI of the terminal device Bind. The first user fingerprint data entered by the same user in the terminal device and the second user fingerprint data entered in the smart home device should be consistent, so that the smart home device authenticates the terminal device.

终端设备可分为主人终端设备和访客终端设备,访客终端设备是为家中作客的客人提供方便而授权使用的终端设备。主人终端设备的用户指纹数据为家庭主人的指纹数据,访客终端设备的用户指纹数据可以为主人或访客的指纹数据,若主人同时在主人终端设备和访客终端设备中录入指纹,则应录入不同手指以示区分。The terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home. The user fingerprint data of the host terminal device is the fingerprint data of the home owner, and the user fingerprint data of the guest terminal device may be the fingerprint data of the host or the visitor. If the owner simultaneously enters the fingerprint in the owner terminal device and the guest terminal device, the different fingers should be entered. To distinguish.

S202、设置终端设备的访问期限T。S202. Set an access period T of the terminal device.

主人终端设备一般为永久访问权限,访问期限为无限长,访客终端设备一般为临时访问权限,超过访问期限后,访客终端设备的访问权限自动取消。因此,可在终端设备中设定访问期限T,超过访问期限T则取消该终端设备认证,针对不同的智能家居设备可为访客终端设备设置不同的访问期限T。The master terminal device is generally a permanent access right, the access period is infinitely long, and the guest terminal device is generally a temporary access right. After the access period is exceeded, the access right of the guest terminal device is automatically canceled. Therefore, the access period T can be set in the terminal device, and the terminal device authentication is cancelled when the access period T is exceeded, and the different access period T can be set for the guest terminal device for different smart home devices.

S203、接收用户输入的智能家居控制命令,判断是否在访问期限T内。S203. Receive a smart home control command input by the user, and determine whether it is within the access period T.

判断接收到用户输入的智能家居控制命令的时间是否在访问期限T内,若在访问期限T内,说明该终端设备具有访问权限,可开始认证;若不在访问期限T内,则该终端设备已无访问权限,取消该终端设备认证。Determining whether the time of receiving the smart home control command input by the user is within the access period T. If the terminal device has the access right within the access period T, the authentication may be started; if not within the access period T, the terminal device has Without access, cancel the terminal device authentication.

S204、若在访问期限T内,根据智能家居控制命令生成发送给智能家居设备的控制消息。S204. If the access period T is within the control period, generate a control message sent to the smart home device according to the smart home control command.

若在访问期限T内,说明该终端设备具有访问权限,根据用户的控制命令生成发送到智能家居设备的控制消息,该控制消息用于指示智能家居设备根据用户的命令实现相关控制操作。If the terminal device has the access right within the access period T, the control message sent to the smart home device is generated according to the control command of the user, and the control message is used to instruct the smart home device to implement the related control operation according to the user's command.

S205、使用存储的第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密。S205. Encrypt the first user fingerprint data and the IMEI of the terminal device by using the stored first authentication key and an encryption algorithm.

终端设备生成发送给智能家居设备的控制消息之后,使用安全启动模块中存储的第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密。在具体实现中,一般发送部分第一用户指纹数据用于终端设备认 证,终端设备可以截取第一用户指纹数据中的指定部分,得到采样的第一用户指纹数据,使用在安全启动模块中存储的第一认证密钥和加密算法对该采样的第一用户指纹数据进行加密,并同时对IMEI进行加密。After the terminal device generates the control message sent to the smart home device, the first user fingerprint data and the IMEI of the terminal device are encrypted by using the first authentication key and the encryption algorithm stored in the secure boot module. In a specific implementation, a part of the first user fingerprint data is generally sent for the terminal device to recognize The terminal device may intercept the specified part of the first user fingerprint data, obtain the sampled first user fingerprint data, and use the first authentication key and the encryption algorithm stored in the secure startup module to sample the first user fingerprint data. Encrypt and encrypt the IMEI at the same time.

S206、将认证数据发送给智能家居设备,以触发智能家居设备根据认证数据实现终端设备认证,其中,认证数据包括加密后的第一用户指纹数据、加密后的IMEI和控制消息。S206: Send the authentication data to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.

当终端设备对第一用户指纹数据(或采样的第一用户指纹数据)和IMEI进行加密之后,将该通过加密的第一用户指纹数据、IMEI和在步骤S204中生成的控制消息组成认证数据发送给智能家居设备,该认证数据触发智能家居设备实现终端设备认证。在具体实现中,终端设备与智能家居设备之间的通讯消息需要通过智能路由设备转发,终端设备将认证数据发送到智能路由设备,再由智能路由设备将认证数据转发给智能家居设备。After the terminal device encrypts the first user fingerprint data (or the sampled first user fingerprint data) and the IMEI, the first user fingerprint data, the IMEI, and the control message generated in step S204 are configured to be sent into the authentication data. For smart home devices, the authentication data triggers smart home devices to implement terminal device authentication. In a specific implementation, the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and then the intelligent routing device forwards the authentication data to the smart home device.

进一步的,在终端设备设置访问期限T之后,终端设备应在T时间后可以删除存储的用户指纹数据,以节省终端设备的存储空间和更好的控制终端设备的访问权限。Further, after the terminal device sets the access period T, the terminal device may delete the stored user fingerprint data after the T time, so as to save storage space of the terminal device and better control access rights of the terminal device.

可见,本发明提出的技术方案采用了用户指纹匹配和数据加密相结合的方法对控制智能家居系统的终端进行认证,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统,是一种安全性较高的终端设备认证机制。进一步的,若终端设备在访问期限T内收到用户的智能终端控制命令则开始终端设备认证,即向智能家居设备发送认证数据,否则取消终端设备认证,可以有效控制终端设备的访问权限,进一步增强了智能家居系统的安全性。It can be seen that the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism. Further, if the terminal device receives the smart terminal control command of the user within the access period T, the terminal device authentication is started, that is, the authentication data is sent to the smart home device, otherwise the terminal device authentication is cancelled, and the access authority of the terminal device can be effectively controlled, and further Enhance the security of smart home systems.

本发明实施例三提供一种智能家居系统的设备认证的方法,用于智能家居设备中,如图4所示,本发明实施例三提供的一种智能家居系统的设备认证的方法可以包括以下步骤:The third embodiment of the present invention provides a method for device authentication of a smart home system, which is used in a smart home device. As shown in FIG. 4, a method for device authentication of a smart home system according to Embodiment 3 of the present invention may include the following. step:

S301、获取终端设备的第二用户指纹数据,设置终端设备的第二认证密 钥和解密算法,并存储终端设备的IMEI、第二用户指纹数据、第二认证密钥和解密算法。S301. Acquire second user fingerprint data of the terminal device, and set a second authentication password of the terminal device. The key and decryption algorithm, and store the IMEI of the terminal device, the second user fingerprint data, the second authentication key, and the decryption algorithm.

智能家居系统中的终端设备控制和管理智能家居设备必须经过智能家居设备认证,本发明实施例提出了一种指纹匹配和数据加密相结合的方法实现对终端设备的认证。The terminal device in the smart home system controls and manages the smart home device to be authenticated by the smart home device. The embodiment of the invention provides a method for combining fingerprint matching and data encryption to implement authentication of the terminal device.

首先,终端设备和智能家居设备应获取用于认证终端设备的用户指纹数据,用户在终端设备中录入的为第一用户指纹数据,在智能家居设备中录入的为第二用户指纹数据,在智能家居设备中第二用户指纹数据跟该终端设备的IMEI绑定。在本发明提出的技术方案中,利用用户的指纹数据对终端设备进行鉴权和认证,用户分别在终端设备和智能家居设备中录入第一用户指纹数据和第二用户指纹数据,同一用户在终端设备录入的第一用户指纹数据和在智能家居设备录入的第二用户指纹数据应一致,以便于智能家居设备对终端设备进行认证。First, the terminal device and the smart home device should obtain user fingerprint data for authenticating the terminal device, where the user enters the first user fingerprint data in the terminal device, and the second user fingerprint data is entered in the smart home device, in the smart The second user fingerprint data in the home device is bound to the IMEI of the terminal device. In the technical solution proposed by the present invention, the terminal device is authenticated and authenticated by using the fingerprint data of the user, and the user inputs the first user fingerprint data and the second user fingerprint data in the terminal device and the smart home device respectively, and the same user is at the terminal. The first user fingerprint data entered by the device and the second user fingerprint data entered in the smart home device should be consistent, so that the smart home device authenticates the terminal device.

