CN117714138A - Internet of things system based on PLC communication and equipment network access method thereof - Google Patents
Internet of things system based on PLC communication and equipment network access method thereof Download PDFInfo
- Publication number
- CN117714138A CN117714138A CN202311712560.5A CN202311712560A CN117714138A CN 117714138 A CN117714138 A CN 117714138A CN 202311712560 A CN202311712560 A CN 202311712560A CN 117714138 A CN117714138 A CN 117714138A
- Authority
- CN
- China
- Prior art keywords
- sta
- plc
- information
- network
- sta equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 69
- 238000000034 method Methods 0.000 title claims abstract description 47
- 230000006855 networking Effects 0.000 claims abstract description 26
- 238000012795 verification Methods 0.000 claims abstract description 25
- 230000002452 interceptive effect Effects 0.000 claims description 4
- 238000004519 manufacturing process Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 17
- 230000007246 mechanism Effects 0.000 abstract description 7
- 230000005540 biological transmission Effects 0.000 abstract description 3
- 238000013478 data encryption standard Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000000737 periodic effect Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B3/00—Line transmission systems
- H04B3/54—Systems for transmission via power distribution lines
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention relates to the technical field of PLC communication safety, and provides an Internet of things system based on PLC communication and a device networking method thereof, wherein a server acquires STA device information and encrypts and transmits the STA device information to a PLC gateway, the information provided by a user is not easy to tamper or steal through safe encryption and transmission of the device information, and a CCO brings the STA device information into a white list, so that designated STA devices can safely network and exchange data, the network security risk possibly caused by closing the white list mechanism is effectively avoided, authentication, key exchange and networking of the STA devices are completed through an automatic networking method, a safe, convenient and effective networking mode is provided, data encryption and identity verification of the STA devices are introduced in the network distribution process, the overall security of the network is enhanced, potential network attacks are effectively prevented, and the risk of the STA devices entering the network is reduced through ensuring the legality of the STA devices.
Description
Technical Field
The invention relates to the technical field of PLC communication safety, in particular to an Internet of things system based on PLC communication and a device networking method thereof.
Background
At present, more and more enterprises in China are going into the intelligent whole-house ecological industry, most of the domestic PLC technology applied to the whole-house interconnection of intelligent household appliances uses a middle-frequency band PLC, wherein the PLC-IoT (PowerLineCommunicationInternetofThings) deduced based on IEEE1901.1 is a middle-frequency band power line carrier communication technology oriented to the Internet of things scene, and can be used for the Internet of things scene of real-time control of intelligent houses, intelligent street lamps and the like, but because the PLC signals are transmitted on a power line, some potential safety hazards possibly affect the privacy and safety of data.
In the existing PLC-IoT-based device networking method, network potential safety hazards exist for managing a white list, and in the aspect of white list management, the existing scheme has the following problems:
closing white list verification, so that unknown STAs can access to the network or acquire network information, potential safety hazards exist, safety verification and identity verification are not performed on equipment in the automatic network allocation process, and the lack of strict identity verification can lead to unauthorized equipment to enter the network, so that potential safety risks and risks of privacy disclosure are increased, and a PLC network communication system and an automatic network allocation method of communication equipment thereof are disclosed in patent CN116614353A, namely the scheme is disclosed;
or after cco in the networking method is powered on to automatically generate a white list, an unknown STA can be networked to acquire network information and can initiate network attack, the STA which is mistakenly added into the white list needs to be deleted, if a user needs to delete a large number of unknown STAs from the white list in a multi-network environment, such as the networking method and device of the PLC-IoT equipment disclosed in the patent CN112867102A, namely the scheme is disclosed.
Disclosure of Invention
The first aim of the invention is to provide a device networking method based on PLC communication, aiming at solving the problems of complicated and low efficiency and low safety in the device networking process.
