阅读说明：本技术 安全验证方法、系统、物联网平台、终端和可读存储介质 (Security verification method and system, Internet of things platform, terminal and readable storage medium ) 是由 彭昭 于 2018-07-16 设计创作，主要内容包括：本公开涉及一种安全验证方法、系统、物联网平台、终端和可读存储介质,涉及物联网技术领域。本公开的方法包括：物联网平台周期性接收终端发送的安全状态验证请求,安全状态验证请求包括终端根据连接状态信息和身份信息生成的当前周期安全值；物联网平台根据记录的终端连接状态信息和身份信息生成当前周期验证值；物联网平台将当前周期安全值与当前周期验证值进行比对,确定终端是否为安全终端,并向终端返回验证结果。本公开中物联网平台在终端接入后,对终端进行周期性安全验证,并且根据连接状态信息和身份信息多方面信息对终端进行验证,提高了物联网中终端的安全性和准确性,提高了物联网系统的整体安全性。(The disclosure relates to a security verification method, a security verification system, an Internet of things platform, a terminal and a readable storage medium, and relates to the technical field of Internet of things. The method of the present disclosure comprises: the method comprises the steps that an Internet of things platform periodically receives a security state verification request sent by a terminal, wherein the security state verification request comprises a current period security value generated by the terminal according to connection state information and identity information; the Internet of things platform generates a current period verification value according to the recorded terminal connection state information and identity information; and the Internet of things platform compares the current period safety value with the current period verification value, determines whether the terminal is a safety terminal, and returns a verification result to the terminal. According to the internet of things platform, after the terminal is accessed, the terminal is periodically and safely verified, and the terminal is verified according to the multi-aspect information of the connection state information and the identity information, so that the safety and the accuracy of the terminal in the internet of things are improved, and the overall safety of the internet of things system is improved.)

1. A security authentication method, comprising:

the method comprises the steps that an Internet of things platform periodically receives a security state verification request sent by a terminal, wherein the security state verification request comprises a current period security value generated by the terminal according to connection state information and identity information;

the Internet of things platform generates a current period verification value according to the recorded terminal connection state information and identity information;

and the Internet of things platform compares the current period safety value with the current period verification value, determines whether the terminal is a safety terminal, and returns a verification result to the terminal.

2. The security authentication method of claim 1,

the current period security value is a hash value generated by the terminal after combining the connection state information and the identity information;

the internet of things platform generating the verification value of the current period according to the recorded terminal connection state information and the identity information comprises the following steps:

and the Internet of things platform combines the recorded terminal connection state information and the identity information to generate a hash value serving as the current period verification value.

3. The security authentication method of claim 1,

the identity information comprises a random number corresponding to the terminal;

the method further comprises the following steps:

the internet of things platform generates a random number of a current period and sends the random number to the terminal, or the internet of things platform responds to the arrival of a random number updating period, generates a random number and sends the random number to the terminal, so that the terminal responds to the random number of the current period and sends a safety state verification request.

4. The security authentication method of claim 1,

the connection state information comprises the times of data uploading of the terminal in a preset time period;

the method further comprises the following steps:

and the Internet of things platform responds to the received terminal uploading data and updates the times of uploading data by the terminal in a preset time period.

5. The security authentication method according to any one of claims 1 to 4,

the connection state information comprises the information of an interaction port of the terminal and the platform of the Internet of things;

or, in a case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

6. A security authentication method, comprising:

the terminal generates a current period safety value according to the connection state information and the identity information;

the terminal periodically sends a security state verification request to an Internet of things platform, wherein the security state verification request comprises the current period security value, so that the Internet of things platform conducts security verification on the terminal according to the current period security value and the current period verification value; the current period verification value is generated by the Internet of things platform according to the recorded terminal connection state information and identity information;

and the terminal receives a verification result returned by the Internet of things platform.

7. The security authentication method of claim 6,

the terminal generating the current period security value according to the connection state information and the identity information comprises:

the terminal combines the connection state information and the identity information to generate a hash value serving as the current period safety value;

and the current period verification value is a hash value generated by combining the recorded terminal connection state information and identity information by the Internet of things platform.