终端设备可分为主人终端设备和访客终端设备,访客终端设备是为家中作客的客人提供方便而授权使用的终端设备。主人终端设备的用户指纹数据为家庭主人的指纹数据,访客终端设备的用户指纹数据可以为主人或访客的指纹数据,若主人同时在主人终端设备和访客终端设备中录入指纹,则应录入不同手指以示区分。The terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home. The user fingerprint data of the host terminal device is the fingerprint data of the home owner, and the user fingerprint data of the guest terminal device may be the fingerprint data of the host or the visitor. If the owner simultaneously enters the fingerprint in the owner terminal device and the guest terminal device, the different fingers should be entered. To distinguish.

此外,智能家居设备中设置第二认证密钥和解密算法,用于对终端设备发送的第一用户指纹数据和终端的IMEI解密。其中,对同一个终端设备,智能家居设备中设置的解密算法和终端设备中设置的加密算法为逆运算算法,以保证成功解密。第二认证密钥可以是公共密钥也可以是每个终端设备不同的私有密钥,第二认证密钥解密算法可以是固定设置的也可以是在终端设备和智能家居设备之间协商可变的,对具体如何设置认证密钥和加解密算法本发明实施例不予限定。In addition, a second authentication key and a decryption algorithm are set in the smart home device for decrypting the first user fingerprint data sent by the terminal device and the IMEI of the terminal. The decryption algorithm set in the smart device and the encryption algorithm set in the terminal device are inverse algorithms for the same terminal device to ensure successful decryption. The second authentication key may be a public key or a different private key of each terminal device, and the second authentication key decryption algorithm may be fixedly set or may be negotiated between the terminal device and the smart home device. The embodiment of the present invention is not limited to how to set the authentication key and the encryption and decryption algorithm.

第二用户指纹数据、第二认证密钥和解密算法可存储在智能家居设备中可保证数据安全的安全启动(Security Boot)模块中。The second user fingerprint data, the second authentication key, and the decryption algorithm may be stored in a Security Boot module in the smart home device that can ensure data security.

S302、接收终端设备发送的认证数据,使用存储的终端设备的第二认证 密钥和解密算法对终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密。S302. Receive authentication data sent by the terminal device, and use the second authentication of the stored terminal device. The key and decryption algorithm decrypts the first user fingerprint data and the IMEI in the authentication data sent by the terminal device.

在具体实现中,终端设备与智能家居设备之间的通讯消息需要通过智能路由设备转发,终端设备将认证数据发送到智能路由设备,由智能路由设备将认证数据转发给智能家居设备,智能家居设备从智能路由设备处接收终端设备发送的认证数据。In a specific implementation, the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and the intelligent routing device forwards the authentication data to the smart home device, and the smart home device The authentication data sent by the terminal device is received from the intelligent routing device.

当智能家居设备接收到终端设备发送的认证数据时,首先使用存储的第二认证密钥和解密算法对该终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密。When the smart home device receives the authentication data sent by the terminal device, first decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the stored second authentication key and the decryption algorithm.

S303、对解密后的IMEI进行校验,并且对解密后的第一用户指纹数据进行校验。S303. Perform verification on the decrypted IMEI, and verify the decrypted first user fingerprint data.

智能家居设备对认证数据中的第一用户指纹数据和IMEI进行解密之后,对解密后的IMEI进行校验,并且对解密后的第一用户指纹数据进行校验。After the smart home device decrypts the first user fingerprint data and the IMEI in the authentication data, the decrypted IMEI is verified, and the decrypted first user fingerprint data is verified.

智能家居设备首先校验IMEI,方法是将解密后的IMEI与存储的终端设备的IMEI进行比较,若解密后的IMEI与存储的终端设备的IMEI一致,则判断解密后的IMEI通过校验,若解密后的IMEI与存储的终端设备的IMEI不一致,则判断解密后的IMEI未通过校验。The smart home device first verifies the IMEI by comparing the decrypted IMEI with the stored IMEI of the terminal device. If the decrypted IMEI is consistent with the IMEI of the stored terminal device, it is determined that the decrypted IMEI passes the verification. If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI has not passed the verification.

然后智能家居设备根据该IMEI绑定的第二用户指纹数据校验第一用户指纹数据,在具体实现中,通常使用部分用户指纹数据作为终端设备认证的依据,智能家居设备截取与该IMEI绑定的第二用户指纹数据中的指定部分,以得到采样的第二用户指纹数据,将解密后的第一用户指纹数据与采样的第二用户指纹数据进行比较,若解密后的第一用户指纹数据与采样的第二用户指纹数据一致,则判断解密后的第一用户指纹数据通过校验,若解密后的第一用户指纹数据与采样的第二用户指纹数据不一致,则判断解密后的第一用户指纹数据未通过校验。The smart home device then verifies the first user fingerprint data according to the second user fingerprint data bound by the IMEI. In a specific implementation, part of the user fingerprint data is generally used as a basis for terminal device authentication, and the smart home device intercepts the IMEI binding. a specified part of the second user fingerprint data to obtain the sampled second user fingerprint data, and compare the decrypted first user fingerprint data with the sampled second user fingerprint data, if the decrypted first user fingerprint data Consistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data passes the verification, and if the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, determining the first decrypted data User fingerprint data failed verification.

S304、判断解密后的IMEI和解密后的第一用户指纹数据是否通过校验。S304. Determine whether the decrypted IMEI and the decrypted first user fingerprint data pass the verification.

S305、若解密后的IMEI和解密后的第一用户指纹数据通过校验,终端设备认证成功,根据认证数据中的控制消息执行用户的控制命令。 S305. If the decrypted IMEI and the decrypted first user fingerprint data pass the verification, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data.

若解密后的IMEI和解密后的第一用户指纹数据通过上述校验,则智能家居设备判断终端设备认证成功,根据认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI and the decrypted first user fingerprint data pass the above verification, the smart home device determines that the terminal device authentication is successful, and executes the user's control command according to the control message in the authentication data.

S306、若解密后的IMEI未通过校验或解密后的第一用户指纹数据未通过校验,终端设备认证失败,不根据认证数据中的控制消息执行用户的控制命令。S306. If the first user fingerprint data that has not passed the verification or decryption of the decrypted IMEI fails the verification, the terminal device fails to authenticate, and the control command of the user is not executed according to the control message in the authentication data.

若解密后的IMEI未通过校验,或者解密后的第一用户指纹数据未通过上述校验,则终端设备认证失败,不根据认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI fails the verification, or the decrypted first user fingerprint data fails the above verification, the terminal device authentication fails, and the user's control command is not executed according to the control message in the authentication data.

可见,本发明提出的技术方案采用了用户指纹匹配和数据加密相结合的方法对控制智能家居系统的终端进行认证,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统,是一种安全性较高的终端设备认证机制。It can be seen that the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism.

本发明实施例四提供一种智能家居系统的设备认证的方法,用于智能家居设备中,如图5所示,本发明实施例四提供的一种智能家居系统的设备认证的方法可以包括以下步骤:A fourth embodiment of the present invention provides a method for device authentication of a smart home system, which is used in a smart home device. As shown in FIG. 5, a method for device authentication of a smart home system according to Embodiment 4 of the present invention may include the following. step:

S401、获取终端设备的第二用户指纹数据,设置终端设备的第二认证密钥和解密算法,并存储终端设备的IMEI、第二用户指纹数据、第二认证密钥和解密算法。S401. Acquire second user fingerprint data of the terminal device, set a second authentication key and a decryption algorithm of the terminal device, and store the IMEI of the terminal device, the second user fingerprint data, the second authentication key, and a decryption algorithm.

首先,终端设备和智能家居设备应获取用于认证终端设备的用户指纹数据,用户在终端设备中录入的为第一用户指纹数据,在智能家居设备中录入的为第二用户指纹数据,在智能家居设备中第二用户指纹数据跟该终端设备的IMEI绑定。同一用户在终端设备录入的第一用户指纹数据和在智能家居设备录入的第二用户指纹数据应一致,以便于智能家居设备对终端设备进行认证。First, the terminal device and the smart home device should obtain user fingerprint data for authenticating the terminal device, where the user enters the first user fingerprint data in the terminal device, and the second user fingerprint data is entered in the smart home device, in the smart The second user fingerprint data in the home device is bound to the IMEI of the terminal device. The first user fingerprint data entered by the same user in the terminal device and the second user fingerprint data entered in the smart home device should be consistent, so that the smart home device authenticates the terminal device.

