[go: up one dir, main page]

CN108924137A - Method for secret protection and system under a kind of environment of internet of things - Google Patents

Method for secret protection and system under a kind of environment of internet of things Download PDF

Info

Publication number
CN108924137A
CN108924137A CN201810725251.4A CN201810725251A CN108924137A CN 108924137 A CN108924137 A CN 108924137A CN 201810725251 A CN201810725251 A CN 201810725251A CN 108924137 A CN108924137 A CN 108924137A
Authority
CN
China
Prior art keywords
internet
privacy protection
privacy
data
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810725251.4A
Other languages
Chinese (zh)
Inventor
吴科
朱长根
杨莉
安礼奎
占维
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201810725251.4A priority Critical patent/CN108924137A/en
Publication of CN108924137A publication Critical patent/CN108924137A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates under internet of things field more particularly to a kind of environment of internet of things method for secret protection and system, this method include:The unique identifier of internet of things equipment is encrypted to obtain exclusive authority code by list of random numbers;According to the type for the business information that internet of things equipment receives, secret protection grade is configured;Secondary encryption, authorized key are carried out to each secret protection grade and exclusive authority code;Authorization key is sent to internet of things equipment and server;It when server receives service requesting information, is verified by legitimacy of the authorization key to request, so as to effectively protect to the privacy information under environment of internet of things, prevents the leakage of privacy information.

