Search

US-12627636-B2 - Internet of Things system, authentication and communication method therefor, and related device

US12627636B2US 12627636 B2US12627636 B2US 12627636B2US-12627636-B2

Abstract

An Internet of Things system, an authentication and communication method therefor, and a related device. The Internet of Things system comprises: an Internet of Things terminal, configured to establish a connection with a proxy server by using a connection certificate of the Internet of Things terminal, and send device information and an authentication identifier of the Internet of Things terminal to the proxy server; the proxy server, configured to receive the device information and the authentication identifier, and send the device information and the authentication identifier to an Internet of Things platform; and the Internet of Things platform, configured to receive the device information and the authentication identifier, perform identity verification on the Internet of Things terminal according to the device information and the authentication identifier, and in response to the fact that the verification passes, return a verification success message to the proxy server.

Inventors

  • Haitao Zheng
  • Hongda YU
  • Huailiang Wang
  • Hongjun DU
  • Gao JI
  • Guoqi Li

Assignees

  • BOE TECHNOLOGY GROUP CO., LTD.

Dates

Publication Date
20260512
Application Date
20230525
Priority Date
20220617

Claims (14)

  1. 1 . An Internet of Things system, comprising: an Internet of Things terminal, configured to establish a connection with a proxy server by using a connection certificate of the Internet of Things terminal, and send device information and an identity sign of the Internet of Things terminal to the proxy server; the proxy server, configured to receive the device information and the identity sign, and send the device information and the identity sign to an Internet of Things platform; and the Internet of Things platform, configured to receive the device information and the identity sign, perform an identity authentication on the Internet of Things terminal according to the device information and the identity sign, and return an authentication success message to the proxy server in response to the identity authentication passing; wherein the proxy server is further configured to establish a communication connection with the Internet of Things terminal in response to receiving the authentication success message; wherein the Internet of Things platform comprises a device management service and an identity authentication service; wherein the Internet of Things terminal is further configured to send an identity authentication request to the Internet of Things platform, and the identity authentication request comprises the device information and an identity certificate of the Internet of Things terminal; the device management service is configured to authenticate an availability of the Internet of Things terminal according to the device information, and send the device information and the identity certificate to the identity authentication service in response to determining that the Internet of Things terminal is available; the identity authentication service is configured to perform an identity authentication on the Internet of Things terminal according to the device information and the identity certificate, generate a challenge code corresponding to the Internet of Things terminal in response to the identity authentication passing, and send the challenge code to the Internet of Things terminal; wherein the Internet of Things terminal is further configured to sign the challenge code and the device information by using a key of the identity certificate to obtain the identity sign.
  2. 2 . The Internet of Things system according to claim 1 , wherein the device management service is configured to authenticate an availability of the Internet of Things terminal according to the device information, and send the device information and the identity sign to the identity authentication service in response to determining that the Internet of Things terminal is available; and the identity authentication service is configured to perform an identity authentication on the Internet of Things terminal according to the device information and the identity sign.
  3. 3 . The Internet of Things system according to claim 2 , wherein the identity authentication service is further configured to: search for the identity authentication and the challenge code corresponding to the Internet of Things terminal by using the device information, authenticate the identity sign by using the searched-out identity certificate, the challenge code and the device information, and return the authentication success message to the proxy server in response to the identity sign being authenticated.
  4. 4 . The Internet of Things system according to claim 3 , wherein the identity authentication service is further configured to return an authentication failure message to the proxy server in response to the identity sign being not authenticated; the proxy server is further configured to feed back the authentication failure message to the Internet of Things terminal in response to receiving the authentication failure message, and/or disconnect a connection with the Internet of Things terminal.
  5. 5 . The Internet of Things system according to claim 1 , wherein the Internet of Things terminal is further configured to: establish a Transport Layer Security (TLS) connection with the proxy server by using the connection certificate; wherein the device information is used as a user name of the TLS connection, and the identity sign is used as a password of the TLS connection.
  6. 6 . The Internet of Things system according to claim 2 , wherein the Internet of Things terminal is further configured to: establish a Transport Layer Security (TLS) connection with the proxy server by using the connection certificate; wherein the device information is used as a user name of the TLS connection, and the identity sign is used as a password of the TLS connection.