此外,智能家居设备中设置第二认证密钥和解密算法,用于对终端设备发送的第一用户指纹数据和终端的IMEI解密。其中,对同一个终端设备,智能家居设备中设置的解密算法和终端设备中设置的加密算法为逆运算算法, 以保证成功解密。第二认证密钥可以是公共密钥也可以是每个终端设备不同的私有密钥,第二认证密钥解密算法可以是固定设置的也可以是在终端设备和智能家居设备之间协商可变的,对具体如何设置认证密钥和加解密算法本发明实施例不予限定。In addition, a second authentication key and a decryption algorithm are set in the smart home device for decrypting the first user fingerprint data sent by the terminal device and the IMEI of the terminal. Wherein, the decryption algorithm set in the smart device and the encryption algorithm set in the terminal device are inverse algorithms for the same terminal device, To ensure successful decryption. The second authentication key may be a public key or a different private key of each terminal device, and the second authentication key decryption algorithm may be fixedly set or may be negotiated between the terminal device and the smart home device. The embodiment of the present invention is not limited to how to set the authentication key and the encryption and decryption algorithm.

S402、设置终端设备的访问期限T。S402. Set an access period T of the terminal device.

终端设备可分为主人终端设备和访客终端设备,访客终端设备是为家中作客的客人提供方便而授权使用的终端设备。主人终端设备一般为永久访问权限,访问期限为无限长,访客终端设备一般为临时访问权限,超过访问期限后,访客终端设备的访问权限自动取消。因此,智能家居设备可为终端设备中设定访问期限T,超过访问期限T则取消该终端设备认证,针对不同的智能家居设备可为访客终端设备设置不同的访问期限T,设定的访问期限T跟终端的IMEI绑定。The terminal device can be divided into a host terminal device and a guest terminal device, and the guest terminal device is a terminal device that provides convenience and authorization for the guest who is a guest at home. The master terminal device is generally a permanent access right, the access period is infinitely long, and the guest terminal device is generally a temporary access right. After the access period is exceeded, the access right of the guest terminal device is automatically canceled. Therefore, the smart home device can set the access period T for the terminal device. If the access period T is exceeded, the terminal device authentication is cancelled. For different smart home devices, different access periods T can be set for the guest terminal device, and the set access period is set. T is bound to the IMEI of the terminal.

S403、接收终端设备发送的认证数据,使用存储的终端设备的第二认证密钥和解密算法对终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密。S403. Receive authentication data sent by the terminal device, and decrypt the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the second authentication key and the decryption algorithm of the stored terminal device.

在具体实现中,终端设备与智能家居设备之间的通讯消息需要通过智能路由设备转发,终端设备将认证数据发送到智能路由设备,由智能路由设备将认证数据转发给智能家居设备,智能家居设备从智能路由设备处接收终端设备发送的认证数据。In a specific implementation, the communication message between the terminal device and the smart home device needs to be forwarded by the intelligent routing device, and the terminal device sends the authentication data to the intelligent routing device, and the intelligent routing device forwards the authentication data to the smart home device, and the smart home device The authentication data sent by the terminal device is received from the intelligent routing device.

当智能家居设备接收到终端设备发送的认证数据时,首先使用存储的第二认证密钥和解密算法对该终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密。When the smart home device receives the authentication data sent by the terminal device, first decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the stored second authentication key and the decryption algorithm.

S404、对解密后的IMEI进行校验。S404. Perform verification on the decrypted IMEI.

智能家居设备首先校验IMEI,方法是将解密后的IMEI与存储的终端设备的IMEI进行比较,若解密后的IMEI与存储的终端设备的IMEI一致,则判断解密后的IMEI通过校验,若解密后的IMEI与存储的终端设备的IMEI不一致,则判断解密后的IMEI未通过校验。The smart home device first verifies the IMEI by comparing the decrypted IMEI with the stored IMEI of the terminal device. If the decrypted IMEI is consistent with the IMEI of the stored terminal device, it is determined that the decrypted IMEI passes the verification. If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI has not passed the verification.

S405、判断解密后的IMEI是否通过校验。 S405. Determine whether the decrypted IMEI passes the verification.

若解密后的IMEI校验失败,则智能家居设备判断终端设备认证失败,不根据认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI check fails, the smart home device determines that the terminal device authentication fails, and does not execute the user's control command according to the control message in the authentication data.

S406、若解密后的IMEI通过校验,判断接收认证数据的时间是否在终端设备的访问期限T内。S406. If the decrypted IMEI passes the verification, determine whether the time for receiving the authentication data is within the access period T of the terminal device.

若解密后的IMEI通过校验,智能终端设备获取与该IMEI绑定的访问期限T,校验该终端设备是否具有访问权限,即是否在访问期限内。If the decrypted IMEI passes the verification, the smart terminal device acquires the access period T bound to the IMEI, and verifies whether the terminal device has the access right, that is, whether it is within the access period.

S407、若不在终端设备的访问期限T内,则终端设备认证失败,不根据认证数据中的控制消息执行用户的控制命令。S407. If the terminal device is not within the access period T of the terminal device, the terminal device authentication fails, and the user's control command is not executed according to the control message in the authentication data.

若不在终端设备的访问期限T内,说明该终端设备已无访问权限,取消该终端设备认证。If it is not within the access period T of the terminal device, it indicates that the terminal device has no access right, and the terminal device authentication is cancelled.

S408、若在终端设备的访问期限T内,对解密后的第一用户指纹数据进行校验。S408. Perform verification on the decrypted first user fingerprint data if the terminal device has the access period T.

若在终端设备的访问期限T内,说明该终端设备具有访问权限,可对该终端设备进行认证。智能家居设备根据该IMEI绑定的第二用户指纹数据校验第一用户指纹数据,在具体实现中,通常使用部分用户指纹数据作为终端设备认证的依据,智能家居设备截取与该IMEI绑定的第二用户指纹数据中的指定部分,以得到采样的第二用户指纹数据,将解密后的第一用户指纹数据与采样的第二用户指纹数据进行比较,若解密后的第一用户指纹数据与采样的第二用户指纹数据一致,则判断解密后的第一用户指纹数据通过校验,若解密后的第一用户指纹数据与采样的第二用户指纹数据不一致,则判断解密后的第一用户指纹数据未通过校验。If the terminal device has access rights within the access period T of the terminal device, the terminal device can be authenticated. The smart home device verifies the first user fingerprint data according to the second user fingerprint data bound by the IMEI. In a specific implementation, part of the user fingerprint data is generally used as a basis for terminal device authentication, and the smart home device intercepts the IMEI binding. Specifying a portion of the second user fingerprint data to obtain the sampled second user fingerprint data, and comparing the decrypted first user fingerprint data with the sampled second user fingerprint data, if the decrypted first user fingerprint data and If the sampled second user fingerprint data is consistent, it is determined that the decrypted first user fingerprint data passes the verification, and if the decrypted first user fingerprint data is different from the sampled second user fingerprint data, the decrypted first user is determined. The fingerprint data did not pass the check.

S409、判断解密后的第一用户指纹数据是否通过校验。S409. Determine whether the decrypted first user fingerprint data passes the verification.

S410、若解密后的用户指纹数据通过校验,则终端认证成功,根据认证数据中的控制消息执行用户的控制命令。S410. If the decrypted user fingerprint data passes the verification, the terminal authentication is successful, and the user's control command is executed according to the control message in the authentication data.

若解密后的用户指纹数据通过校验,则智能家居设备判断终端设备认证成功,根据认证数据中的控制消息执行用户的控制命令。If the decrypted user fingerprint data passes the verification, the smart home device determines that the terminal device authentication is successful, and executes the user's control command according to the control message in the authentication data.

若解密后的用户指纹数据通过校验,则智能家居设备判断终端设备认证失败,不根据认证数据中的控制消息执行用户的控制命令。 If the decrypted user fingerprint data passes the verification, the smart home device determines that the terminal device authentication fails, and does not execute the user's control command according to the control message in the authentication data.

进一步的,在具体实施中,在智能家居设备设置终端设备的访问期限T之后,在终端设备的访问期限T时间后可以删除存储的该终端设备的用户指纹数据,以节省智能家居设备的存储空间和更好的控制终端设备的访问权限。Further, in a specific implementation, after the smart home device sets the access period T of the terminal device, the stored user fingerprint data of the terminal device may be deleted after the access period T time of the terminal device, so as to save the storage space of the smart home device. And better control access to the terminal device.

可见,本发明提出的技术方案采用了用户指纹匹配和数据加密相结合的方法对控制智能家居系统的终端进行认证,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统,是一种安全性较高的终端设备认证机制。进一步的,若智能家居设备在访问期限T内收到终端的认证数据则对终端设备进行认证,否则终端设备认证失败,这样可以有效控制终端设备的访问权限,进一步增强了智能家居系统的安全性。It can be seen that the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism. Further, if the smart home device receives the authentication data of the terminal within the access period T, the terminal device is authenticated, otherwise the terminal device authentication fails, thereby effectively controlling the access rights of the terminal device, and further enhancing the security of the smart home system. .

