Processing

Please wait...

Settings

Settings

Goto Application

1. CN109996219 - Internet of things authentication method, network device and terminal

Office
China
Application Number 201810009212.4
Application Date 02.01.2018
Publication Number 109996219
Publication Date 09.07.2019
Publication Kind A
IPC
H04W 4/70
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
4Services specially adapted for wireless communication networks; Facilities therefor
70Services for machine-to-machine communication or machine type communication
H04L 29/06
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04L 29/08
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
08Transmission control procedure, e.g. data link level control procedure
CPC
H04L 63/08
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
H04L 63/0807
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0807using tickets, e.g. Kerberos
H04L 63/168
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
16Implementing security features at a particular protocol layer
168above the transport layer
H04L 67/12
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
67Network-specific arrangements or communication protocols supporting networked applications
12adapted for proprietary or special purpose networking environments, e.g. medical networks, sensor networks, networks in a car or remote metering networks
Applicants RESEARCH INSTITUTE OF CHINA MOBILE COMMUNICATIONS CORPORATION
中国移动通信有限公司研究院
CHINA MOBILE COMMUNICATIONS GROUP CO., LTD.
中国移动通信集团有限公司
Inventors LONG RONG
龙容
LIU KUN
刘琨
Agents 北京银龙知识产权代理有限公司 11243
北京银龙知识产权代理有限公司 11243
Title
(EN) Internet of things authentication method, network device and terminal
(ZH) 一种物联网鉴权方法、网络设备及终端
Abstract
(EN)
The invention provides an Internet of Things authentication method, a network device and a terminal. The method comprises the following steps: sending attribute information of a target security objectto the terminal; wherein the attribute information carries token information; receiving a restricted application protocol CoAP data packet carrying Token information sent by the terminal; and verifying the CoAP data packet according to the Token information. According to the invention, the network device sends the Token information to the terminal through the attribute information of the target security object, and only needs to send the Token information once within the valid period of the Token information, so that the transmission frequency of the Token information can be reduced, and thenetwork overhead is saved. Correspondingly, the terminal only needs to store the Token information once, and the resource requirement of the terminal for storing the Token information can be reduced.

(ZH)
本发明提供了一种物联网鉴权方法、网络设备及终端,其方法包括:向终端发送目标安全对象的属性信息;其中,属性信息中携带有令牌Token信息;接收终端发送的携带有Token信息的限制应用协议CoAP数据包;根据Token信息对CoAP数据包进行验证。本发明的网络设备通过目标安全对象的属性信息向终端发送Token信息,在Token信息的有效期限内只需发送一次,可减少Token信息的传输次数,节省网络开销。相应地,终端也仅需存储一次Token信息,可减少终端存储Token信息的资源需求。