8. The security authentication method of claim 6,

the identity information comprises a random number corresponding to the terminal;

the method further comprises the following steps:

the terminal receives the random number of the current period sent by the Internet of things platform, or the terminal receives the random number sent by the Internet of things platform in response to the arrival of the random number updating period so as to send a safety state verification request in response to the random number of the current period.

9. The security authentication method of claim 6,

the connection state information comprises the times of data uploading of the terminal in a preset time period;

the method further comprises the following steps:

and after the terminal uploads the data, updating the times of uploading the data in a preset time period.

10. The security authentication method according to any one of claims 6 to 9,

the connection state information comprises the information of an interaction port of the terminal and the platform of the Internet of things;

or, in a case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

11. An internet of things platform, comprising:

the terminal comprises an information receiving module, a processing module and a processing module, wherein the information receiving module is used for periodically receiving a security state verification request sent by the terminal, and the security state verification request comprises a current period security value generated by the terminal according to connection state information and identity information;

the verification value generating module is used for generating a verification value of the current period according to the recorded terminal connection state information and the identity information;

and the verification module is used for comparing the current period safety value with the current period verification value, determining whether the terminal is a safety terminal or not, and returning a verification result.

12. The Internet of things platform of claim 11,

the current period security value is a hash value generated by the terminal after combining the connection state information and the identity information;

and the verification value generation module is used for combining the recorded terminal connection state information and the identity information to generate a hash value serving as the verification value of the current period.

13. The internet of things platform of claim 11, further comprising: an identity information generation module;

the identity information comprises a random number corresponding to the terminal;

the identity information generation module is used for generating a random number of a current period and sending the random number to the terminal, or responding to the arrival of a random number updating period, generating a random number and sending the random number to the terminal, so that the terminal can send a safety state verification request in response to the random number of the current period.

14. The internet of things platform of claim 11, further comprising: a record updating module;

the connection state information comprises the times of data uploading of the terminal in a preset time period;

and the record updating module is used for responding to the received terminal uploading data and updating the times of uploading data by the terminal in a preset time period.

15. The Internet of things platform of any one of claims 11-14,

the connection state information comprises the information of an interaction port of the terminal and the platform of the Internet of things;

or, in a case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

16. A terminal, comprising:

the safety value generating module is used for generating a safety value in the current period according to the connection state information and the identity information;

the information sending module is used for periodically sending a security state verification request to the Internet of things platform, wherein the security state verification request comprises the current period security value, so that the Internet of things platform can perform security verification on the terminal according to the current period security value and the current period verification value; the current period verification value is generated by the Internet of things platform according to the recorded terminal connection state information and identity information;

and the result receiving module is used for receiving the verification result returned by the Internet of things platform.

17. The terminal of claim 16, wherein,

the safety value generation module is used for combining the connection state information and the identity information to generate a hash value as the safety value of the current period;

and the current period verification value is a hash value generated by combining the recorded terminal connection state information and identity information by the Internet of things platform.

18. The terminal of claim 16, further comprising: an identity information receiving module;

the identity information comprises a random number corresponding to the terminal;

the identity information receiving module is used for receiving the random number of the current period sent by the Internet of things platform, or receiving the random number sent by the Internet of things platform in response to the arrival of the random number updating period so as to send a security state verification request in response to the random number of the current period.

19. The terminal of claim 16, further comprising: an information updating module;

the connection state information comprises the times of data uploading of the terminal in a preset time period;

the information updating module is used for updating the times of uploading data in a preset time period after uploading the data.

20. The terminal of any one of claims 16-19,

the connection state information comprises the information of an interaction port of the terminal and the platform of the Internet of things;

or, in a case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

21. A security verification apparatus comprising:

a memory; and

a processor coupled to the memory, the processor configured to perform the security verification method of any of claims 1-10 based on instructions stored in the memory device.

22. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 10.

23. A security verification system comprising: the internet of things platform of any one of claims 11-15 and the terminal of any one of claims 16-20.

Technical Field

The disclosure relates to the technical field of internet of things, and in particular relates to a security verification method, a security verification system, an internet of things platform, a terminal and a readable storage medium.