  7. 7 . An authentication and communication method for an Internet of Things system, comprising: establishing, by an Internet of Things terminal, a connection with a proxy server by using a connection certificate, and sending device information and an identity sign of the Internet of Things terminal to the proxy server; receiving, by the proxy server, the device information and the identity sign, and sending the device information and the identity sign to an Internet of Things platform; receiving, by the Internet of Things platform, the device information and the identity sign, and performing an identity authentication on the Internet of Things terminal according to the device information and the identity sign; returning, by the Internet of Things platform, an authentication success message to the proxy server in response to the identity authentication passing; and establishing, by the proxy server, a communication connection with the Internet of Things terminal in response to receiving the authentication success message; wherein the Internet of Things platform comprises a device management service and an identity authentication service; further comprising: sending, by the Internet of Things terminal, an identity authentication request to the Internet of Things platform, wherein the identity authentication request comprises the device information and an identity certificate of the Internet of Things terminal; authenticating, by the device management service, an availability of the Internet of Things terminal according to the device information, and sending the device information and the identity certificate to the identity authentication service in response to determining that the Internet of Things terminal is available; and performing, by the identity authentication service, an identity authentication on the Internet of Things terminal according to the device information and the identity certificate, generating a challenge code corresponding to the Internet of Things terminal in response to the identity authentication passing, and sending the challenge code to the Internet of Things terminal; further comprising: signing, by the Internet of Things terminal, the challenge code and the device information by using a key of the identity certificate to obtain the identity sign.
  8. 8 . The method according to claim 7 , wherein receiving, by the Internet of Things platform, the device information and the identity sign, and performing the identity authentication on the Internet of Things terminal according to the device information and the identity sign, comprises: authenticating, by the device management service, an availability of the Internet of Things terminal according to the device information, and sending the device information and the identity sign to the identity authentication service in response to determining that the Internet of Things terminal is available; and performing, by the identity authentication service, an identity authentication on the Internet of Things terminal according to the device information and the identity sign.
  9. 9 . The method according to claim 8 , wherein performing, by the identity authentication service, the identity authentication on the Internet of Things terminal according to the device information and the identity certificate, comprises: searching for the identity authentication and the challenge code corresponding to the Internet of Things terminal by using the device information; and authenticating the identity sign by using the searched-out identity certificate, the challenge code and the device information.
  10. 10 . The method according to claim 9 , further comprising: returning, by the identity authentication service, an authentication failure message to the proxy server in response to the identity sign being not authenticated; and feeding back, by the proxy server, the authentication failure message to the Internet of Things terminal in response to receiving the authentication failure message, and/or disconnecting a connection with the Internet of Things terminal.
  11. 11 . The method according to claim 7 , wherein establishing, by the Internet of Things terminal, the connection with the proxy server by using the connection certificate, comprises: establishing a Transport Layer Security (TLS) connection with the proxy server by using the connection certificate; wherein the device information is used as a user name of the TLS connection, and the identity sign is used as a password of the TLS connection.
  12. 12 . A computer device, comprising at least a processor and a memory storing a computer program runnable in the processor, wherein when the processor executes the program, instructions of the method according to claim 7 are implemented.
  13. 13 . A non-transitory computer-readable storage medium containing a computer program, wherein, when the computer program is executed by one or more processors, the processor is enabled to perform the method according to claim 7 .
  14. 14 . An authentication and communication method for an Internet of Things system, applied to an Internet of Things terminal, comprising: establishing a connection with a proxy server by using a connection certificate of an Internet of Things terminal and sending device information and an identity sign of the Internet of Things terminal to the proxy server for the proxy server to send the device information and the identity sign to an Internet of Things platform, and establishing a communication connection between the proxy server and the Internet of Things terminal after an identity authentication passes; further comprising: signing a challenge code and the device information by using a key of an identity certificate to obtain the identity sign, wherein the challenge code is generated by the Internet of Things platform and sent to the Internet of Things terminal after the Internet of Things platform verifies that the Internet of Things terminal is available according to the device information, and passes the identity authentication of the Internet of Things terminal according to the device information and the identity certificate.