Description

Privacy protection method and system in Internet of things environment
Technical Field
The invention relates to the technical field of Internet of things, in particular to a privacy protection method and system in the environment of Internet of things.
Background
The internet of things is that through technologies such as a sensor, a radio frequency identification technology and a global positioning system, any object or process needing monitoring, connection and interaction is collected in real time, various needed information such as sound, light, heat, electricity, mechanics, chemistry, biology and position of the object or process is collected, and the object-object and object-human ubiquitous connection is realized through various possible network accesses, so that the intelligent sensing, identification and management of the object and the process are realized. With the development of science and technology, the internet of things is closer to the life of people. The RFID network is a comprehensive network based on RFID and wireless sensing technologies, so that information acquisition terminals such as RFID radio frequency identification tags and wireless sensing equipment are widely distributed in daily life and work in the future.
The coming of the internet of things enables people to live more conveniently, and firstly, the RFID tags can store more data information than the original bar codes and have higher data processing efficiency, so that people can store more data in the RFID tags in a centralized manner. More functions are concentrated in one user terminal, people can do mobile phone shopping, work, parking, oiling, seeing a doctor and the like in the era of the Internet of things, the functions and the privacy data are excessively concentrated in one user terminal, and the privacy security of some sensitive data can be greatly threatened. Secondly, due to the wide distribution of RFID readers and the further development of the wireless sensing technology in the Internet of things, more non-contact communication technologies are widely applied, and people are likely to be maliciously stolen by lawbreakers to communication data in the process of using the user terminal for daily wireless communication, wherein the communication data contain a lot of sensitive privacy data, so that the privacy of the users is exposed, and the privacy is infringed by the illegal use of other people under the unknown condition. For example: people bind employee cards, shopping cards, credit cards of companies, electronic medical records during medical observation and the like in mobile phones or integrate the employee cards, the shopping cards, the credit cards, the electronic medical records and the like into an intelligent citizen card, so that the trouble of card changing and password recording of people can be avoided, but the privacy protection problem is particularly serious. For example: when people go to a shopping mall to shop, the people may be read by the shopping mall under the condition of no permission to store information in a mobile phone or an intelligent citizen card, a merchant may master the company name, the job holding and income condition of a certain consumer, even friend information in an address book of the certain consumer, and the like, and the consumers and friends thereof are promoted by using the information under the condition of no permission of the merchant. The invention provides a solution to the privacy protection problem to be solved urgently in the Internet of things.
Disclosure of Invention
The invention aims to solve the technical problem of the prior art and provides a vehicle supervision method and system.
The technical scheme for solving the technical problems is as follows: a privacy protection method in the environment of the Internet of things comprises the following steps:
encrypting the unique identification code of the Internet of things equipment through a random number list to obtain a unique authorization code;
configuring privacy protection grades according to types of service information received by the Internet of things equipment, wherein the privacy protection grades comprise a high grade, a medium grade and a low grade, the privacy protection grade when the type of the service information is absolute privacy is the high grade, the privacy protection grade when the type of the service information is only disclosed to a user, the privacy protection grade when the type of the service information is disclosed to a trusty party, and the privacy protection grade when the type of the service information is disclosed to a trusty party is the low grade;
carrying out secondary encryption on each privacy protection level and the unique authorization code to obtain an authorization key;
sending an authorization key to the Internet of things equipment and the server;
and when the server receives the service request information, verifying the legality of the request through the authorization key.
The invention has the beneficial effects that: the method comprises the steps of configuring privacy protection grades according to types of service information received by the Internet of things equipment, encrypting the privacy protection grades and the unique identification code of the Internet of things equipment through a random number list to obtain a unique authorization code, carrying out secondary encryption to obtain an authorization key, sending the authorization key to the Internet of things equipment and a server, and verifying the legality of a request through the authorization key when the server receives service request information, so that the privacy information under the Internet of things environment can be effectively protected, and the privacy information is prevented from being leaked.
On the basis of the technical scheme, the invention can be further improved as follows.
Further, when the server receives the service request information, the validity of the request is verified through the authorization key, including:
when the server receives service request information, determining the type of service information corresponding to the request according to the service request information;
and acquiring an authorization key in the Internet of things equipment according to the type of the service information corresponding to the request, and matching the authorization key with an authorization key stored in the server.
Further, the method further comprises: and after the matching is successful, sending verification passing information to the Internet of things equipment, and displaying data information of the corresponding privacy protection level on a mobile terminal corresponding to the Internet of things equipment.
Further, displaying data information of a corresponding privacy protection level on a mobile terminal corresponding to the internet of things device, including:
when the privacy protection level is high, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is absolute privacy data, and the absolute privacy data is data which can be accessed only by obtaining the user authority and the password of the secret partition of the user terminal;
when the privacy protection level is a middle level, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is privacy data, and the privacy data is data which can be directly accessed by obtaining the personal authority of the user;
when the privacy protection level is low, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is selected privacy data, and the selected privacy data are selectively disclosed aiming at a trusty party and do not need to acquire the personal authority of the user.
Further, the random number list is periodically randomly generated by the server.
Another technical solution of the present invention for solving the above technical problems is as follows: a computer-readable storage medium comprising instructions which, when executed on a computer, cause the computer to perform a method as in any one of the above embodiments.
Another technical solution of the present invention for solving the above technical problems is as follows: a privacy protection system in an internet of things environment, comprising:
the encryption unit is used for encrypting the unique identification code of the Internet of things equipment through the random number list to obtain a unique authorization code;
the configuration unit is used for configuring privacy protection grades according to types of service information received by the Internet of things equipment, wherein the privacy protection grades comprise a high grade, a medium grade and a low grade, the privacy protection grade when the type of the service information is absolute privacy is the high grade, the privacy protection grade when the type of the service information is only disclosed to a user, the privacy protection grade when the type of the service information is disclosed to a trusty party is the medium grade, and the privacy protection grade when the type of the service information is disclosed to a trusty party is the low grade;
the encryption unit is also used for carrying out secondary encryption on each privacy protection level and the unique authorization code to obtain an authorization key;
the sending unit is used for sending the authorization key to the Internet of things equipment and the server;
and the processing unit is used for verifying the legality of the request through the authorization key when the server receives the service request information.
The invention has the beneficial effects that: the method comprises the steps of configuring privacy protection grades according to types of service information received by the Internet of things equipment, encrypting the privacy protection grades and the unique identification code of the Internet of things equipment through a random number list to obtain a unique authorization code, carrying out secondary encryption to obtain an authorization key, sending the authorization key to the Internet of things equipment and a server, and verifying the legality of a request through the authorization key when the server receives service request information, so that the privacy information under the Internet of things environment can be effectively protected, and the privacy information is prevented from being leaked.
On the basis of the technical scheme, the invention can be further improved as follows.
Further, the processing unit is specifically configured to, when the server receives the service request information, determine a type of service information corresponding to the request according to the service request information, acquire an authorization key in the internet of things device according to the type of service information corresponding to the request, and match the authorization key with an authorization key stored in the server.
Further, the system further comprises: the sending unit is further used for sending verification passing information to the Internet of things equipment after the matching is successful; the display unit is used for displaying data information of corresponding privacy protection levels on the mobile terminal corresponding to the Internet of things equipment.
Further, the display unit is specifically configured to, when the privacy protection level is high, display data information as absolute privacy data, where the absolute privacy data is data that can be accessed only by obtaining the user's own right and by using a password of a secret partition of the user terminal; when the privacy protection level is a middle level, the displayed data information is privacy data which can be directly accessed by obtaining the personal authority of the user; when the privacy protection level is low, the displayed data information is selected privacy data, and the selected privacy data is selectively disclosed aiming at a trusty party and does not need to acquire the personal authority of the user.
Further, the random number list is periodically randomly generated by the server.
Additional aspects of the invention and its advantages will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments of the present invention or in the description of the prior art will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a privacy protection method in an internet of things environment according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a privacy protection method in an internet of things environment according to another embodiment of the present invention;
fig. 3 is a schematic flow chart of a privacy protection method in an internet of things environment according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of a privacy protection system in an internet of things environment according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a privacy protection system in an internet of things environment according to another embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, shall fall within the scope of protection of the present invention.
As shown in fig. 1, a privacy protection method 100 in an internet of things environment includes:
110. and encrypting the unique identification code of the equipment of the Internet of things through a random number list to obtain a unique authorization code.
120. And configuring privacy protection levels according to the types of the service information received by the equipment of the Internet of things, wherein the privacy protection levels comprise a high level, a middle level and a low level.
The privacy protection level is high when the type of the service information is absolute privacy, the privacy protection level is medium when the type of the service information is only disclosed to the user, and the privacy protection level is low when the type of the service information is disclosed to a trusty party.
130. And carrying out secondary encryption on each privacy protection level and the unique authorization code to obtain an authorization key.
140. And sending the authorization key to the Internet of things equipment and the server.
150. And when the server receives the service request information, verifying the legality of the request through the authorization key.
Specifically, in this embodiment, the random number list may be generated randomly by the server at regular intervals. And encrypting the unique identification code of the equipment of the Internet of things through a random number list to obtain a unique authorization code. And configuring privacy protection levels according to the types of the service information received by the equipment of the Internet of things, wherein the privacy protection levels comprise a high level, a middle level and a low level.
The privacy protection level when the type of the service information is absolute privacy is high, for example: the user transfers the absolute privacy data stored in the user terminal to an independent storage partition of the user terminal, and the absolute privacy data is encrypted and hidden by adopting a certain encryption algorithm, so that the data cannot be displayed when the user terminal normally works; meanwhile, access authority and monitoring are set for each piece of absolute privacy data, once the data are accessed, a report is immediately sent to a user, and the user performs corresponding blocking and allowing operations after judging whether the data are legally accessed.
The type of the service information is that the privacy protection level when the service information is only disclosed to the user himself is medium, and the type of the service information is that the privacy protection level when the service information is disclosed to the trusted party is low. And carrying out secondary encryption on each privacy protection level and the unique authorization code to obtain an authorization key. And sending the authorization key to the Internet of things equipment and the server. And when the server receives the service request information, verifying the legality of the request through the authorization key.