In order to achieve the above purpose, the present invention adopts the following technical scheme:
a device networking method based on PLC communication, comprising:
s1, encryption: the server encrypts the acquired STA equipment information through a private key and sends the ciphertext to the PLC gateway;
s2, decrypting: the PLC gateway decrypts the ciphertext through a public key preset in advance to obtain the STA equipment information, and sends the STA equipment information to a CCO;
s3, inputting: the CCO adds the STA equipment information into a white list and waits for the STA equipment to enter a network;
s4, network access: triggering the network access method of the STA equipment by a user in an interactive mode, wherein the STA equipment joins a network;
s5, inquiring: the CCO reports the information of the STA equipment which is accessed to the network to the PLC gateway, the PLC gateway sends a query message to the CCO, and the CCO sends the query message to the STA equipment through the PLC;
s6, feedback: the STA equipment receives the query message and replies the STA equipment information through power carrier communication, and the CCO forwards the STA equipment information to the PLC gateway;
s7, checking: and the PLC gateway checks the STA equipment information, if the check is successful, the PLC gateway reports the success of network access of the STA equipment to the server, and if the check is failed, the PLC gateway issues a white list kicking instruction to the CCO.
Further, the method further comprises the following steps:
s8, exchanging keys: and after the PLC gateway is successfully checked, the PLC gateway periodically exchanges a key with the STA equipment, and encrypts communication through the key.
Further, an asymmetric encryption algorithm is adopted to encrypt communication between the server and the PLC gateway, wherein the asymmetric encryption algorithm comprises one or more of RSA, DSA, SM and ECC; and the STA equipment and the PLC gateway encrypt communication by adopting a symmetrical encryption algorithm, wherein the symmetrical encryption algorithm comprises one or more of AES, DES, SM, SM4 and Diffie-Hellman.
Further, the method further comprises the following steps:
s9, sending a report: and the PLC gateway reports the verification result of the STA equipment to the server, and the server sends a corresponding verification result message to the user.
Further, the STA device information includes one or more of a device product ID, a device model number, a device type ID, a device version number, and a device MAC address.
The second purpose of the invention is to provide a device networking system based on PLC communication, which aims to solve the problems of complicated and low efficiency and low safety in the device networking process.
An internet of things system based on PLC communication, the system comprises a CCO, a PLC gateway, STA equipment and a server, and the system is used for executing the equipment network access method.
Further, the system is created based on IEEE1901.1 protocol, and the STA device information is a device MAC address.
Further, the CCO includes:
a white list control unit, configured to generate a white list of the STA device and keep on or delete the STA device information from the white list;
and the receiving and transmitting unit is used for receiving and transmitting messages and equipment information between the PLC gateway and the STA equipment.
Further, the PLC gateway includes:
the decryption unit is used for receiving the ciphertext sent by the server and decrypting to obtain the related information of the STA equipment, and sending the related information to the CCO;
the query unit is used for sending a query message to the CCO and acquiring related information of the STA equipment after the STA equipment is successfully accessed to the network;
the checking unit is used for checking the information of the STA equipment which is accessed to the network, reporting the success of the check to the server, and issuing a white list-kicking instruction to the CCO after the check fails;
and the key exchange unit is used for periodically exchanging the key with the STA equipment and encrypting communication through the key.
Further, the server includes:
the acquisition module is used for acquiring the STA equipment information;
and the encryption module is used for encrypting the STA equipment information through a private key and sending the ciphertext to the PLC gateway.
After the technical scheme is adopted, compared with the background technology, the invention has the following advantages:
1. the server acquires the STA equipment information and encrypts and transmits the STA equipment information to the PLC gateway, the safe encryption and transmission of the equipment information ensure that the information provided by a user is not easy to tamper or steal, and then the PLC gateway completes the authentication, key exchange and network access of the STA equipment by an automatic network access method, thereby providing a safe, convenient and effective network access mode.
2. The CCO brings the STA equipment information into the white list and keeps the white list in an on state, and the white list control unit can always control the adding and deleting operations of the white list, so that the appointed STA equipment can safely access the network and exchange data, and the network security risk possibly caused by closing the white list is effectively avoided.
3. Data encryption and authentication of the STA equipment are introduced in the network distribution process, the overall security of the network is enhanced, potential network attacks are effectively prevented, and the risk of unauthorized STA equipment entering the network is reduced by ensuring the legality of the STA equipment.