Background

Along with the scale development of the internet of things, the safety problem of the internet of things terminal is increasingly highlighted. Hidden trust between terminals of the Internet of things causes hidden danger in the Internet of things system. Whether the terminal of the internet of things is safe or not seriously affects the overall safety of the current end-to-end system of the internet of things.

At present, the security problem of the terminal of the internet of things is mostly focused on the access security of the terminal of the internet of things, namely, the identity of the terminal is safely verified when the terminal is accessed.

Disclosure of Invention

The inventor finds that: under the condition that the identity information is stolen after the terminal is accessed, the safety of the terminal cannot be ensured by the conventional method for authenticating the identity of the terminal during the terminal access.

One technical problem to be solved by the present disclosure is: how to improve the security of the terminal in the internet of things.

According to some embodiments of the present disclosure, there is provided a security verification method including: the method comprises the steps that an Internet of things platform periodically receives a security state verification request sent by a terminal, wherein the security state verification request comprises a current period security value generated by the terminal according to connection state information and identity information; the Internet of things platform generates a current period verification value according to the recorded terminal connection state information and identity information; and the Internet of things platform compares the current period safety value with the current period verification value, determines whether the terminal is a safety terminal, and returns a verification result to the terminal.

In some embodiments, the current period security value is a hash value generated by combining the connection state information and the identity information by the terminal; the internet of things platform generating the verification value of the current period according to the recorded terminal connection state information and the identity information comprises the following steps: and combining the recorded terminal connection state information and the identity information by the Internet of things platform to generate a hash value serving as a current period verification value.

In some embodiments, the identity information includes a random number corresponding to the terminal; the method further comprises the following steps: the Internet of things platform generates a random number of a current period and sends the random number to the terminal, or the Internet of things platform responds to the arrival of a random number updating period and generates the random number and sends the random number to the terminal, so that the terminal responds to the random number of the current period and sends a safety state verification request.

In some embodiments, the connection status information includes the number of times the terminal uploads data within a preset time period; the method further comprises the following steps: and the Internet of things platform responds to the received terminal uploading data and updates the times of uploading the data by the terminal in a preset time period.

In some embodiments, the connection state information includes interaction port information of the terminal and the internet of things platform; or, in the case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

According to further embodiments of the present disclosure, there is provided a security authentication method including: the terminal generates a current period safety value according to the connection state information and the identity information; the terminal periodically sends a security state verification request to the Internet of things platform, wherein the security state verification request comprises a current period security value, so that the Internet of things platform can perform security verification on the terminal according to the current period security value and the current period verification value; the current period verification value is generated by the Internet of things platform according to the recorded terminal connection state information and identity information; and the terminal receives a verification result returned by the Internet of things platform.

In some embodiments, the generating, by the terminal, the current period security value according to the connection state information and the identity information includes: the terminal combines the connection state information and the identity information to generate a hash value which is used as a current period safety value; the current period verification value is a hash value generated by combining the recorded terminal connection state information and the identity information by the Internet of things platform.

In some embodiments, the identity information includes a random number corresponding to the terminal; the method further comprises the following steps: the terminal receives the random number of the current period sent by the Internet of things platform, or the terminal receives the random number sent by the Internet of things platform in response to the arrival of the random number updating period, so that the terminal sends a safety state verification request in response to the random number of the current period.

In some embodiments, the connection status information includes the number of times the terminal uploads data within a preset time period; the method further comprises the following steps: and after the terminal uploads the data, updating the times of uploading the data in a preset time period.

In some embodiments, the connection state information includes interaction port information of the terminal and the internet of things platform; or, in the case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

According to still other embodiments of the present disclosure, there is provided an internet of things platform, including: the information receiving module is used for periodically receiving a security state verification request sent by the terminal, wherein the security state verification request comprises a current period security value generated by the terminal according to the connection state information and the identity information; the verification value generating module is used for generating a verification value of the current period according to the recorded terminal connection state information and the identity information; and the verification module is used for comparing the current period safety value with the current period verification value, determining whether the terminal is a safety terminal or not, and returning a verification result.

In some embodiments, the current period security value is a hash value generated by combining the connection state information and the identity information by the terminal; and the verification value generation module is used for combining the recorded terminal connection state information and the identity information to generate a hash value serving as a current period verification value.

In some embodiments, the internet of things platform further comprises: an identity information generation module; the identity information comprises a random number corresponding to the terminal; the identity information generation module is used for generating a random number of the current period and sending the random number to the terminal, or responding to the arrival of a random number updating period, generating the random number and sending the random number to the terminal, so that the terminal responds to the random number of the current period and sends a security state verification request.

In some embodiments, the internet of things platform further comprises: a record updating module; the connection state information comprises the times of data uploading of the terminal in a preset time period; and the record updating module is used for responding to the received terminal uploading data and updating the times of uploading data by the terminal in a preset time period.

In some embodiments, the connection state information includes interaction port information of the terminal and the internet of things platform; or, in the case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

According to still further embodiments of the present disclosure, there is provided a terminal including: the safety value generating module is used for generating a safety value in the current period according to the connection state information and the identity information; the information sending module is used for periodically sending a safety state verification request to the Internet of things platform, wherein the safety state verification request comprises a current period safety value, so that the Internet of things platform can perform safety verification on the terminal according to the current period safety value and the current period verification value; the current period verification value is generated by the Internet of things platform according to the recorded terminal connection state information and identity information; and the result receiving module is used for receiving the verification result returned by the Internet of things platform.

In some embodiments, the security value generation module is configured to combine the connection state information and the identity information to generate a hash value as a security value of the current period; the current period verification value is a hash value generated by combining the recorded terminal connection state information and the identity information by the Internet of things platform.

In some embodiments, the terminal further comprises: an identity information receiving module; the identity information comprises a random number corresponding to the terminal; the identity information receiving module is used for receiving the random number of the current period sent by the Internet of things platform, or receiving the random number sent by the Internet of things platform in response to the arrival of the random number updating period so as to send a security state verification request in response to the random number of the current period.

In some embodiments, the terminal further comprises: an information updating module; the connection state information comprises the times of data uploading of the terminal in a preset time period; the information updating module is used for updating the times of uploading data in a preset time period after uploading the data.

In some embodiments, the connection state information includes interaction port information of the terminal and the internet of things platform; or, in the case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

According to still other embodiments of the present disclosure, there is provided a security authentication apparatus including: a memory; and a processor coupled to the memory, the processor configured to perform a security verification method as in any of the preceding embodiments based on instructions stored in the memory device.

According to still further embodiments of the present disclosure, there is provided a computer-readable storage medium having stored thereon a computer program, wherein the program, when executed by a processor, implements the steps of the security authentication method of any of the preceding embodiments.

According to still further embodiments of the present disclosure, there is provided a security verification system including: the internet of things platform of any of the foregoing embodiments, and the terminal of any of the foregoing embodiments.

In the method, the terminal periodically sends a security state verification request to the Internet of things platform, wherein the security state verification request comprises a current period security value generated by the terminal according to the connection state information and the identity information. And the Internet of things platform generates a current period verification value according to the recorded terminal connection state information and the identity information, and compares the current period security value with the current period verification value to determine whether the terminal is a security terminal. According to the internet of things platform, after the terminal is accessed, the terminal is periodically and safely verified, and the terminal is verified according to the multi-aspect information of the connection state information and the identity information, so that the safety and the accuracy of the terminal in the internet of things are improved, and the overall safety of the internet of things system is improved.

Other features of the present disclosure and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.

Drawings

In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and other drawings can be obtained by those skilled in the art without creative efforts.

Fig. 1 illustrates a flow diagram of a security verification method of some embodiments of the present disclosure.

Fig. 2 shows a flow diagram of a security verification method of further embodiments of the present disclosure.

Fig. 3 illustrates a structural schematic diagram of an internet of things platform of some embodiments of the present disclosure.

Fig. 4 illustrates a schematic structural diagram of a terminal of some embodiments of the present disclosure.

Fig. 5 illustrates a schematic structural diagram of a security verification device of some embodiments of the present disclosure.

Fig. 6 shows a schematic structural diagram of a security authentication device according to further embodiments of the present disclosure.

Fig. 7 illustrates a schematic structural diagram of a security verification system of some embodiments of the present disclosure.

Detailed Description

The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.

The present disclosure provides a method for security verification of a terminal in the internet of things, some embodiments of which are described below in conjunction with fig. 1.

Fig. 1 is a flow diagram of some embodiments of a security verification method of the present disclosure. As shown in fig. 1, the method of this embodiment includes: steps S102 to S110.

And step S102, the terminal generates a current period safety value according to the connection state information and the identity information.

The connection state information of the terminal is used for representing the connection condition of the terminal and the Internet of things platform. For example, the connection state information includes the number of times the terminal uploads data within a preset time period. The terminal can count the times of uploading data in a preset time period, and after the terminal uploads the data, the times of uploading the data in the preset time period are updated. The Internet of things platform can respond to the fact that the data uploaded by the terminal are received each time, and the times of uploading the data by the terminal in a preset time period are updated. The terminal and the Internet of things platform can also record the timestamp of the data reported by the terminal each time. For example, the terminal reports the temperature data twice within 6 hours, and the internet of things platform receives and records corresponding uplink information. The interaction of the heartbeat packet between the terminal and the platform of the Internet of things can not count the times of uploading data.

The preset time period may be determined by negotiation between the terminal and the internet of things platform, for example, may be a preset time period before the terminal performs security verification, for example, 6 hours before the security verification; or, the preset time period is equal to the cycle length of the terminal for the security verification cycle, that is, the number of times of uploading data in the last cycle of the terminal is counted as the connection state information; or, the terminal requests the internet of things platform for the statistical time period, and the internet of things platform replies the statistical time period to the terminal as a preset time period, that is, the preset time period of each security verification period can be dynamically adjusted.

The connection status information may further include a terminal access duration, a number of times that the terminal receives downlink data in a preset time period, and the like, which is not limited to the examples given. The connection state information may include the above dynamic information, and even if the identity information of the legal terminal is stolen by the illegal terminal, the dynamic connection state information such as the number of times of uploading data by the legal terminal and the like cannot be obtained due to different terminal devices. Therefore, the safety and the accuracy of the terminal safety authentication are improved.

The connection state information may further include static information of the connection between the terminal and the internet of things platform. For example, the address information of the terminal may be port information of the terminal interacting with the platform of the internet of things. Under the condition that a plurality of Internet of things platforms exist, the terminal can be distributed to the fixed Internet of things platform for data interaction. In the case where the terminal is assigned to a fixed internet of things platform, the connection state information may further include address information of the internet of things platform to which the terminal is assigned. The address and the interactive port for illegal terminal login and the connected Internet of things platform are possibly different from the terminal, and the safety of the terminal can be judged according to the information.

The identity information of the terminal may be information for uniquely identifying the identity of the terminal. For example, the internet of things platform allocates a random number, or a token (token), a feature string, and the like to the terminal. Taking the random number as an example, the internet of things platform may send the corresponding random number to the terminal at the beginning of each security verification period. Namely, the platform of the internet of things generates a random number of the current period and sends the random number to the terminal, and the terminal responds to the received random number of the current period and sends a safety state verification request. Or, the internet of things platform sends the corresponding random number to the terminal according to the random number updating period, which may be different from the security verification period. The Internet of things platform responds to the arrival of the random number updating period, generates the random number and sends the random number to the terminal. And the terminal updates the stored random number after receiving the random number sent by the Internet of things.

The Internet of things platform can send the identity information distributed for the terminal to the terminal through a terminal management protocol. The identity information may be fixed or may be periodically dynamically changing. The form of the identity information is not limited to the above-mentioned examples.

In some embodiments, the terminal combines the connection state information and the identity information to generate a hash value as the current period security value. The hash value is generated from the connection state information and the identity information of the terminal, so that the safety of the transmission process is enhanced, and illegal users are prevented from intercepting the information. For example, the current period security value is Hash (port array + platform address + number of terminal reports + random number).

Step S104, the terminal periodically sends a safety state verification request to the Internet of things platform, and correspondingly, the Internet of things platform periodically receives the safety state verification request sent by the terminal.

The security state validation request includes a current cycle security value.

And S106, generating a verification value of the current period by the Internet of things platform according to the recorded terminal connection state information and the identity information.

In step S102, the connection state information and the identity information of the terminal may be recorded and stored in the internet of things platform. And the Internet of things platform generates a current period verification value by adopting the same method as the method for generating the current period security value by the terminal. Namely, the internet of things platform can combine the recorded terminal connection state information and the identity information to generate a hash value as a current period verification value.

And S108, comparing the current period safety value with the current period verification value by the Internet of things platform to determine whether the terminal is a safety terminal.

And under the condition that the current period safety value is consistent with the current period verification value, the Internet of things platform determines that the terminal is a safety terminal. On the contrary, under the condition that the current period security value is inconsistent with the current period verification value, the internet of things platform determines that the terminal is an unsafe terminal.

Step S110, the Internet of things platform sends a verification result to the terminal, and correspondingly, the terminal receives the verification result returned by the Internet of things platform.

And under the condition that the terminal is determined to be unsafe, the Internet of things platform can also send warning information to the terminal.

In the method of the embodiment, the terminal periodically sends the security state verification request to the internet of things platform, and the security state verification request includes a current period security value generated by the terminal according to the connection state information and the identity information. And the Internet of things platform generates a current period verification value according to the recorded terminal connection state information and the identity information, and compares the current period security value with the current period verification value to determine whether the terminal is a security terminal. According to the method, after the terminal is accessed, the platform of the Internet of things periodically verifies the terminal, and verifies the terminal according to the multi-aspect information of the connection state information and the identity information, so that the safety and the accuracy of the terminal in the Internet of things are improved, and the overall safety of the Internet of things system is improved.

Further embodiments of the security verification method of the present disclosure are described below in conjunction with fig. 2.

Fig. 2 is a flow diagram of some embodiments of a security verification method of the present disclosure. As shown in fig. 2, the method of this embodiment includes: steps S202 to S216.

Step S202, the Internet of things platform generates identity information of the current period corresponding to the terminal and sends the identity information to the terminal.

The identity information is, for example, identity identification information such as a random number, a token, a feature string and the like allocated to the terminal by the internet of things platform.

And step S204, the terminal combines the connection state information and the identity information to generate a hash value as a current period safety value.

And step S206, the terminal sends a security state verification request to the Internet of things platform, wherein the security state verification request carries the security value of the current period.

And step S208, combining the recorded connection state information and the identity information of the terminal by the Internet of things platform to generate a hash value serving as a current period verification value.

Step S210, the Internet of things platform compares the current period security value with the current period verification value, if the comparison is consistent, step S212 is executed, otherwise, step S214 is executed.

Step S212, the Internet of things platform returns a verification result that the security verification passes to the terminal.

Step S214, the Internet of things platform returns a verification result that the security verification fails to the terminal.

Step S216, the Internet of things platform judges whether the current period is finished, if so, the next period is entered, and the execution is restarted from step S202.

The present disclosure also provides an internet of things platform, described below in conjunction with fig. 3.

Fig. 3 is a block diagram of some embodiments of the internet of things platform of the present disclosure. As shown in fig. 3, the internet of things platform 30 of this embodiment includes: a message receiving module 302, a verification value generating module 304 and a verification module 306.

The information receiving module 302 is configured to periodically receive a security status verification request sent by the terminal, where the security status verification request includes a current periodic security value generated by the terminal according to the connection status information and the identity information.

In some embodiments, the current period security value is a hash value generated by the terminal combining the connection state information and the identity information.

In some embodiments, the connection state information includes interaction port information of the terminal and the internet of things platform; or, in the case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

In some embodiments, the connection status information includes the number of times the terminal uploads data within a preset time period. The internet of things platform 30 may further include a record updating module 308 for updating the number of times that the terminal uploads data within a preset time period in response to receiving the terminal upload data.

In some embodiments, the identity information includes a random number corresponding to the terminal. The internet of things platform 30 may further include an identity information generation module 310 configured to generate a random number in a current period and send the random number to the terminal, or generate a random number to send to the terminal in response to an arrival of a random number update period, so that the terminal sends a security status verification request in response to receiving the random number in the current period.

And the verification value generating module 304 is configured to generate a verification value in the current period according to the recorded terminal connection state information and the identity information.

In some embodiments, the verification value generating module 304 is configured to combine the recorded terminal connection state information and the identity information to generate a hash value as the current cycle verification value.

The verification module 306 is configured to compare the current period security value with the current period verification value, determine whether the terminal is a secure terminal, and return a verification result.

The present disclosure also provides a terminal, described below in conjunction with fig. 4.

Fig. 4 is a block diagram of some embodiments of the terminal of the present disclosure. As shown in fig. 4, the terminal 40 of this embodiment includes: a security value generation module 402, a message sending module 404 and a result receiving module 406.

A security value generating module 402, configured to generate a security value of the current period according to the connection state information and the identity information.

In some embodiments, the security value generation module 402 is configured to combine the connection status information and the identity information to generate a hash value as the current period security value. The current period verification value is a hash value generated by combining the recorded terminal connection state information and the identity information by the Internet of things platform.

In some embodiments, the connection status information includes the number of times the terminal uploads data within a preset time period. The terminal 40 may further include: and the information updating module 408 is configured to update the number of times of uploading data in a preset time period after uploading data.

In some embodiments, the connection state information includes interaction port information of the terminal and the internet of things platform; or, in the case that the terminal is assigned to a fixed internet of things platform, the connection state information includes address information of the internet of things platform to which the terminal is assigned.

In some embodiments, the identity information includes a random number corresponding to the terminal. The terminal 40 may further include: the identity information receiving module 410 is configured to receive a random number sent by the internet of things platform in a current period, or receive a random number sent by the internet of things platform in response to an arrival of a random number update period, so as to send a security status verification request in response to receiving the random number in the current period.

The information sending module 404 is configured to periodically send a security status verification request to the internet of things platform.

The security state verification request comprises a current period security value, so that the Internet of things platform can perform security verification on the terminal according to the current period security value and the current period verification value. And the current period verification value is generated by the Internet of things platform according to the recorded terminal connection state information and the identity information.

And the result receiving module 406 is configured to receive a verification result returned by the internet of things platform.

The security verification apparatus in the embodiments of the present disclosure, including the internet of things platform or terminal, may be implemented by various computing devices or computer systems, which are described below with reference to fig. 5 and 6.

Fig. 5 is a block diagram of some embodiments of a security authentication device of the present disclosure. As shown in fig. 5, the apparatus 50 of this embodiment includes: a memory 510 and a processor 520 coupled to the memory 510, the processor 520 configured to perform a security verification method in any of the embodiments of the present disclosure based on instructions stored in the memory 510.

Memory 510 may include, for example, system memory, fixed non-volatile storage media, and the like. The system memory stores, for example, an operating system, an application program, a Boot Loader (Boot Loader), a database, and other programs.

Fig. 6 is a block diagram of further embodiments of the security verification device of the present disclosure. As shown in fig. 6, the apparatus 60 of this embodiment includes: memory 610 and processor 620 are similar to memory 510 and processor 520, respectively. An input output interface 630, a network interface 640, a storage interface 650, and the like may also be included. These interfaces 630, 640, 650 and the connections between the memory 610 and the processor 620 may be, for example, via a bus 660. The input/output interface 630 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. The network interface 640 provides a connection interface for various networking devices, such as a database server or a cloud storage server. The storage interface 650 provides a connection interface for external storage devices such as an SD card and a usb disk.

The internet of things platform or the terminal can be realized in a software mode, that is, the security verification method of any of the foregoing embodiments is realized through a computer-readable storage medium.

The present disclosure also provides a security verification system, described below in conjunction with fig. 7.

Fig. 7 is a block diagram of some embodiments of the security verification system of the present disclosure. As shown in fig. 7, the security authentication system 7 of this embodiment includes: the internet of things platform 30 and the terminal 40 of any of the foregoing embodiments. The security authentication system 7 may also include the security authentication device 50 or 60 of the foregoing embodiment.

As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

The above description is only exemplary of the present disclosure and is not intended to limit the present disclosure, so that any modification, equivalent replacement, or improvement made within the spirit and principle of the present disclosure should be included in the scope of the present disclosure.