According to the privacy protection method in the internet of things environment in the embodiment of the invention, the privacy protection grades are configured according to the types of the service information received by the internet of things equipment, the unique identification codes of the internet of things equipment and the privacy protection grades are encrypted through the random number list to obtain the unique authorization codes, the authorization keys are obtained through secondary encryption, the authorization keys are sent to the internet of things equipment and the server, and when the server receives service request information, the legality of the request is verified through the authorization keys, so that the privacy information in the internet of things environment can be effectively protected, and the privacy information is prevented from being leaked.
Optionally, in an embodiment, as shown in fig. 2, step 150 specifically includes:
151. and when the server receives the service request information, determining the type of the service information corresponding to the request according to the service request information.
152. And acquiring an authorization key in the Internet of things equipment according to the type of the service information corresponding to the request, and matching the authorization key with an authorization key stored in the server.
Specifically, in this embodiment, the type of the service information corresponding to the request is determined according to the service request information, the authorization key in the internet of things device is obtained based on the type, and the authorization key is matched with the authorization key stored in the server, so that the validity of the request is verified.
Optionally, in another embodiment, as shown in fig. 3, the method 100 may further include:
160. and after the matching is successful, sending the verification passing information to the Internet of things equipment, and displaying the data information of the corresponding privacy protection level on the mobile terminal corresponding to the Internet of things equipment.
Specifically, in this embodiment, if the authorization key in the internet of things device, which is obtained according to the type of the service information corresponding to the request determined by the service request information, matches the authorization key stored in the server itself, that is, if the authorization key passes the verification, the verification passing information is sent to the internet of things device, and the data information of the corresponding privacy protection level is displayed on the mobile terminal corresponding to the internet of things device.
Specifically, when the privacy protection level is high, the data information displayed on the mobile terminal corresponding to the internet of things device is absolute privacy data. The absolute privacy data is data which can be accessed only by obtaining the personal authority of the user and the password of the secret partition of the user terminal.
And when the privacy protection level is the middle level, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is privacy data. The private data is data that can be directly accessed by the user to obtain the personal authority.
And when the privacy protection level is low, selecting privacy data from the data information displayed on the mobile terminal corresponding to the Internet of things equipment. The privacy data is selected to be selectively disclosed aiming at the trusty party without obtaining the personal authority of the user.
It should be understood that, in the above embodiments of the present invention, the sequence numbers of the above processes do not mean the execution sequence, and the execution sequence of the processes should be determined by their functions and inherent logic, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
The invention also provides a computer-readable storage medium comprising instructions which, when run on a computer, cause the computer to perform a method as in any one of the embodiments described above.
The privacy protection method in the environment of the internet of things according to the embodiment of the present invention is described in detail with reference to fig. 1 to fig. 3, and the privacy protection system in the environment of the internet of things according to the embodiment of the present invention is described in detail with reference to fig. 4 and fig. 5.
Fig. 4 shows a privacy protection system 200 in an environment of internet of things, including: encryption unit 210, configuration unit 220, sending unit 230, and processing unit 240. Wherein,
the encryption unit 210 is configured to encrypt the unique identification code of the internet of things device through the random number list to obtain a unique authorization code. The configuration unit 220 is configured to configure privacy protection levels according to types of service information received by the internet of things device, where the privacy protection levels include a high level, a medium level, and a low level. The encryption unit 210 is further configured to perform secondary encryption on each privacy protection level and the unique authorization code to obtain an authorization key. The sending unit 230 is configured to send the authorization key to the internet of things device and the server. The processing unit 240 is configured to verify the validity of the request through the authorization key when the server receives the service request information.
The privacy protection level is high when the type of the service information is absolute privacy, the privacy protection level is medium when the type of the service information is only disclosed to the user, and the privacy protection level is low when the type of the service information is disclosed to a trusty party.
Specifically, in this embodiment, the random number list may be generated randomly by the server at regular intervals.
It should be understood that, in the embodiment of the present invention, the system 200 according to the embodiment of the present invention may correspond to an execution body of the method 100 according to the embodiment of the present invention, and the above and other operations and/or functions of the system 200 are respectively for implementing corresponding flows of the methods in fig. 1 to fig. 3, and are not described herein again for brevity.
In the privacy protection system in the internet of things environment in the embodiment of the invention, the privacy protection grades are configured according to the types of the service information received by the internet of things equipment, the unique identification codes of the internet of things equipment and the privacy protection grades are encrypted through the random number list to obtain the unique authorization codes, the authorization keys are obtained through secondary encryption, the authorization keys are sent to the internet of things equipment and the server, and when the server receives service request information, the legality of the request is verified through the authorization keys, so that the privacy information in the internet of things environment can be effectively protected, and the privacy information is prevented from being leaked.
Optionally, in an embodiment, the processing unit 240 is specifically configured to, when the server receives the service request information, determine a type of the service information corresponding to the request according to the service request information, and obtain an authorization key in the internet of things device according to the type of the service information corresponding to the request, and match the authorization key with an authorization key stored in the server itself.
Optionally, in another embodiment, as shown in fig. 5, the system 200 further includes: a display unit 250.
The sending unit 230 is further configured to send verification passing information to the internet of things device after the matching is successful;
the display unit 250 is configured to display data information of a corresponding privacy protection level on a mobile terminal corresponding to the internet of things device.
Specifically, in this embodiment, the display unit 250 is specifically configured to, when the privacy protection level is high, display data information on the mobile terminal corresponding to the internet of things device as absolute privacy data, where the absolute privacy data is data that can be accessed only by obtaining the user's own right and through a password of a secret partition of the user terminal. When the privacy protection level is a middle level, the data information displayed on the mobile terminal corresponding to the internet of things device is privacy data, and the privacy data is data which can be directly accessed by the user to obtain the personal authority of the user. When the privacy protection level is low, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is selected privacy data, and the selected privacy data is data which is selectively disclosed aiming at a trusty party and does not need to acquire the personal authority of the user.
In addition, the term "and/or" herein is only one kind of association relationship describing an associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, a division of a unit is merely a logical division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. A privacy protection method in the environment of Internet of things is characterized by comprising the following steps:
encrypting the unique identification code of the Internet of things equipment through a random number list to obtain a unique authorization code;
configuring privacy protection grades according to types of service information received by the Internet of things equipment, wherein the privacy protection grades comprise a high grade, a medium grade and a low grade, the privacy protection grade when the type of the service information is absolute privacy is the high grade, the privacy protection grade when the type of the service information is only disclosed to a user, the privacy protection grade when the type of the service information is disclosed to a trusty party, and the privacy protection grade when the type of the service information is disclosed to a trusty party is the low grade;
carrying out secondary encryption on each privacy protection level and the unique authorization code to obtain an authorization key;
sending an authorization key to the Internet of things equipment and the server;
and when the server receives the service request information, verifying the legality of the request through the authorization key.
2. The method of claim 1, wherein verifying the validity of the request by the authorization key when the server receives the service request information comprises:
when the server receives service request information, determining the type of service information corresponding to the request according to the service request information;
and acquiring an authorization key in the Internet of things equipment according to the type of the service information corresponding to the request, and matching the authorization key with an authorization key stored in the server.
3. The method of claim 2, further comprising:
and after the matching is successful, sending verification passing information to the Internet of things equipment, and displaying data information of the corresponding privacy protection level on a mobile terminal corresponding to the Internet of things equipment.
4. The method of claim 3, wherein displaying data information of a corresponding privacy protection level on a mobile terminal corresponding to the Internet of things device comprises:
when the privacy protection level is high, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is absolute privacy data, and the absolute privacy data is data which can be accessed only by obtaining the user authority and the password of the secret partition of the user terminal;
when the privacy protection level is a middle level, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is privacy data, and the privacy data is data which can be directly accessed by obtaining the personal authority of the user;
when the privacy protection level is low, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is selected privacy data, and the selected privacy data are selectively disclosed aiming at a trusty party and do not need to acquire the personal authority of the user.
5. The method according to any of claims 1-4, wherein the list of random numbers is randomly generated by the server on a regular basis.
6. A privacy protection system in an Internet of things environment, comprising:
the encryption unit is used for encrypting the unique identification code of the Internet of things equipment through the random number list to obtain a unique authorization code;
the configuration unit is used for configuring privacy protection grades according to types of service information received by the Internet of things equipment, wherein the privacy protection grades comprise a high grade, a medium grade and a low grade, the privacy protection grade when the type of the service information is absolute privacy is the high grade, the privacy protection grade when the type of the service information is only disclosed to a user, the privacy protection grade when the type of the service information is disclosed to a trusty party is the medium grade, and the privacy protection grade when the type of the service information is disclosed to a trusty party is the low grade;
the encryption unit is also used for carrying out secondary encryption on each privacy protection level and the unique authorization code to obtain an authorization key;
the sending unit is used for sending the authorization key to the Internet of things equipment and the server;
and the processing unit is used for verifying the legality of the request through the authorization key when the server receives the service request information.
7. The system according to claim 6, wherein the processing unit is specifically configured to, when the server receives the service request information, determine a type of service information corresponding to the request according to the service request information, obtain the authorization key in the internet of things device according to the type of service information corresponding to the request, and match the authorization key with an authorization key stored in the server itself.
8. The system of claim 7, further comprising: a display unit for displaying the image of the object,
the sending unit is further used for sending verification passing information to the Internet of things equipment after the matching is successful;
the display unit is used for displaying data information of corresponding privacy protection levels on the mobile terminal corresponding to the Internet of things equipment.
9. The system according to claim 8, wherein the display unit is specifically configured to, when the privacy protection level is high, display data information on the mobile terminal corresponding to the internet of things device as absolute privacy data, where the absolute privacy data is data that can be accessed only by obtaining the user's own right and a password of a secret partition of the user terminal; when the privacy protection level is a middle level, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is privacy data, and the privacy data is data which can be directly accessed by obtaining the personal authority of the user; when the privacy protection level is low, the data information displayed on the mobile terminal corresponding to the Internet of things equipment is selected privacy data, and the selected privacy data are selectively disclosed aiming at a trusty party and do not need to acquire the personal authority of the user.
10. The system according to any of claims 6-8, wherein the random number list is randomly generated by the server on a periodic basis.
CN201810725251.4A 2018-07-04 2018-07-04 Method for secret protection and system under a kind of environment of internet of things Pending CN108924137A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810725251.4A CN108924137A (en) 2018-07-04 2018-07-04 Method for secret protection and system under a kind of environment of internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810725251.4A CN108924137A (en) 2018-07-04 2018-07-04 Method for secret protection and system under a kind of environment of internet of things

Publications (1)

Publication Number Publication Date
CN108924137A true CN108924137A (en) 2018-11-30

Family

ID=64424990

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810725251.4A Pending CN108924137A (en) 2018-07-04 2018-07-04 Method for secret protection and system under a kind of environment of internet of things

Country Status (1)

Country Link
CN (1) CN108924137A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111818047A (en) * 2020-07-07 2020-10-23 德能森智能科技(无锡)有限公司 Cloud host monitoring management system and method in cloud environment
CN111935087A (en) * 2020-07-02 2020-11-13 上海微亿智造科技有限公司 Authentication verification method and system for gateway receiving large data volume through industrial internet
CN112825520A (en) * 2019-11-21 2021-05-21 中国移动通信有限公司研究院 User privacy data processing method, device, system and storage medium
CN112866226A (en) * 2021-01-12 2021-05-28 中国工商银行股份有限公司 Network security protection method and device
CN114666097A (en) * 2022-02-25 2022-06-24 深圳极联信息技术股份有限公司 Communication method and system of Internet of things equipment
CN116669018A (en) * 2023-07-28 2023-08-29 陕西通信规划设计研究院有限公司 Data processing method and device based on Internet of things communication
CN118587801A (en) * 2024-08-02 2024-09-03 浙江德施曼科技智能股份有限公司 A smart lock command operation method, system, smart lock and computer equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102196431A (en) * 2011-05-13 2011-09-21 南京邮电大学 Internet of things application scene-based protection method of privacy query and private identity verification
CN107864040A (en) * 2017-11-17 2018-03-30 国网重庆市电力公司南岸供电分公司 A kind of intelligent grid big data information management system based on safe cloud computing
CN107947928A (en) * 2017-12-21 2018-04-20 武汉深捷科技股份有限公司 Intelligence community management method and system based on Internet of Things

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102196431A (en) * 2011-05-13 2011-09-21 南京邮电大学 Internet of things application scene-based protection method of privacy query and private identity verification
CN107864040A (en) * 2017-11-17 2018-03-30 国网重庆市电力公司南岸供电分公司 A kind of intelligent grid big data information management system based on safe cloud computing
CN107947928A (en) * 2017-12-21 2018-04-20 武汉深捷科技股份有限公司 Intelligence community management method and system based on Internet of Things

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112825520A (en) * 2019-11-21 2021-05-21 中国移动通信有限公司研究院 User privacy data processing method, device, system and storage medium
CN112825520B (en) * 2019-11-21 2023-08-15 中国移动通信有限公司研究院 User privacy data processing method, device, system and storage medium
CN111935087A (en) * 2020-07-02 2020-11-13 上海微亿智造科技有限公司 Authentication verification method and system for gateway receiving large data volume through industrial internet
CN111818047A (en) * 2020-07-07 2020-10-23 德能森智能科技(无锡)有限公司 Cloud host monitoring management system and method in cloud environment
CN111818047B (en) * 2020-07-07 2022-08-12 德能森智能科技(无锡)有限公司 Cloud host monitoring management system and method in cloud environment
CN112866226A (en) * 2021-01-12 2021-05-28 中国工商银行股份有限公司 Network security protection method and device
CN112866226B (en) * 2021-01-12 2023-03-10 中国工商银行股份有限公司 Network security protection method and device
CN114666097A (en) * 2022-02-25 2022-06-24 深圳极联信息技术股份有限公司 Communication method and system of Internet of things equipment
CN114666097B (en) * 2022-02-25 2024-05-28 深圳极联信息技术股份有限公司 Communication method and system of Internet of things equipment
CN116669018A (en) * 2023-07-28 2023-08-29 陕西通信规划设计研究院有限公司 Data processing method and device based on Internet of things communication
CN116669018B (en) * 2023-07-28 2023-10-13 陕西通信规划设计研究院有限公司 Data processing method and device based on Internet of things communication
CN118587801A (en) * 2024-08-02 2024-09-03 浙江德施曼科技智能股份有限公司 A smart lock command operation method, system, smart lock and computer equipment

Similar Documents

Publication Publication Date Title
CN108924137A (en) Method for secret protection and system under a kind of environment of internet of things
US12032716B2 (en) Accessing information based on privileges
US7953974B2 (en) Authentication method, authentication system, and tag device thereof, data reference client, authentication server, and data server
US9280770B2 (en) Secure point of sale presentation of a barcode at an information handling system display
US20120246075A1 (en) Secure electronic payment methods
US20130204793A1 (en) Smart communication device secured electronic payment system
US20040006699A1 (en) Secure token access distributed database system
CN113282944B (en) Intelligent lock unlocking method and device, electronic equipment and storage medium
JP4625000B2 (en) Data protection system and record carrier
CN105378774A (en) Secure transaction system and method
CN115186301B (en) Information processing method, information processing device, computer equipment and computer readable storage medium
CA3184856A1 (en) Method, participatant unit, transaction register, and payment system for managing transaction data sets
KR100818244B1 (en) System for protecting tag-related information and method thereof
US10615975B2 (en) Security authentication method for generating secure key by combining authentication elements of multi-users
CN104573442A (en) E-coupon generation method and device
Cheng et al. A secure and practical key management mechanism for NFC read-write mode
US20160100299A1 (en) Communication Method And System To Process And Control The Legality Of Products
CN108875437A (en) A kind of ID card information querying method and system
WO2007077601A1 (en) Tag authentication system
CN102473218B (en) Method for generating an identifier
CN111523141B (en) Personal privacy protection-based identity identification and verification system
CN113312650A (en) Transaction log privacy protection method and device
JP4232365B2 (en) Card usage confirmation system
JP4724408B2 (en) Protected information security method and system
CN118153126B (en) RFID smart card information interaction method, device and system with privacy protection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181130

RJ01 Rejection of invention patent application after publication