4. For the STA equipment which is accessed to the network, the encryption of the communication is realized through the periodic exchange of the communication key between the PLC gateway and the STA equipment, the measure not only effectively protects the data privacy of the user, but also enhances the overall security of the network communication, and the system can prevent potential data leakage and threat of unauthorized access through the encryption communication, thereby providing more reliable service of the Internet of things for the user.
Drawings
FIG. 1 is a schematic diagram of a method for network access of a device according to the present invention;
fig. 2 is a schematic diagram of the topology structure of the internet of things system according to the present invention.
Reference numerals illustrate:
1. CCO; 2. a PLC gateway; 3. a server; 4. an STA device;
11. a white list control unit; 12. a transmitting/receiving unit;
21. a decryption unit; 22. a query unit; 23. a verification unit; 24. a key exchange unit;
31. an acquisition module; 32. and an encryption module.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Example 1
Before discussing the present invention, abbreviations and key terms to which the present invention relates are defined for ease of understanding the present invention, wherein PLC is collectively referred to as Power Line Communication, chinese is described as power line communication; CCO is known as Central Coordinator, chinese is described as a central coordinator; STA is called Station, chinese is described as site and terminal equipment; the MAC is known as Media Access Control Address and chinese is described as a medium access control address.
Referring to fig. 1 and 2, the present embodiment provides a method for accessing a device based on PLC communication, which includes:
s1, encryption: the server 3 encrypts the acquired information of the STA device 4 through a private key and sends the ciphertext to the PLC gateway 2, specifically, in this embodiment, one or more STA devices 4 are used, where the server 3 acquires the information of the STA device 4 from the user to provide the information of the STA device 4 that needs to access the network to the server through a communication device, and the communication device includes, but is not limited to, a mobile phone, a tablet, a computer, and the like;
s2, decrypting: the PLC gateway 2 decrypts the ciphertext through a public key preset in advance to obtain the STA equipment 4 information, and sends the STA equipment 4 information to the CCO1;
s3, inputting: the CCO1 adds the information of the STA device 4 into a white list and waits for the STA device 4 to enter the network; in the networking process of the STA device 4, the white list mechanism is always in an on state;
s4, network access: the user triggers the method for the STA device 4 to access the network through an interactive mode, and the STA device 4 joins the network, in this embodiment, the user interactive mode includes but is not limited to key press, voice, wireless communication, etc.;
s5, inquiring: the CCO1 reports the information of the network-accessed STA equipment 4 to the PLC gateway 2, the PLC gateway 2 sends a query message to the CCO1, and the CCO1 sends the query message to the STA equipment 4 through the PLC;
s6, feedback: the STA device 4 receives the query message, replies the information of the STA device 4 through power carrier communication, and the CCO1 forwards the information of the STA device 4 to the PLC gateway 2;
s7, checking: and the PLC gateway 2 checks the STA equipment 4 information, if the check is successful, the PLC gateway 2 reports the success of network access of the server 3STA equipment 4, and if the check is failed, the PLC gateway 2 issues a white list kicking instruction to the CCO 1.
Specifically, the user uses the communication terminal, the access information of the STA device 4 is provided for the server 3 through code scanning, device information input or other convenient modes, the server 3 encrypts the STA device 4 information and then sends the encrypted information to the PLC gateway 2, the PLC gateway 2 decrypts the STA device 4 information and then sends the information to the CCO1, the CCO1 adds the STA device 4 information into a white list, the safe encryption and transmission of the STA device 4 information are adopted, the fact that the information provided by the user is not easy to tamper or steal is ensured, and a solid foundation is laid for the whole access process through the improvement of the safety.
Meanwhile, after the STA device 4 is accessed to the network, the CCO1 reports the network access device information to the PLC gateway 2, the PLC gateway 2 sends a query message and the query message is sent to the accessed STA device 4 by the CCO1 through the PLC, the accessed STA device 4 receives the query message and replies the device information through the PLC, the CCO1 receives and forwards the query message to the PLC gateway 2, the PLC gateway 2 continuously checks the network access STA device 4 information, and notifies the CCO1 to kick out the STA device 4 with the non-conforming information, so that the network access and distribution processes of the device are effectively simplified, a user does not need to carry out complex operation and setting, the network distribution efficiency is improved, meanwhile, the potential danger that the unknown STA device 4 initiates network attack is avoided, the overall safety of network communication is improved, and the management and the use of the device are facilitated.