本发明实施例五提供了一种终端设备,用于实现本发明提出的一种智能家居系统的设备认证方法。参见图6,所述设备a00可包括接收单元a10、处理单元a20和发送单元。The fifth embodiment of the present invention provides a terminal device for implementing the device authentication method of the smart home system proposed by the present invention. Referring to FIG. 6, the device a00 may include a receiving unit a10, a processing unit a20, and a transmitting unit.

接收单元a10,用于获取第一用户指纹数据;The receiving unit a10 is configured to acquire first user fingerprint data.

处理单元a20,用于设置第一认证密钥和第一加密算法,并存储接收单元a10获取的第一用户指纹数据、第一认证密钥和加密算法;The processing unit a20 is configured to set a first authentication key and a first encryption algorithm, and store first user fingerprint data, a first authentication key, and an encryption algorithm acquired by the receiving unit a10;

接收单元a10还用于,接收用户输入的智能家居控制命令,根据智能家居控制命令生成发送给智能家居设备的控制消息;The receiving unit a10 is further configured to receive a smart home control command input by the user, and generate a control message sent to the smart home device according to the smart home control command;

处理单元a20还用于,使用存储的第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密;The processing unit a20 is further configured to encrypt the first user fingerprint data and the IMEI of the terminal device by using the stored first authentication key and an encryption algorithm;

发送单元a30,用于将认证数据发送给智能家居设备,以触发智能家居设备根据认证数据实现终端设备认证,其中,认证数据包括加密后的第一用户指纹数据、加密后的IMEI和控制消息。The sending unit a30 is configured to send the authentication data to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.

处理单元a20使用存储的第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密的具体实施方法是,截取存储的第一用户指纹数据中的指定部分,以得到采样的第一用户指纹数据;使用存储的第一认证密钥和加密算法对采样的第一用户指纹数据和IMEI进行加密。The specific implementation method for the processing unit a20 to encrypt the first user fingerprint data and the IMEI of the terminal device by using the stored first authentication key and the encryption algorithm is to intercept the specified part of the stored first user fingerprint data to obtain the sampled First user fingerprint data; the sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm.

处理单元a20还用于,设置终端设备的访问期限T;当接收单元接收到用户输入的智能家居控制命令时,判断是否在访问期限T内,若在访问期限T 内,则根据智能家居控制命令生成发送给智能家居设备的控制消息;若不在终端的访问期限T内,则结束终端设备认证。The processing unit a20 is further configured to set an access period T of the terminal device; when the receiving unit receives the smart home control command input by the user, determine whether it is within the access period T, if the access period T Then, the control message sent to the smart home device is generated according to the smart home control command; if not within the access period T of the terminal, the terminal device authentication is ended.

处理单元a20还用于,在访问期限T之后删除存储的用户指纹数据。The processing unit a20 is further configured to delete the stored user fingerprint data after the access period T.

可见,本发明提出的技术方案采用了用户指纹和数据加密相结合的方法对控制智能家居系统的终端进行认证,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统,是一种安全性较高的终端设备认证机制。It can be seen that the technical solution proposed by the present invention adopts a combination of user fingerprint and data encryption to authenticate the terminal of the smart home system, which can greatly improve the security of the smart home system, thereby preventing illegal users and terminals from intruding into the smart home system. It is a highly secure terminal device authentication mechanism.

本发明实施例六提供了一种智能家居设备,用于实现本发明提出的一种智能家居系统的设备认证方法。参见图7,所述设备b00可包括接收单元b10和处理单元b20。The sixth embodiment of the present invention provides a smart home device for implementing the device authentication method of the smart home system proposed by the present invention. Referring to FIG. 7, the device b00 may include a receiving unit b10 and a processing unit b20.

接收单元b10,用于获取终端设备的第二用户指纹数据;a receiving unit b10, configured to acquire second user fingerprint data of the terminal device;

处理单元b20,用于设置终端设备的第二认证密钥和解密算法,并存储终端设备的IMEI、接收单元b10获取的第二用户指纹数据、第二认证密钥和解密算法;a processing unit b20, configured to set a second authentication key and a decryption algorithm of the terminal device, and store an IMEI of the terminal device, second user fingerprint data acquired by the receiving unit b10, a second authentication key, and a decryption algorithm;

接收单元b10还用于,接收终端设备发送的认证数据;The receiving unit b10 is further configured to receive the authentication data sent by the terminal device;

处理单元b20还用于:The processing unit b20 is further configured to:

使用存储的终端设备的第二认证密钥和解密算法对终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密;Decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the second authentication key and the decryption algorithm of the stored terminal device;

对解密后的IMEI进行校验,并且对解密后的第一用户指纹数据进行校验;Performing verification on the decrypted IMEI, and verifying the decrypted first user fingerprint data;

若解密后的IMEI通过校验,并且解密后的第一用户指纹数据通过校验,则终端设备认证成功,根据认证数据中的控制消息执行用户的控制命令;If the decrypted IMEI passes the verification, and the decrypted first user fingerprint data passes the verification, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;

若解密后的IMEI未通过校验,或者解密后的第一用户指纹数据未通过校验,则终端设备认证失败,不根据认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI fails the verification, or the decrypted first user fingerprint data fails the verification, the terminal device authentication fails, and the user's control command is not executed according to the control message in the authentication data.

处理单元b20对解密后的IMEI进行校验的具体方法是,将解密后的IMEI与存储的终端设备的IMEI进行比较,若解密后的IMEI与存储的终端设备的IMEI一致,则判断解密后的IMEI通过校验,若解密后的IMEI与存储的终 端设备的IMEI不一致,则判断解密后的IMEI未通过校验。The specific method for the processing unit b20 to verify the decrypted IMEI is to compare the decrypted IMEI with the stored IMEI of the terminal device, and if the decrypted IMEI matches the IMEI of the stored terminal device, determine the decrypted IMEI passes verification, if the decrypted IMEI and the end of storage If the IMEI of the end device is inconsistent, it is determined that the decrypted IMEI has not passed the check.

处理单元b20对解密后的第一用户指纹数据进行校验的具体方法是,截取存储的终端设备的第二用户指纹数据中的指定部分,以得到采样的第二用户指纹数据;将解密后的第一用户指纹数据与采样的第二用户指纹数据进行比较,若解密后的第一用户指纹数据与采样的第二用户指纹数据一致,则判断解密后的第一用户指纹数据通过校验,若解密后的第一用户指纹数据与采样的第二用户指纹数据不一致,则判断解密后的第一用户指纹数据未通过校验。The specific method for verifying the decrypted first user fingerprint data by the processing unit b20 is: intercepting a specified part of the second user fingerprint data of the stored terminal device to obtain the sampled second user fingerprint data; Comparing the first user fingerprint data with the sampled second user fingerprint data, and if the decrypted first user fingerprint data is consistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data passes the verification, if After the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, it is determined that the decrypted first user fingerprint data fails the verification.

处理单元b20还用于,设置终端设备的访问期限T;The processing unit b20 is further configured to set an access period T of the terminal device;

判断接收到终端设备发送的认证数据的时间是否在终端设备的访问期限T内,若不在终端设备的访问期限T内,终端设备认证失败;Determining whether the time for receiving the authentication data sent by the terminal device is within the access period T of the terminal device, and if not within the access period T of the terminal device, the terminal device authentication fails;

若在终端设备的访问期限T内,则对解密后的第一用户指纹数据进行校验,若解密后的用户指纹数据通过校验,则终端认证成功,若解密后的第一用户指纹数据未通过校验,则终端设备认证失败。If the access period T of the terminal device is within the time limit, the decrypted first user fingerprint data is verified. If the decrypted user fingerprint data passes the verification, the terminal authentication succeeds, and if the decrypted first user fingerprint data is not After verification, the terminal device authentication fails.

处理单元b20还用于,在终端设备的访问期限T之后删除存储的终端设备的第二用户指纹数据。The processing unit b20 is further configured to delete the second user fingerprint data of the stored terminal device after the access period T of the terminal device.

可见,本发明提出的技术方案采用了用户指纹匹配和数据加密相结合的方法对控制智能家居系统的终端进行认证,可以大大提高智能家居系统的安全性,从而避免非法用户和终端侵入智能家居系统,是一种安全性较高的终端设备认证机制。It can be seen that the technical solution proposed by the present invention adopts a combination of user fingerprint matching and data encryption to authenticate the terminal of the smart home system, thereby greatly improving the security of the smart home system, thereby preventing the illegal user and the terminal from intruding into the smart home system. Is a highly secure terminal device authentication mechanism.

本发明实施例七提供了另一种终端设备,用于实现本发明提出的一种智能家居系统的设备认证方法。参见图8,该设备c00包括处理器c10、存储器c20、总线系统c30、接收器c40和发送器c50。其中,处理器c10、存储器c20、接收器c40和发送器c50通过总线系统c30相连,该存储器c20用于存储指令,该处理器c10用于执行该存储器c20存储的指令,以控制接收器c40接收信号,并控制发送器c50发送信号,完成上述移动支付方法中的步骤。其中,接收器c40和发送器c50可以为相同或者不同的物理实体。为相同的物理实体时,可以统称为收发器。 The seventh embodiment of the present invention provides another terminal device for implementing the device authentication method of the smart home system proposed by the present invention. Referring to Figure 8, the device c00 includes a processor c10, a memory c20, a bus system c30, a receiver c40, and a transmitter c50. The processor c10, the memory c20, the receiver c40 and the transmitter c50 are connected by a bus system c30 for storing instructions for executing the instructions stored in the memory c20 to control the receiver c40 to receive. Signal, and control transmitter c50 to send a signal to complete the steps in the above mobile payment method. The receiver c40 and the transmitter c50 may be the same or different physical entities. When they are the same physical entity, they can be collectively referred to as transceivers.

该设备c00完成的方法步骤至少可以包括:The method steps performed by the device c00 may at least include:

获取第一用户指纹数据,设置第一认证密钥和第一加密算法,并存储第一用户指纹数据、第一认证密钥和加密算法;Obtaining first user fingerprint data, setting a first authentication key and a first encryption algorithm, and storing first user fingerprint data, a first authentication key, and an encryption algorithm;

接收用户输入的智能家居控制命令,根据智能家居控制命令生成发送给智能家居设备的控制消息;Receiving a smart home control command input by the user, and generating a control message sent to the smart home device according to the smart home control command;

使用存储的第一认证密钥和加密算法对第一用户指纹数据和终端设备的IMEI进行加密;Encrypting the first user fingerprint data and the IMEI of the terminal device using the stored first authentication key and encryption algorithm;

将认证数据发送给智能家居设备,以触发智能家居设备根据认证数据实现终端设备认证,其中,认证数据包括加密后的第一用户指纹数据、加密后的IMEI和控制消息。The authentication data is sent to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control message.

终端设备所涉及的与本发明实施例提供的技术方案相关的概念,解释和详细说明及其他步骤请参见前述方法或实施例中关于这些内容的描述,此处不做赘述。For the concepts, explanations, detailed descriptions and other steps related to the technical solutions provided by the embodiments of the present invention, refer to the descriptions of the foregoing methods or embodiments, and no further details are provided herein.

本发明实施例八还提供了另一种智能家居设备,用于实现本发明提出的一种智能家居系统的设备认证方法。参见图9,该设备d00包括处理器d10、存储器d20、总线系统d30、接收器d40和发送器d50。其中,处理器d10、存储器d20、接收器d40和发送器d50通过总线系统d30相连,该存储器d20用于存储指令,该处理器d10用于执行该存储器d20存储的指令,以控制接收器d40接收信号,并控制发送器d50发送信号,完成上述移动支付方法中的步骤。其中,接收器d40和发送器d50可以为相同或者不同的物理实体。为相同的物理实体时,可以统称为收发器。The eighth embodiment of the present invention further provides another smart home device for implementing the device authentication method of the smart home system proposed by the present invention. Referring to Figure 9, the device d00 includes a processor d10, a memory d20, a bus system d30, a receiver d40, and a transmitter d50. The processor d10, the memory d20, the receiver d40 and the transmitter d50 are connected by a bus system d30 for storing instructions, and the processor d10 is configured to execute the instructions stored in the memory d20 to control the receiver d40 to receive Signal, and control the transmitter d50 to send a signal to complete the steps in the above mobile payment method. The receiver d40 and the transmitter d50 may be the same or different physical entities. When they are the same physical entity, they can be collectively referred to as transceivers.

该设备d00完成的方法步骤至少可以包括:The method steps performed by the device d00 may at least include:

获取终端设备的第二用户指纹数据,设置终端设备的第二认证密钥和解密算法,并存储终端设备的IMEI、第二用户指纹数据、第二认证密钥和解密算法;Obtaining second user fingerprint data of the terminal device, setting a second authentication key and a decryption algorithm of the terminal device, and storing the IMEI of the terminal device, the second user fingerprint data, the second authentication key, and a decryption algorithm;

接收终端设备发送的认证数据;使用存储的终端设备的第二认证密钥和解密算法对终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密; Receiving authentication data sent by the terminal device; decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the second authentication key and the decryption algorithm of the stored terminal device;

对解密后的IMEI进行校验,并且对解密后的第一用户指纹数据进行校验;Performing verification on the decrypted IMEI, and verifying the decrypted first user fingerprint data;

若解密后的IMEI通过校验,并且解密后的第一用户指纹数据通过校验,则终端设备认证成功,根据认证数据中的控制消息执行用户的控制命令;If the decrypted IMEI passes the verification, and the decrypted first user fingerprint data passes the verification, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data;

若解密后的IMEI未通过校验,或者解密后的第一用户指纹数据未通过校验,则终端设备认证失败,不根据认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI fails the verification, or the decrypted first user fingerprint data fails the verification, the terminal device authentication fails, and the user's control command is not executed according to the control message in the authentication data.

智能家居设备所涉及的与本发明实施例提供的技术方案相关的概念,解释和详细说明及其他步骤请参见前述方法或实施例中关于这些内容的描述,此处不做赘述。For the concepts, explanations, detailed descriptions, and other steps related to the technical solutions provided by the embodiments of the present invention, refer to the descriptions of the foregoing methods or embodiments, and no further details are provided herein.

本领域普通技术人员将会理解,本发明的各个方面、或各个方面的可能实现方式可以被具体实施为系统、方法或者计算机程序产品。此外,本发明的各方面、或各个方面的可能实现方式可以采用计算机程序产品的形式,计算机程序产品是指存储在计算机可读介质中的计算机可读程序代码。Those of ordinary skill in the art will appreciate that various aspects of the present invention, or possible implementations of various aspects, may be embodied as a system, method, or computer program product. Furthermore, aspects of the invention, or possible implementations of various aspects, may take the form of a computer program product, which is a computer readable program code stored in a computer readable medium.

计算机可读介质可以是计算机可读数据介质或者计算机可读存储介质。计算机可读存储介质包含但不限于电子、磁性、光学、电磁、红外或半导体系统、设备或者装置,或者前述的任意适当组合,如随机存取存储器(RAM)、只读存储器(ROM)、可擦除可编程只读存储器(EPROM或者快闪存储器)、光纤、便携式只读存储器(CD-ROM)。The computer readable medium can be a computer readable data medium or a computer readable storage medium. The computer readable storage medium includes, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing, such as random access memory (RAM), read only memory (ROM), Erase programmable read-only memory (EPROM or flash memory), optical fiber, portable read-only memory (CD-ROM).

计算机中的处理器读取存储在计算机可读介质中的计算机可读程序代码,使得处理器能够执行在流程图中每个步骤、或各步骤的组合中规定的功能动作;生成实施在框图的每一块、或各块的组合中规定的功能动作的装置。The processor in the computer reads the computer readable program code stored in the computer readable medium such that the processor is capable of performing the various functional steps specified in each step of the flowchart, or a combination of steps; A device that functions as specified in each block, or combination of blocks.

计算机可读程序代码可以完全在用户的计算机上执行、部分在用户的计算机上执行、作为单独的软件包、部分在用户的本地计算机上并且部分在远程计算机上,或者完全在远程计算机或者服务器上执行。也应该注意,在某些替代实施方案中,在流程图中各步骤、或框图中各块所注明的功能可能不按图中注明的顺序发生。例如,依赖于所涉及的功能,接连示出的两个步骤、或两个块实际上可能被大致同时执行,或者这些块有时候可能被以相反顺序执行。 The computer readable program code can execute entirely on the user's computer, partly on the user's computer, as a separate software package, partly on the user's local computer and partly on the remote computer, or entirely on the remote computer or server. carried out. It should also be noted that in some alternative implementations, the functions noted in the various steps in the flowcharts or in the blocks in the block diagrams may not occur in the order noted. For example, two steps, or two blocks, shown in succession may be executed substantially concurrently or the blocks may be executed in the reverse order.

在本申请所提供的几个实施例中,应该理解到,所揭露的装置,可通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,所述功能单元的划分,仅仅为一种逻辑功能划分,具体实现时可能有其他的划分方式,例如多个单元可以结合到同一个子系统或模块中实现,或将一个单元拆分成几个单元实现,或一些实现特征可以忽略或不执行。In the several embodiments provided herein, it should be understood that the disclosed apparatus may be implemented in other ways. For example, the device embodiments described above are merely illustrative. The division of the functional units is only a logical function division. In the specific implementation, there may be other division manners, for example, multiple units may be combined into the same subsystem. Or implemented in a module, or split a unit into several unit implementations, or some implementation features can be ignored or not executed.