Description

CROSS-REFERENCE TO RELATED APPLICATION This application is a U.S. National Phase Entry of International Application No. PCT/CN2023/096285 having an international filing date of May 25, 2023, which claims priority of Chinese patent application No. 202210692570.6, filed to the CNIPA on Jun. 17, 2022, and entitled “Internet of Things System, Authentication and Communication Method Therefor, and Related Device”. The above-identified applications are incorporated into this application by reference in their entireties. TECHNICAL FIELD An embodiment of the disclosure relates to, but is not limited to, the technical field of the Internet of Things, in particular to an Internet of Things system, an authentication and communication method therefor, and a related device. BACKGROUND At present, the authentication process and communication establishment process of Internet of Things devices are independent of each other, which leads to low work efficiency. SUMMARY The following is a summary of subject matters described herein in detail. This summary is not intended to limit the protection scope of claims. In a first aspect of the present disclosure, an Internet of Things system is provided, including: an Internet of Things terminal, configured to establish a connection with a proxy server by using a connection certificate of the Internet of Things terminal, and send device information and an identity sign of the Internet of Things terminal to the proxy server;the proxy server, configured to receive the device information and the identity sign, and send the device information and the identity sign to an Internet of Things platform; andthe Internet of Things platform, configured to receive the device information and the identity sign, perform an identity authentication on the Internet of Things terminal according to the device information and the identity sign, and return an authentication success message to the proxy server in response to the identity authentication passing;wherein the proxy server is further configured to establish a communication connection with the Internet of Things terminal in response to receiving the authentication success message. In a second aspect of the present disclosure, an authentication and communication method for an Internet of Things system is provided, including: establishing, by an Internet of Things terminal, a connection with a proxy server by using a connection certificate, and sending device information and an identity sign of the Internet of Things terminal to the proxy server;receiving, by the proxy server, the device information and the identity sign, and sending the device information and the identity sign to an Internet of Things platform;receiving, by the Internet of Things platform, the device information and the identity sign, and performing an identity authentication on the Internet of Things terminal according to the device information and the identity sign;returning, by the Internet of Things platform, an authentication success message to the proxy server in response to the identity authentication passing; andestablishing, by the proxy server, a communication connection with the Internet of Things terminal in response to receiving the authentication success message. In a third aspect of the present disclosure, an authentication and communication method for an Internet of Things system, applied to an Internet of Things terminal, is provided, including: using a connection certificate of an Internet of Things terminal to establish a connection with a proxy server and sending device information and an identity sign of the Internet of Things terminal to the proxy server for the proxy server to send the device information and the identity sign to an Internet of Things platform, and establishing a communication connection between the proxy server and the Internet of Things terminal after an identity authentication passes. In a fourth aspect of the present disclosure, an authentication and communication method for an Internet of Things system, applied to a proxy server, is provided, including: receiving device information and the identity sign sent by an Internet of Things terminal, and sending the device information and the identity sign to an Internet of Things platform for the Internet of Things platform to perform an identity authentication on the Internet of Things terminal according to the device information and the identity sign; and establishing a communication connection with the Internet of Things terminal in response to receiving an authentication success message. In a fifth aspect of the present disclosure, an authentication and communication method for an Internet of Things system, applied to an Internet of Things platform, is provided, including: receiving device information and an identity sign forwarded by a proxy server and sent by an Internet of Things terminal, and performing an identity authentication on the Internet of Things terminal according to the devic