In addition, in the continuous networking process of different STA devices 4, the white list mechanism is always in an on state, CCO1 allows the obtained STA device 4 information to be continuously added into the white list or the STA device 4 with verification failure to kick out the white list, so that the STA device 4 with verification failure is disconnected, the invasion of the unauthorized STA device 4 is effectively prevented, the network security is ensured, CCO1 is responsible for maintaining the white list, smooth networking of the STA device 4 provided by a legal channel is ensured, the networking security of the STA device 4 of the whole PLC system is greatly improved by introducing the white list control mechanism, and the device security verification and identity verification mechanism introduced in the network allocation process provides strong support for system protection potential network attacks.
As shown in fig. 1 and fig. 2, the device network access method further includes:
s8, exchanging keys: after the verification of the PLC gateway 2 is successful, the PLC gateway periodically exchanges a key with the STA device 4, and performs encrypted communication through the key. Aiming at the network-accessed equipment, the gateway and the STA equipment 4 perform periodic exchange of communication keys, so that the data privacy of a user is effectively protected, the overall security of network communication is improved, and potential threats of data leakage and unauthorized access are prevented.
Further, the server 3 and the PLC gateway 2 encrypt communication by using an asymmetric encryption algorithm, where the asymmetric encryption algorithm includes one or more of RSA (Rivest-Shamir-Adleman, an asymmetric algorithm), DSA (digital signature algorithm), SM2 (national encryption algorithm standard), and ECC (elliptic curve encryption); the STA device 4 and the PLC gateway 2 encrypt communication by using a symmetric encryption algorithm, where the symmetric encryption algorithm includes one or more of AES (advanced encryption standard), DES (data encryption standard), SM4 (national cipher block cipher algorithm standard), SM1 (symmetric cipher) and Diffie-Hellman (Diffie-Hellman key exchange protocol), and the asymmetric encryption algorithm requires higher computation power and time than the symmetric encryption algorithm, is inconvenient for real-time communication, but has higher security.
Further, the device networking method further comprises the following steps:
s9, sending a report: the PLC gateway 2 reports the verification result of the STA device 4 to the server 3, and the server 3 sends a corresponding verification result message to the user, so that the user threshold is reduced, and the user experience and the network distribution efficiency are improved.
Further, the STA device 4 information includes one or more of a device production serial number, a device product ID, a device type ID, a device manufacturer ID, a device MAC address, a device model number, a device protocol version, a device firmware version, a device hardware version, and a device software version, and in this embodiment, when the IEEE1901.1 protocol is adopted, the STA device 4 information is a MAC address.
Example two
Referring to fig. 1 and 2, the present embodiment provides an internet of things system based on PLC communication, which is created based on PLC-IoT and used for executing the device networking method described in the first embodiment, and the system includes CCO1, PLC gateway 2, STA device 4 and server 3.
Further, the system is created based on IEEE1901.1 protocol, and STA device 4 information is a device MAC address.
Specifically, the system in this embodiment adopts a PLC-IoT based on IEEE protocol, where the PLC-IoT is a mid-band power line carrier communication technology facing the scene of the internet of things, its operating band range is 0.7-12mhz, and the PLC-IoT adopts a time-frequency diversity technology, and data can be backed up in two dimensions of time domain and frequency domain to prevent interference or loss of certain time or frequency information, so as to cope with strong interference and frequency selective attenuation of the power line, thereby improving anti-attenuation and noise resistance.
Further, CCO1 includes:
the white list control unit 11 is configured to generate a white list of the STA device 4 and keep open or delete the STA device 4 information from the white list, so as to ensure that only devices provided through legal channels can smoothly access the network, and enable the system to effectively prevent intrusion of unauthorized STA devices 4, thereby ensuring network security.