以上对本发明实施例公开的一种智能家居系统的设备认证方法及设备进行了详细介绍,本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。 The device authentication method and device for a smart home system disclosed in the embodiment of the present invention are described in detail. The principle and implementation manner of the present invention are described in the following. The description of the above embodiment is only for helping. The method of the present invention and its core idea are understood; at the same time, for those skilled in the art, according to the idea of the present invention, there are changes in the specific embodiments and application scopes. It should be understood that the invention is limited.

Claims (18)

一种智能家居系统的设备认证方法,用于智能家居系统的终端设备中,其特征在于,包括:A device authentication method for a smart home system, which is used in a terminal device of a smart home system, and is characterized in that: 获取第一用户指纹数据,设置第一认证密钥和第一加密算法,并存储所述第一用户指纹数据、所述第一认证密钥和加密算法;Obtaining first user fingerprint data, setting a first authentication key and a first encryption algorithm, and storing the first user fingerprint data, the first authentication key, and an encryption algorithm; 接收用户输入的智能家居控制命令,根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;Receiving a smart home control command input by the user, and generating, according to the smart home control command, a control message sent to the smart home device; 使用所述存储的第一认证密钥和加密算法对所述第一用户指纹数据和终端设备的国际移动终端标识IMEI进行加密;Encrypting the first user fingerprint data and the international mobile terminal identity IMEI of the terminal device by using the stored first authentication key and an encryption algorithm; 将认证数据发送给智能家居设备,以触发所述智能家居设备根据所述认证数据实现终端设备认证,其中,所述认证数据包括加密后的第一用户指纹数据、加密后的IMEI和所述控制消息。Sending the authentication data to the smart home device to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, the encrypted IMEI, and the control Message. 根据权利要求1所述的方法,其特征在于,所述使用所述存储的第一认证密钥和加密算法对所述用户指纹数据和IMEI进行加密,包括:The method according to claim 1, wherein said encrypting said user fingerprint data and IMEI using said stored first authentication key and encryption algorithm comprises: 截取所述存储的第一用户指纹数据中的指定部分,以得到采样的第一用户指纹数据;Intercepting a specified part of the stored first user fingerprint data to obtain sampled first user fingerprint data; 使用所述存储的第一认证密钥和加密算法对所述采样的第一用户指纹数据和IMEI进行加密。The sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm. 根据权利要求1或2所述的方法,其特征在于,在所述存储所述用户指纹数据、所述认证密钥和加密算法之后,所述方法还包括:The method according to claim 1 or 2, wherein after the storing the user fingerprint data, the authentication key and the encryption algorithm, the method further comprises: 设置终端设备的访问期限T;Setting the access period T of the terminal device; 当接收到用户输入的智能家居控制命令时,判断是否在所述访问期限T内,若在所述访问期限T内,则根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;若不在所述终端的访问期限T内,则结束终端设备认证。When receiving the smart home control command input by the user, determining whether it is within the access period T, if within the access period T, generating a control message sent to the smart home device according to the smart home control command If it is not within the access period T of the terminal, the terminal device authentication is ended. 根据权利要求3所述的方法,其特征在于,在所述设置访问期限T的步骤之后,所述方法还包括:The method according to claim 3, wherein after the step of setting the access period T, the method further comprises: 在所述访问期限T之后删除所述存储的用户指纹数据。 The stored user fingerprint data is deleted after the access period T. 一种智能家居系统的设备认证的方法,用于智能家居设备中,其特征在于,包括:A device authentication method for a smart home system, which is used in a smart home device, and includes: 获取终端设备的第二用户指纹数据,设置终端设备的第二认证密钥和解密算法,并存储所述终端设备的IMEI、所述第二用户指纹数据、所述第二认证密钥和解密算法;Obtaining second user fingerprint data of the terminal device, setting a second authentication key and a decryption algorithm of the terminal device, and storing the IMEI of the terminal device, the second user fingerprint data, the second authentication key, and a decryption algorithm ; 接收终端设备发送的认证数据;Receiving authentication data sent by the terminal device; 使用所述存储的终端设备的第二认证密钥和解密算法对所述终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密;Decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the second authentication key and the decryption algorithm of the stored terminal device; 对所述解密后的IMEI进行校验,并且对所述解密后的第一用户指纹数据进行校验;Performing verification on the decrypted IMEI, and verifying the decrypted first user fingerprint data; 若所述解密后的IMEI通过校验,并且所述解密后的第一用户指纹数据通过校验,则所述终端设备认证成功,根据所述认证数据中的控制消息执行用户的控制命令;If the decrypted IMEI passes the check, and the decrypted first user fingerprint data passes the check, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data; 若所述解密后的IMEI未通过校验,或者所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败,不根据所述认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI fails the verification, or the decrypted first user fingerprint data fails the verification, the terminal device fails to be authenticated, and the user's control is not performed according to the control message in the authentication data. command. 根据权利要求5所述的方法,其特征在于,所述对所述解密后的IMEI进行校验,包括:The method according to claim 5, wherein the verifying the decrypted IMEI comprises: 将所述解密后的IMEI与所述存储的终端设备的IMEI进行比较,若所述解密后的IMEI与所述存储的终端设备的IMEI一致,则判断所述解密后的IMEI通过校验,若所述解密后的IMEI与所述存储的终端设备的IMEI不一致,则判断所述解密后的IMEI未通过校验。Comparing the decrypted IMEI with the IMEI of the stored terminal device, and if the decrypted IMEI matches the IMEI of the stored terminal device, determining that the decrypted IMEI passes the verification, if If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI fails the verification. 根据权利要求5所述的方法,其特征在于,所述对所述解密后的第一用户指纹数据进行校验,包括:The method according to claim 5, wherein the verifying the decrypted first user fingerprint data comprises: 截取所述存储的终端设备的第二用户指纹数据中的指定部分,以得到采样的第二用户指纹数据; Obtaining a specified part of the second user fingerprint data of the stored terminal device to obtain sampled second user fingerprint data; 将所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据进行比较,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据一致,则判断所述解密后的第一用户指纹数据通过校验,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据不一致,则判断所述解密后的第一用户指纹数据未通过校验。Comparing the decrypted first user fingerprint data with the sampled second user fingerprint data, and if the decrypted first user fingerprint data is consistent with the sampled second user fingerprint data, determining the location Determining, the decrypted first user fingerprint data is verified, and if the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data fails check. 根据权利要求5至7任一项所述的方法,其特征在于,在所述存储所述终端设备的IMEI、所述第二用户指纹数据、所述第二认证密钥和解密算法的步骤之后,所述方法还包括:The method according to any one of claims 5 to 7, wherein after the step of storing the IMEI of the terminal device, the second user fingerprint data, the second authentication key, and a decryption algorithm The method further includes: 设置所述终端设备的访问期限T;Setting an access period T of the terminal device; 在所述解密后的IMEI通过校验之后,所述方法还包括:After the decrypted IMEI passes the verification, the method further includes: 判断接收到所述终端设备发送的认证数据的时间是否在所述终端设备的访问期限T内,若不在所述终端设备的访问期限T内,所述终端设备认证失败;Determining whether the time when the authentication data sent by the terminal device is received is within the access period T of the terminal device; if not within the access period T of the terminal device, the terminal device fails to be authenticated; 若在所述终端设备的访问期限T内,则对所述解密后的第一用户指纹数据进行校验,若所述解密后的用户指纹数据通过校验,则终端认证成功,若所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败。And if the decrypted first user fingerprint data is verified within the access period T of the terminal device, if the decrypted user fingerprint data passes the verification, the terminal authentication succeeds, if the decryption After the first user fingerprint data fails the verification, the terminal device authentication fails. 根据权利要求8所述的方法,其特征在于,在所述设置所述终端设备的访问期限T之后,所述方法还包括:The method according to claim 8, wherein after the setting the access period T of the terminal device, the method further comprises: 在所述终端设备的访问期限T之后删除所述存储的终端设备的第二用户指纹数据。The second user fingerprint data of the stored terminal device is deleted after the access period T of the terminal device. 一种智能家居终端设备,其特征在于,包括:A smart home terminal device, comprising: 接收单元,用于获取第一用户指纹数据;a receiving unit, configured to acquire first user fingerprint data; 处理单元,用于设置第一认证密钥和第一加密算法,并存储所述接收单元获取的第一用户指纹数据、所述第一认证密钥和加密算法;a processing unit, configured to set a first authentication key and a first encryption algorithm, and store first user fingerprint data, the first authentication key, and an encryption algorithm acquired by the receiving unit; 所述接收单元还用于,接收用户输入的智能家居控制命令,根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;The receiving unit is further configured to receive a smart home control command input by the user, and generate a control message sent to the smart home device according to the smart home control command; 所述处理单元还用于,使用所述存储的第一认证密钥和加密算法对所述第一用户指纹数据和终端设备的IMEI进行加密; The processing unit is further configured to encrypt the first user fingerprint data and the IMEI of the terminal device by using the stored first authentication key and an encryption algorithm; 发送单元,用于将认证数据发送给智能家居设备,以触发所述智能家居设备根据所述认证数据实现终端设备认证,其中,所述认证数据包括加密后的第一用户指纹数据、加密后的IMEI和所述控制消息。a sending unit, configured to send the authentication data to the smart home device, to trigger the smart home device to implement terminal device authentication according to the authentication data, where the authentication data includes the encrypted first user fingerprint data, and the encrypted IMEI and the control message. 根据权利要求10所述的设备,其特征在于,所述处理单元具体用于:The device according to claim 10, wherein the processing unit is specifically configured to: 截取所述存储的第一用户指纹数据中的指定部分,以得到采样的第一用户指纹数据;Intercepting a specified part of the stored first user fingerprint data to obtain sampled first user fingerprint data; 使用所述存储的第一认证密钥和加密算法对所述采样的第一用户指纹数据和IMEI进行加密。The sampled first user fingerprint data and IMEI are encrypted using the stored first authentication key and encryption algorithm. 根据权利要求10或11所述的设备,其特征在于,所述处理单元还用于:The device according to claim 10 or 11, wherein the processing unit is further configured to: 设置终端设备的访问期限T;Setting the access period T of the terminal device; 当所述接收单元接收到用户输入的智能家居控制命令时,判断是否在所述访问期限T内,若在所述访问期限T内,则根据所述智能家居控制命令生成发送给所述智能家居设备的控制消息;若不在所述终端的访问期限T内,则结束终端设备认证。When the receiving unit receives the smart home control command input by the user, determining whether it is within the access period T, if it is within the access period T, generating and transmitting to the smart home according to the smart home control command The control message of the device; if not within the access period T of the terminal, the terminal device authentication is ended. 根据权利要求12所述的设备,其特征在于,所述处理单元还用于:The device according to claim 12, wherein the processing unit is further configured to: 在所述访问期限T之后删除所述存储的用户指纹数据。The stored user fingerprint data is deleted after the access period T. 一种智能家居设备,其特征在于,包括:A smart home device, comprising: 接收单元,用于获取终端设备的第二用户指纹数据;a receiving unit, configured to acquire second user fingerprint data of the terminal device; 处理单元,用于设置终端设备的第二认证密钥和解密算法,并存储所述终端设备的IMEI、所述接收单元获取的第二用户指纹数据、所述第二认证密钥和解密算法;a processing unit, configured to set a second authentication key and a decryption algorithm of the terminal device, and store an IMEI of the terminal device, second user fingerprint data acquired by the receiving unit, the second authentication key, and a decryption algorithm; 所述接收单元还用于,接收终端设备发送的认证数据;The receiving unit is further configured to receive authentication data sent by the terminal device; 所述处理单元还用于:The processing unit is further configured to: 使用所述存储的终端设备的第二认证密钥和解密算法对所述终端设备发送的认证数据中的第一用户指纹数据和IMEI进行解密;Decrypting the first user fingerprint data and the IMEI in the authentication data sent by the terminal device by using the second authentication key and the decryption algorithm of the stored terminal device; 对所述解密后的IMEI进行校验,并且对所述解密后的第一用户指纹数据 进行校验;Performing verification on the decrypted IMEI, and performing the decrypted first user fingerprint data Perform verification 若所述解密后的IMEI通过校验,并且所述解密后的第一用户指纹数据通过校验,则所述终端设备认证成功,根据所述认证数据中的控制消息执行用户的控制命令;If the decrypted IMEI passes the check, and the decrypted first user fingerprint data passes the check, the terminal device is successfully authenticated, and the user's control command is executed according to the control message in the authentication data; 若所述解密后的IMEI未通过校验,或者所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败,不根据所述认证数据中的控制消息执行用户的控制命令。If the decrypted IMEI fails the verification, or the decrypted first user fingerprint data fails the verification, the terminal device fails to be authenticated, and the user's control is not performed according to the control message in the authentication data. command. 根据权利要求14所述的设备,其特征在于,所述处理单元具体用于:The device according to claim 14, wherein the processing unit is specifically configured to: 将所述解密后的IMEI与所述存储的终端设备的IMEI进行比较,若所述解密后的IMEI与所述存储的终端设备的IMEI一致,则判断所述解密后的IMEI通过校验,若所述解密后的IMEI与所述存储的终端设备的IMEI不一致,则判断所述解密后的IMEI未通过校验。Comparing the decrypted IMEI with the IMEI of the stored terminal device, and if the decrypted IMEI matches the IMEI of the stored terminal device, determining that the decrypted IMEI passes the verification, if If the decrypted IMEI does not match the IMEI of the stored terminal device, it is determined that the decrypted IMEI fails the verification. 根据权利要求14所述的设备,其特征在于,所述处理单元具体用于:The device according to claim 14, wherein the processing unit is specifically configured to: 截取所述存储的终端设备的第二用户指纹数据中的指定部分,以得到采样的第二用户指纹数据;Obtaining a specified part of the second user fingerprint data of the stored terminal device to obtain sampled second user fingerprint data; 将所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据进行比较,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据一致,则判断所述解密后的第一用户指纹数据通过校验,若所述解密后的第一用户指纹数据与所述采样的第二用户指纹数据不一致,则判断所述解密后的第一用户指纹数据未通过校验。Comparing the decrypted first user fingerprint data with the sampled second user fingerprint data, and if the decrypted first user fingerprint data is consistent with the sampled second user fingerprint data, determining the location Determining, the decrypted first user fingerprint data is verified, and if the decrypted first user fingerprint data is inconsistent with the sampled second user fingerprint data, determining that the decrypted first user fingerprint data fails check. 根据权利要求14至16任一项所述的设备,其特征在于,所述处理单元还用于:The device according to any one of claims 14 to 16, wherein the processing unit is further configured to: 设置所述终端设备的访问期限T;Setting an access period T of the terminal device; 判断接收到所述终端设备发送的认证数据的时间是否在所述终端设备的访问期限T内,若不在所述终端设备的访问期限T内,所述终端设备认证失败;Determining whether the time when the authentication data sent by the terminal device is received is within the access period T of the terminal device; if not within the access period T of the terminal device, the terminal device fails to be authenticated; 若在所述终端设备的访问期限T内,则对所述解密后的第一用户指纹数据进行校验,若所述解密后的用户指纹数据通过校验,则终端认证成功,若 所述解密后的第一用户指纹数据未通过校验,则所述终端设备认证失败。And if the decrypted first user fingerprint data is verified within the access period T of the terminal device, if the decrypted user fingerprint data passes the verification, the terminal authentication succeeds. If the decrypted first user fingerprint data fails verification, the terminal device authentication fails. 根据权利要求17所述的设备,其特征在于,所述处理单元还用于:The device according to claim 17, wherein the processing unit is further configured to: 在所述终端设备的访问期限T之后删除所述存储的终端设备的第二用户指纹数据。 The second user fingerprint data of the stored terminal device is deleted after the access period T of the terminal device.
PCT/CN2015/091334 2015-07-29 2015-09-30 Smart home system equipment authentication method and apparatus Ceased WO2017016065A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510454770.8 2015-07-29
CN201510454770.8A CN105141584B (en) 2015-07-29 2015-07-29 A kind of equipment authentication method and device of smart home system

Publications (1)

Publication Number Publication Date
WO2017016065A1 true WO2017016065A1 (en) 2017-02-02

Family

ID=54726793

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/091334 Ceased WO2017016065A1 (en) 2015-07-29 2015-09-30 Smart home system equipment authentication method and apparatus

Country Status (2)

Country Link
CN (1) CN105141584B (en)
WO (1) WO2017016065A1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106936676A (en) * 2017-04-20 2017-07-07 青岛海信电器股份有限公司 Home equipment control method and device
CN110308663A (en) * 2019-06-18 2019-10-08 厦门施米德智能科技有限公司 A kind of intelligent home control system and its control method
CN113918978A (en) * 2021-10-28 2022-01-11 全民认证科技(杭州)有限公司 An intelligent access control method with low power consumption and high security
CN114584983A (en) * 2022-03-03 2022-06-03 北京亚华物联科技发展有限公司 Identity authentication method, system and device
CN114706315A (en) * 2022-03-31 2022-07-05 浙江灵鹿智能科技有限公司 Intelligent device control system, method and storage medium
WO2022140853A1 (en) * 2020-12-30 2022-07-07 Mastercard Technologies Canada ULC Systems, methods, computer-readable media, and devices for authenticating users
CN117997607A (en) * 2024-01-16 2024-05-07 青岛国创智能家电研究院有限公司 Cross-process message early warning method based on intelligent household appliance dual cores
US12011229B2 (en) 2020-07-15 2024-06-18 Hcl Technologies Limited System and method for providing visual guidance in a medical surgery

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105577388A (en) * 2015-12-31 2016-05-11 金邦达有限公司 Authentication method, authentication device and device control system
CN105743900B (en) * 2016-03-04 2019-04-19 广东格兰仕集团有限公司 A kind of security authentication systems and verification method of intelligent appliance
CN105763559B (en) * 2016-04-12 2018-10-19 北京握奇智能科技有限公司 A kind of intelligent home control system and method
CN107367946B (en) * 2016-05-11 2021-05-04 珠海格力电器股份有限公司 Method and device for controlling equipment
CN106130958B (en) * 2016-06-08 2019-02-01 美的集团股份有限公司 The communication system and method for household appliance and terminal, household appliance, terminal
CN106773764A (en) * 2016-12-30 2017-05-31 深圳智乐信息科技有限公司 The method and system that a kind of Intelligent household scene is set and controlled
CN106878272A (en) * 2016-12-30 2017-06-20 深圳智乐信息科技有限公司 Method and system based on mobile terminal administration smart home
CN106707785A (en) * 2016-12-30 2017-05-24 深圳智乐信息科技有限公司 Control method and system based on mobile terminal
CN106845193A (en) * 2016-12-30 2017-06-13 深圳智乐信息科技有限公司 A kind of method and system for managing smart home
CN106657655A (en) * 2016-12-30 2017-05-10 深圳智乐信息科技有限公司 Control method and system
CN107355140B (en) * 2017-08-31 2023-04-18 一诺电器有限公司 Inner door lock caring user privacy
CN108712390B (en) * 2018-04-23 2021-08-31 深圳和而泰数据资源与云技术有限公司 Data processing method, server, intelligent device and storage medium
CN111585939B (en) * 2019-02-18 2023-04-14 深圳市致趣科技有限公司 End-to-end identity authentication and communication encryption method and system between Internet of things devices
CN109976171B (en) * 2019-03-11 2020-12-29 深圳市威尔电器有限公司 Blood refrigerator with whole-process recording function
CN110061894B (en) * 2019-03-29 2023-09-19 国民技术股份有限公司 Household control method and system and household master control device
CN110555321B (en) * 2019-09-11 2021-07-13 腾讯科技(深圳)有限公司 Data processing method and device in intelligent household system and storage medium
CN112987581B (en) * 2019-12-16 2022-11-11 华为技术有限公司 Control method for smart home equipment and its medium and terminal
CN114584412B (en) * 2020-11-30 2025-05-27 华为技术有限公司 A method and communication system for obtaining device control rights
CN113194015A (en) * 2021-04-29 2021-07-30 洪璐 Internet of things intelligent household equipment safety control method and system
CN115567565A (en) * 2021-06-30 2023-01-03 华为技术有限公司 Equipment control method and device
CN114826574B (en) * 2022-04-19 2024-10-18 中国电子科技集团公司第三十研究所 Smart home security communication system and communication method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102624742A (en) * 2012-04-01 2012-08-01 许继集团有限公司 Method for enhancing security of communication between mobile equipment and home intelligent terminal
CN103825926A (en) * 2012-11-19 2014-05-28 五甲(大连)计算机系统研发有限公司 Intelligent household electrical appliance remote control system in which mobile phone is used as fingerprint encryption recognition terminal
CN103916696A (en) * 2014-03-05 2014-07-09 东莞中山大学研究院 A method and system for realizing playback control of smart TV based on home gateway
CN104732129A (en) * 2015-02-15 2015-06-24 金硕澳门离岸商业服务有限公司 Method for controlling electronic device to be operated through mobile terminal and mobile terminal
CN104754571A (en) * 2013-12-25 2015-07-01 深圳中兴力维技术有限公司 User authentication realizing method, device and system thereof for multimedia data transmission

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104468937A (en) * 2013-09-12 2015-03-25 中兴通讯股份有限公司 Data encryption and decryption methods and devices for mobile terminal and protection system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102624742A (en) * 2012-04-01 2012-08-01 许继集团有限公司 Method for enhancing security of communication between mobile equipment and home intelligent terminal
CN103825926A (en) * 2012-11-19 2014-05-28 五甲(大连)计算机系统研发有限公司 Intelligent household electrical appliance remote control system in which mobile phone is used as fingerprint encryption recognition terminal
CN104754571A (en) * 2013-12-25 2015-07-01 深圳中兴力维技术有限公司 User authentication realizing method, device and system thereof for multimedia data transmission
CN103916696A (en) * 2014-03-05 2014-07-09 东莞中山大学研究院 A method and system for realizing playback control of smart TV based on home gateway
CN104732129A (en) * 2015-02-15 2015-06-24 金硕澳门离岸商业服务有限公司 Method for controlling electronic device to be operated through mobile terminal and mobile terminal

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106936676A (en) * 2017-04-20 2017-07-07 青岛海信电器股份有限公司 Home equipment control method and device
CN110308663A (en) * 2019-06-18 2019-10-08 厦门施米德智能科技有限公司 A kind of intelligent home control system and its control method
US12011229B2 (en) 2020-07-15 2024-06-18 Hcl Technologies Limited System and method for providing visual guidance in a medical surgery
WO2022140853A1 (en) * 2020-12-30 2022-07-07 Mastercard Technologies Canada ULC Systems, methods, computer-readable media, and devices for authenticating users
US12034562B2 (en) 2020-12-30 2024-07-09 Mastercard Technologies Canada ULC Systems, methods, computer-readable media, and devices for authenticating users
CN113918978A (en) * 2021-10-28 2022-01-11 全民认证科技(杭州)有限公司 An intelligent access control method with low power consumption and high security
CN114584983A (en) * 2022-03-03 2022-06-03 北京亚华物联科技发展有限公司 Identity authentication method, system and device
CN114706315A (en) * 2022-03-31 2022-07-05 浙江灵鹿智能科技有限公司 Intelligent device control system, method and storage medium
CN117997607A (en) * 2024-01-16 2024-05-07 青岛国创智能家电研究院有限公司 Cross-process message early warning method based on intelligent household appliance dual cores

Also Published As

Publication number Publication date
CN105141584B (en) 2019-01-11
CN105141584A (en) 2015-12-09

Similar Documents

Publication Publication Date Title
WO2017016065A1 (en) Smart home system equipment authentication method and apparatus
CN105516103B (en) Method, device and system for binding smart home appliances
WO2015180261A1 (en) Smart home access method, control centre device and wearable terminal
KR101878708B1 (en) Energy management system of smart electric home appliances using security-enhanced residential gateway device
CN105100102B (en) A kind of authority configuration and information configuring methods and device
CN103401880B (en) The system and method that a kind of industrial control network logs in automatically
EP3668120B1 (en) Hearing device with service mode and related method
CN113114668B (en) Information transmission method, mobile terminal, storage medium and electronic equipment
KR101876183B1 (en) Security-enhanced residential gateway device based on internet of things
US11546699B2 (en) Hearing device with service mode and related method
CN114221822B (en) Distribution network method, gateway device and computer readable storage medium
WO2016201811A1 (en) Identity authentication method, apparatus and system
CN108650219B (en) User identity identification method, related device, equipment and system
CN109413648B (en) Access control method, terminal, smart card, background server and storage medium
CN109005571A (en) A kind of method, apparatus and system for establishing WiFi connection
CN103152326A (en) Distributed authentication method and authentication system
US20240372855A1 (en) Techniques for signing into a user account using a trusted client device
US20220407867A1 (en) Proof of authority based access to devices on a network with local token acquisition
WO2017020530A1 (en) Enhanced wlan certificate authentication method, device and system
CN110932951B (en) Intelligent household control method and device
CN107682380B (en) Cross authentication method and device
CN109639418A (en) Configuration information authentication method and device and rental car
CN104579639A (en) Realizing for multi-party cooperation authorization key and system adopting same for mobile wireless control
JP2024501696A (en) Intelligent configuration of unlock notifications
CN106656946B (en) A kind of dynamic authentication method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15899417

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15899417

Country of ref document: EP

Kind code of ref document: A1