The transceiver unit 12 is configured to receive and send a message and device information between the PLC gateway 2 and the STA device 4, for example, receive device information from the STA device 4 from the PLC gateway through power carrier communication, and for example, the PLC gateway sends a query message to the CCO1, the CCO1 sends the query message to the STA device 4 through power carrier communication, and the STA device 4 replies device information through power carrier communication after receiving the query message, and the query message is forwarded to the PLC gateway by the CCO 1.
Meanwhile, the PLC gateway 2 includes:
a decryption unit 21, configured to receive the ciphertext sent by the server 3 and decrypt and obtain related information of the STA device 4, and send the related information to the CCO1;
the query unit 22 is configured to send a query message to the CCO1 and obtain relevant information of the STA device 4 after the STA device 4 successfully accesses the network;
the checking unit 23 is configured to check the information of the on-line STA device 4, report that the server 3 is successful in network access after the check is successful, and issue a white list kick-out instruction to the CCO1 after the check is failed; in the network access process, the verification unit 23 continuously verifies the information of the network access STA equipment 4 and notifies the CCO to kick out the STA equipment 4 with non-conforming information, so that a large number of STA equipment 4 to be deleted and a white list to increase the workload of the process is prevented, the network access and distribution process of the equipment is effectively simplified, a user does not need to perform complex operation and setting, the network distribution efficiency is improved, meanwhile, the potential danger that the unknown STA equipment 4 initiates network attack is avoided, the overall safety of network communication is improved, and the management and the use of the equipment are facilitated.
The key exchange unit 24 is configured to exchange keys with the STA device 4 periodically, and effectively protect data privacy of the user by using key encryption communication, improve overall security of network communication, and prevent potential threat of data disclosure and unauthorized access;
the secret key is a secret key encrypted by a private key of a symmetric encryption algorithm, and the encryption algorithm comprises one or more of AES (advanced encryption standard), DES (data encryption standard), SM4 (national cipher block cipher algorithm standard), SM1 (symmetric cipher) and Diffie-Hellman (Diffie-Hellman key exchange protocol).
Further, the server 3 includes:
an acquisition module 31, configured to acquire STA device 4 information;
the encryption module 32 is configured to encrypt the STA device 4 information with a private key and send a ciphertext to the PLC gateway 2, where the key is a key encrypted with an asymmetric encryption algorithm, and the encryption algorithm includes one or more of RSA (Rivest-Shamir-Adleman, an asymmetric algorithm), DSA (digital signature algorithm), SM2 (national encryption algorithm standard), and ECC (elliptic curve encryption).
Specifically, the collecting module 31 collects the MAC address of the STA device, the encrypting module 32 encrypts the STA device 4 information and sends the encrypted STA device information to the PLC gateway 2, the decrypting unit 21 decrypts the STA device 4 information, the PLC gateway 2 sends the information to the CCO1, and the whitelist control unit 11 in the CCO1 adds the STA device 4 information to the whitelist, where by securely encrypting and transmitting the STA device 4 information, it is ensured that the information provided by the user is not easy to be tampered or stolen, and this security improvement lays a solid foundation for the whole network access process.
Meanwhile, after the STA device 4 is accessed to the network, the transceiver unit 12 in the CCO1 reports the information of the accessed STA device 4 to the PLC gateway 2, the query unit 22 in the PLC gateway 2 transmits the query message, the transceiver unit 12 transmits the query message to the accessed STA device 4 through the PLC, the accessed STA device 4 receives the query message and replies the device information through the PLC, the transceiver unit 12 receives and forwards the query message to the PLC gateway 2, the verification unit 23 continuously verifies the information of the accessed STA device 4, and notifies the white list control unit 11 in the CCO1 to kick out the STA device 4 with the non-conforming information, so that the network access and distribution processes of the device are effectively simplified, the user does not need to carry out complex operation and setting, the network distribution efficiency is improved, the potential danger that the unknown STA device 4 initiates network attack is avoided, the overall safety of network communication is improved, and the management and use of the device are facilitated.
In the continuous networking process of different STA devices 4, the white list control unit 11 is always in an on state, the white list control unit 11 continuously adds the obtained STA device 4 information into the white list or kicks off the STA device 4 with failed verification, so that the STA device 4 with failed verification is disconnected, the invasion of the unauthorized STA device 4 is effectively prevented, the network security is ensured, the CCO1 is responsible for maintaining the white list, the smooth networking of the STA device 4 provided by a legal channel is ensured, the networking security of the STA device 4 of the whole PLC system is greatly improved by introducing a white list control mechanism, and a strong support is provided for the system protection potential network attack by introducing a device security verification and identity verification mechanism in the network allocation process.
Further, after the verification unit 23 succeeds in verification, the PLC gateway 2 periodically exchanges keys with the STA device 4 through the key exchange unit 24, and performs encrypted communication through the keys. Aiming at the network-accessed equipment, the gateway and the STA equipment 4 perform periodic exchange of communication keys, so that the data privacy of a user is effectively protected, the overall security of network communication is improved, and potential threats of data leakage and unauthorized access are prevented.
It should be appreciated that all involved encryption algorithms and communication protocols may be adapted and updated according to actual requirements and security standards, and that the message formats and protocol specifications during communication should conform to the relevant standards to ensure efficient communication between devices.
In addition, it should be noted that in several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The present invention is not limited to the above-mentioned embodiments, and any changes or substitutions that can be easily understood by those skilled in the art within the technical scope of the present invention are intended to be included in the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.
Claims (10)
1. The device network access method based on PLC communication is characterized by comprising the following steps:
s1, encryption: the server encrypts the acquired STA equipment information through a private key and sends the ciphertext to the PLC gateway;
s2, decrypting: the PLC gateway decrypts the ciphertext through a public key preset in advance to obtain the STA equipment information, and sends the STA equipment information to a CCO;
s3, inputting: the CCO adds the STA equipment information into a white list and waits for the STA equipment to enter a network;
s4, network access: triggering the network access method of the STA equipment by a user in an interactive mode, wherein the STA equipment joins a network;
s5, inquiring: the CCO reports the information of the STA equipment which is accessed to the network to the PLC gateway, the PLC gateway sends a query message to the CCO, and the CCO sends the query message to the STA equipment through the PLC;
s6, feedback: the STA equipment receives the query message and replies the STA equipment information through power carrier communication, and the CCO forwards the STA equipment information to the PLC gateway;
s7, checking: and the PLC gateway checks the STA equipment information, if the check is successful, the PLC gateway reports the success of network access of the STA equipment to the server, and if the check is failed, the PLC gateway issues a white list kicking instruction to the CCO.
2. The PLC communication based device networking method of claim 1, further comprising:
s8, exchanging keys: and after the PLC gateway is successfully checked, the PLC gateway periodically exchanges a key with the STA equipment, and encrypts communication through the key.
3. The method for accessing a network of devices based on PLC communication according to claim 2, wherein an asymmetric encryption algorithm is adopted between the server and the PLC gateway for encrypting communication, and the asymmetric encryption algorithm comprises one or more of RSA, DSA, SM and ECC; and the STA equipment and the PLC gateway encrypt communication by adopting a symmetrical encryption algorithm, wherein the symmetrical encryption algorithm comprises one or more of AES, DES, SM, SM1 and Diffie-Hellman.
4. The PLC communication based device networking method of claim 1, further comprising:
s9, sending a report: and the PLC gateway reports the verification result of the STA equipment to the server, and the server sends a corresponding verification result message to the user.
5. The PLC communication based device networking method of claim 1, wherein the STA device information includes one or more of a device production serial number, a device product ID, a device type ID, a device manufacturer ID, a device MAC address, a device model number, a device protocol version, a device firmware version, a device hardware version, and a device software version.
6. Internet of things system based on PLC communication, its characterized in that: the system comprises a CCO, a PLC gateway, a STA device and a server, and is configured to perform the device networking method according to any one of claims 1-5.
7. The PLC communication-based internet of things system of claim 6, wherein: the system is created based on the IEEE1901.1 protocol, and the STA device information is a device MAC address.
8. The PLC communication based internet of things system of claim 6, wherein the CCO comprises:
a white list control unit, configured to generate a white list of the STA device and keep on or delete the STA device information from the white list;
and the receiving and transmitting unit is used for receiving and transmitting messages and equipment information between the PLC gateway and the STA equipment.
9. The PLC communication based internet of things system of claim 6, wherein the PLC gateway comprises:
the decryption unit is used for receiving the ciphertext sent by the server and decrypting to obtain the related information of the STA equipment, and sending the related information to the CCO;
the query unit is used for sending a query message to the CCO and acquiring related information of the STA equipment after the STA equipment is successfully accessed to the network;
the checking unit is used for checking the information of the STA equipment which is accessed to the network, reporting the success of the check to the server, and issuing a white list-kicking instruction to the CCO after the check fails;
and the key exchange unit is used for periodically exchanging the key with the STA equipment and encrypting communication through the key.
10. The PLC communication based internet of things system of claim 6, wherein the server comprises:
the acquisition module is used for acquiring the STA equipment information;
and the encryption module is used for encrypting the STA equipment information through a private key and sending the ciphertext to the PLC gateway.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311712560.5A CN117714138A (en) | 2023-12-13 | 2023-12-13 | Internet of things system based on PLC communication and equipment network access method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311712560.5A CN117714138A (en) | 2023-12-13 | 2023-12-13 | Internet of things system based on PLC communication and equipment network access method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117714138A true CN117714138A (en) | 2024-03-15 |
Family
ID=90154788
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311712560.5A Pending CN117714138A (en) | 2023-12-13 | 2023-12-13 | Internet of things system based on PLC communication and equipment network access method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117714138A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN118400204A (en) * | 2024-06-28 | 2024-07-26 | 广东信通通信有限公司 | Sensor white list remote management method and system based on power dual-mode carrier |
-
2023
- 2023-12-13 CN CN202311712560.5A patent/CN117714138A/en active Pending
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN118400204A (en) * | 2024-06-28 | 2024-07-26 | 广东信通通信有限公司 | Sensor white list remote management method and system based on power dual-mode carrier |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105577680B (en) | Key generation method, encrypted data analysis method, device and key management center | |
EP3057351B1 (en) | Access method, system, and device of terminal, and computer storage medium | |
CN108880813B (en) | Method and device for realizing attachment process | |
CN103118363B (en) | A kind of method of mutual biography secret information, system, terminal unit and platform device | |
KR20060122685A (en) | Key handshaking method for wireless local area networks | |
CN110192381A (en) | The transmission method and equipment of key | |
KR101675332B1 (en) | Data commincaiton method for vehicle, Electronic Control Unit and system thereof | |
US20060233376A1 (en) | Exchange of key material | |
CN111711625A (en) | Power system information security encryption system based on power distribution terminal | |
CN101895882A (en) | Data transmission method, system and device in WiMAX system | |
JP2007506329A (en) | Method for improving WLAN security | |
US7293289B1 (en) | Apparatus, method and computer program product for detection of a security breach in a network | |
CN112383917B (en) | Beidou safety communication method and system based on quotient algorithm | |
CN111770588B (en) | Method and system for quickly establishing wireless connection with wireless router | |
US11019037B2 (en) | Security improvements in a wireless data exchange protocol | |
CN117714138A (en) | Internet of things system based on PLC communication and equipment network access method thereof | |
CN104243452A (en) | Method and system for cloud computing access control | |
US20100131762A1 (en) | Secured communication method for wireless mesh network | |
CN112512064B (en) | Wireless distribution network method, wireless gateway and equipment to be accessed | |
WO2008122182A1 (en) | A data transmission method and terminals | |
CN115835194B (en) | NB-IOT terminal safety access system and access method | |
CN113765900B (en) | Protocol interaction information output transmission method, adapter device and storage medium | |
CN111132143A (en) | Integrated multimedia intelligent equipment safety protection system and method | |
CN107733929B (en) | Authentication method and authentication system | |
CN112054905B (en) | Secure communication method and system of mobile terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |