Equipment end, server end, network system and network connection method

文档序号：1819838 发布日期：2021-11-09 浏览：4次中文

阅读说明：本技术 设备端、服务端、网络系统和网络连接方法 (Equipment end, server end, network system and network connection method ) 是由胡晓虎于 2020-05-06 设计创作，主要内容包括：公开了一种设备端、服务端、网络系统和网络连接方法。网络系统包括设备端和服务端。响应于设备端的连接请求,服务端向设备端发送证书。在设备端当前系统时间不在所述证书有效时间范围之内的情况下,设备端向服务端发送当前时间请求。服务端基于所述当前时间请求携带的信息生成签名,并向设备端发送服务端当前系统时间和签名。设备端基于所述信息验证签名,并判断所述服务端当前系统时间是否在所述证书有效时间范围之内。在签名验证失败,或者所述服务端当前系统时间不在所述证书有效时间范围之内的情况下,设备端断开与服务端的连接。由此,能够在保持较高安全性的前提下,减少对NTP的依赖。(Disclosed are a device side, a server side, a network system and a network connection method. The network system comprises a device side and a service side. And responding to the connection request of the equipment side, and sending the certificate to the equipment side by the service side. And under the condition that the current system time of the equipment end is not in the valid time range of the certificate, the equipment end sends a current time request to the server end. And the server generates a signature based on the information carried by the current time request, and sends the current system time and the signature of the server to the equipment. And the equipment side verifies the signature based on the information and judges whether the current system time of the server side is within the valid time range of the certificate. And under the condition that the signature verification fails or the current system time of the server side is not within the valid time range of the certificate, the equipment side is disconnected with the server side. Therefore, the dependence on NTP can be reduced on the premise of keeping high safety.)

1. A network system comprises a device side and a service side, wherein,

responding to a connection request of the equipment terminal, the server terminal sends a certificate to the equipment terminal, wherein the certificate comprises a certificate valid time range;

under the condition that the current system time of the equipment end is not within the valid time range of the certificate, the equipment end sends a current time request to the server end;

the server generates a signature based on the information carried by the current time request, and sends the current system time of the server and the signature to the equipment end;

the equipment side verifies the signature based on the information and judges whether the current system time of the server side is within the valid time range of the certificate; and is

And under the condition that the signature verification fails or the current system time of the server side is not within the valid time range of the certificate, the equipment side is disconnected with the server side.

2. The network system according to claim 1,

after receiving the certificate sent by the server, the equipment side establishes an HTTPS connection with the server, and sends the current time request to the server after establishing the HTTPS connection; and/or

And the device side maintains the HTTPS connection with the server side under the condition that the signature verification is successful and the current system time of the server side is within the valid time range of the certificate.

3. The network system according to claim 1 or 2,

the information includes a random number and/or a MAC address of the device side.

4. The network system according to claim 1 or 2,

the equipment end does not have a real-time clock for maintaining the system time, the equipment end calibrates the system time by executing NTP time synchronization after being electrified for the first time or being powered down and powered up again,

and under the condition that the current system time of the equipment end is not in the valid time range of the certificate due to the fact that NTP time synchronization is not executed, the equipment end sends the current time request to the server end.

5. The network system according to claim 1 or 2,

the device side includes a real-time clock for maintaining system time and a battery for powering the real-time clock,

and under the condition that the current system time of the equipment end is not in the valid time range of the certificate due to insufficient battery power or failure of the real-time clock, the equipment end sends the current time request to the server end.

6. A method for establishing network connection between a device side and a server side comprises the following steps:

sending a connection request to a server;

receiving a certificate returned by a server, wherein the certificate comprises a certificate valid time range;

under the condition that the current system time of the equipment end is not within the valid time range of the certificate, sending a current time request to a server end;

receiving the current system time and a signature of the server returned by the server, wherein the signature is generated based on the information carried by the current time request;

verifying the signature based on the information and judging whether the current system time of the server side is within the valid time range of the certificate; and is

And under the condition that the signature verification fails or the current system time of the server side is not within the valid time range of the certificate, disconnecting the server side.

7. The method of claim 6, further comprising:

after receiving the certificate sent by the server, before sending the current time request to the server, establishing an HTTPS connection with the server; and/or

And maintaining the HTTPS connection with the server under the condition that the signature verification is successful and the current system time of the server is within the valid time range of the certificate.

8. The method of claim 6, wherein,

the information includes a random number and/or a MAC address of the device side.

9. The method of claim 6, further comprising:

performing NTP time synchronization;

after NTP time synchronization is successful, judging whether the current system time of the equipment end is within the valid time range of the certificate; and

and under the condition that the current system time of the equipment side is not within the valid time range of the certificate, disconnecting the equipment side from the service side.

10. The method of any of claims 6 to 9, further comprising:

after NTP time synchronization succeeds, recording the current time; and

and when the equipment side is restarted, using the recorded time as the system starting time.

11. The method of any one of claims 6 to 9,

12. The method of any one of claims 6 to 9,

the device side includes a real-time clock for maintaining system time and a battery for powering the real-time clock,

13. A method for establishing network connection between a device side and a server side comprises the following steps:

receiving a connection request sent by a device end;

returning a certificate to the equipment end, wherein the certificate comprises a certificate valid time range;

receiving a current time request sent by a device end;

generating a signature based on the information carried by the current time request; and

and sending the current system time and the signature of the server to the equipment terminal.

14. A device side, comprising:

the first sending device is used for sending a connection request to the server;

the first receiving device is used for receiving the certificate returned by the server, and the certificate comprises a certificate valid time range;

the second sending device is used for sending a current time request to the server side under the condition that the current system time of the equipment side is not in the valid time range of the certificate;

the second receiving device is used for receiving the current system time and the signature of the server end returned by the server end, wherein the signature is generated based on the information carried by the current time request;

the verification device is used for verifying the signature based on the information and judging whether the current system time of the server side is within the valid time range of the certificate or not; and

and the connection control device is used for disconnecting the connection with the server under the condition that the signature verification fails or the current system time of the server is not within the valid time range of the certificate.

15. A server, comprising:

a third receiving device, configured to receive a connection request sent by the device side;

third sending means, configured to return a certificate to the device side, where the certificate includes a certificate validity time range;

a fourth receiving device, configured to receive a current time request sent by the device side;

the signature device is used for generating a signature based on the information carried by the current time request; and

and the fourth sending device is used for sending the current system time of the server and the signature to the equipment terminal.

16. A computing device, comprising:

a processor; and

a memory having executable code stored thereon, which when executed by the processor, causes the processor to perform the method of any of claims 6 to 13.

17. A non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor of an electronic device, causes the processor to perform the method of any of claims 6 to 13.

Technical Field

The present disclosure relates to network connection technologies, and in particular, to network connection between a device side and a server side.

Background

With the rapid development of communication technology, the requirement of people on communication security is higher and higher, and at present, the secure communication protocol commonly used on the network is the HTTPS network communication protocol. The HTTPS protocol provides authentication and encrypted communication methods.

If the HTTPS certificate fails to verify, the network connection will fail. For the security of network communication, the server side updates the HTTPS certificate.

HTTPS certificates are often set with a certificate validity time range. Beyond the certificate validity time range, the certificate cannot be verified.

However, due to cost issues, smart devices, such as screenless smart speaker devices, are not commonly built-in RTCs (Real _ Time Clock). Thus, after the device is powered down and powered up, the system default time will be the device firmware compile time. This device firmware compile time is often long in the past relative to the current actual time.

If the device is not used for a long time after power down, the device end lags much with respect to the network time/the current actual time. At this time, if the HTTS certificate is updated by the server, the HTTPS certificate will fail to verify because the current time of the system at the device is inaccurate and is not within the valid time range of the certificate, thereby resulting in a failure in networking.

In order to solve this problem, the current system Time at the device end needs to be synchronized with the Network Time, that is, the intelligent device calibrates the current system Time through an NTP (Network Time Protocol), and can successfully connect the gateway after Time synchronization is successful.

However, NTP pairs take from 1 to 10 seconds (NTP may not succeed at all in exceptional cases). Moreover, after the power failure is restarted, the NTP time synchronization still needs to be performed next time before connection, and delay operation is also increased. Therefore, there is a need for a method to reduce the dependency of the device on NTP time.

In the prior art, there are several ideas to solve the above problems.

For example, the networking adopts the HTTP protocol, and does not use the HTTPs protocol, so that although there is no certificate timeliness problem and the dependence on NTP is reduced, because the HTTP protocol is not secure enough, problems such as hijacking may occur, and the communication security between the device and the server cannot be guaranteed.

Another idea is that when networking, time is not checked at all, so there is a risk of HTTPS hijacking.

Another method is to make the server certificate time long or not updated, so that the server may have a security risk. In addition, the device side of some third parties cannot intervene in certificate updating of the server side, and operability is not achieved.

Therefore, a fast connection scheme between a device and a server with high security and reduced dependence on NTP is still needed.

Disclosure of Invention

The technical problem to be solved by the present disclosure is how to provide a fast connection method between a device and a server, which can reduce the dependence on NTP and has higher security.

According to a first aspect of the present disclosure, a network system is provided, which includes a device side and a server side, wherein, in response to a connection request of the device side, the server side sends a certificate to the device side, the certificate including a certificate validity time range; under the condition that the current system time of the equipment end is not within the valid time range of the certificate, the equipment end sends a current time request to the server end; the server generates a signature based on the information carried by the current time request, and sends the current system time of the server and the signature to the equipment end; the equipment side verifies the signature based on the information and judges whether the current system time of the server side is within the valid time range of the certificate; and under the condition that the signature verification fails or the current system time of the server side is not within the valid time range of the certificate, the equipment side disconnects with the server side.

Optionally, after receiving the certificate sent by the server, the device establishes an HTTPS connection with the server, and sends the current time request to the server after establishing the HTTPS connection; and/or the device side maintains the HTTPS connection with the service side under the condition that the signature verification is successful and the current system time of the service side is within the valid time range of the certificate.

Optionally, the information includes a random number and/or a MAC address of the device side.

Optionally, the device side does not have a real-time clock for maintaining the system time, and the system time is calibrated by performing NTP time synchronization after the device side is powered on for the first time or powered off and powered back on. And under the condition that the current system time of the equipment end is not in the valid time range of the certificate due to the fact that NTP time synchronization is not executed, the equipment end sends a current time request to the server end.

Optionally, the device side includes a real-time clock for maintaining system time and a battery for powering the real-time clock. And under the condition that the current system time of the equipment end is not in the valid time range of the certificate due to insufficient battery power or failure of the real-time clock, the equipment end sends a current time request to the server end.

According to a second aspect of the present disclosure, there is provided a method for establishing a network connection between a device side and a server side, including: sending a connection request to a server; receiving a certificate returned by a server, wherein the certificate comprises a certificate valid time range; under the condition that the current system time of the equipment end is not within the valid time range of the certificate, sending a current time request to a server end; receiving the current system time and a signature of the server returned by the server, wherein the signature is generated based on the information carried by the current time request; verifying the signature based on the information and judging whether the current system time of the server side is within the valid time range of the certificate; and under the condition that the signature verification fails or the current system time of the server is not within the valid time range of the certificate, disconnecting the server.

Optionally, the method further comprises: after receiving the certificate sent by the server, before sending the current time request to the server, establishing an HTTPS connection with the server; and/or maintaining the HTTPS connection with the server under the condition that the signature verification is successful and the current system time of the server is within the valid time range of the certificate.

Optionally, the information includes a random number and/or a MAC address of the device side.

Optionally, the method further comprises: performing NTP time synchronization; after NTP time synchronization is successful, judging whether the current system time of the equipment end is within the valid time range of the certificate; and under the condition that the current system time of the equipment side is not within the valid time range of the certificate, disconnecting the equipment side from the service side.

Optionally, the method further comprises: after NTP time synchronization succeeds, recording the current time; and when the device side is restarted, using the recorded time as the system starting time.

According to a third aspect of the present disclosure, a method for establishing a network connection between a device side and a server side is provided, including: receiving a connection request sent by a device end; returning a certificate to the equipment end, wherein the certificate comprises a certificate valid time range; receiving a current time request sent by a device end; generating a signature based on the information carried by the current time request; and sending the current system time of the server and the signature to the equipment terminal.

According to a fourth aspect of the present disclosure, there is provided an apparatus side comprising: the first sending device is used for sending a connection request to the server; the first receiving device is used for receiving the certificate returned by the server, and the certificate comprises a certificate valid time range; the second sending device is used for sending a current time request to the server side under the condition that the current system time of the equipment side is not in the valid time range of the certificate; the second receiving device is used for receiving the current system time and the signature of the server end returned by the server end, wherein the signature is generated based on the information carried by the current time request; the verification device is used for verifying the signature based on the information and judging whether the current system time of the server side is within the valid time range of the certificate or not; and the connection control device is used for disconnecting the connection with the server under the condition that the signature verification fails or the current system time of the server is not within the valid time range of the certificate.

According to a fifth aspect of the present disclosure, there is provided a server, including: a third receiving device, configured to receive a connection request sent by the device side; third sending means, configured to return a certificate to the device side, where the certificate includes a certificate validity time range; a fourth receiving device, configured to receive a current time request sent by the device side; the signature device is used for generating a signature based on the information carried by the current time request; and a fourth sending device, configured to send the current system time of the server and the signature to the device side.

According to a sixth aspect of the present disclosure, there is provided a computing device comprising: a processor; and a memory having executable code stored thereon, which when executed by the processor, causes the processor to perform the method as described in the second, third aspect above.

According to a seventh aspect of the present disclosure, there is provided a non-transitory machine-readable storage medium having stored thereon executable code, which when executed by a processor of an electronic device, causes the processor to perform the method as described in the second, third aspect above.

Therefore, a quick connection scheme which can reduce the dependence on NTP and has higher safety between the equipment and the server side can be provided.

Drawings

The above and other objects, features and advantages of the present disclosure will become more apparent by describing in greater detail exemplary embodiments thereof with reference to the attached drawings, in which like reference numerals generally represent like parts throughout.

Fig. 1 shows a schematic diagram of a network system according to an embodiment of the present disclosure.

Fig. 2 shows a schematic flow chart of a method for establishing a network connection between a device side and a server side according to an embodiment of the present disclosure.

Fig. 3 shows a schematic flow chart of a method for establishing a network connection between a device side and a server side according to an embodiment of the present disclosure.

Fig. 4 shows a schematic structural diagram of a device side according to an embodiment of the present disclosure.

Fig. 5 shows a schematic structural diagram of a server according to an embodiment of the present disclosure.

FIG. 6 illustrates a schematic structural diagram of a computing device according to an embodiment of the invention.

Detailed Description

Preferred embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While the preferred embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.

The disclosure provides a network system, which includes a device side and a server side.

Fig. 1 shows a schematic diagram of a network system according to an embodiment of the present disclosure.

As shown in fig. 1, the network system includes a device side 100 and a service side 200.

The device side 100 may be a device without a real-time clock for maintaining system time. After the device end 100 is powered on for the first time or powered off and powered up again, the NTP time synchronization is executed to calibrate the system time. Thus, the current system time of the device side 100 is likely to be wrong before NTP time synchronization is performed.

Before NTP time synchronization is performed, the network connection between the device side 100 and the server side 200 may still be established through the network connection method according to the present disclosure.

Alternatively, the device side 100 may also include a real-time clock for maintaining system time and a battery for powering the real-time clock.

For example, the real-time clock may be calibrated by performing NTP time synchronization, either periodically or in response to timing instructions manually issued by a user or otherwise received by the device, in the event that the battery is sufficiently charged.

In the event of a low battery or a failure of the real time clock, the system time provided by the real time clock will no longer be accurate. In this case, the system time may be calibrated by performing NTP time synchronization.

However, before NTP time synchronization is performed, or in a case where the device side 100 is set not to perform NTP time synchronization, a network connection between the device side 100 and the server side 200 may also be established by the network connection method according to the present disclosure.

When the device side 100 needs to establish a network connection with the server side 200, it sends a connection request to the server side 200.

The server returns a certificate with a valid time range attached, e.g., a start time Tb and an end time Te.

If the real-time of the local system of the device 100 is not within the valid time range of the certificate, the authentication of the certificate may be ignored first, and the network connection between the device 100 and the server 200 is established. Then, the device side 100 may send a request for the server side system time to the server side 200, and attach information such as a random number, a MAC address, and the like.

The server 200 generates a signature based on the information sent from the device 100, and sends the server system time Tn and the signature to the device 100.

After the signature authentication is passed, if Tn is within the certificate validity time range, the network connection can be maintained between the device side 100 and the service side 200 and normal passing can be performed.

The following describes in further detail a scheme for establishing a network connection between a device side and a server side according to an embodiment of the present disclosure with reference to fig. 2 to 5.

Fig. 2 shows a schematic flow chart of a method for establishing a network connection between a device side and a server side according to an embodiment of the present disclosure.

The interaction between the device side 100 and the server side 200 is as follows. Fig. 4 shows a schematic structural diagram of an apparatus end that can be used to implement the method.

Fig. 5 shows a schematic structural diagram of a server that can be used to implement the method.

As shown in fig. 2, in step S110, the device 100 sends a connection request to the server 200, for example, through the first sending device 110.

In step S210, the service end 200 receives, for example, through the third receiving device 210, the connection request sent by the equipment end 100.

In response to the connection request of the device side 100, in step S220, the server side 200 sends the certificate to the device side 100, for example, through the third sending means 220. The certificate includes a certificate validity time range.

Here, the certificate validity time range may be determined by the certificate start time Tb and the end time Te.

In some cases, the certificate validity time range may also be determined only by the certificate start time Tb, i.e. only the certificate start time is defined.

Alternatively, in some cases, the certificate validity time range may also be determined only by the certificate end time Te, i.e., only the certificate end time is defined.

In step S120, the device 100 receives the certificate returned by the server 200, for example, through the first receiving device 120. As described above, the certificate includes a certificate validity time range.

In an embodiment, step S130 may be entered after the device side 100 receives the certificate sent by the server side 200, and the device side 100 establishes an HTTPS connection with the server side 200.

In one embodiment, assuming that the current system time of the device side 100 is Ts, in step S140, it is determined whether Tb < Ts < Te is satisfied, that is, it is determined whether the current system time Ts of the device side 100 is within the valid time range of the certificate.

If the above condition is satisfied, the process proceeds to step S180, where the HTTPS connection is maintained, and normal communication is performed.

If the above condition is not satisfied, the process proceeds to step S150, and the device 100 transmits the current time request to the server 200, for example, via the second transmitting device 130. That is, in the case that the current system time of the device side 100 is not within the valid time range of the certificate, it may be that the current system time of the device side 100 is inaccurate, and the device side 100 sends a current time request to the server side 200, for example, by the second sending device 130.

Under the condition that the device side 100 does not have a real-time clock for maintaining the system time, if the device side 100 is powered on for the first time or powered off and then powered on again when receiving the certificate sent by the server side 200, the system time is not calibrated by performing NTP time synchronization, and thus the current system time of the device side may not be within the valid time range of the certificate. In this case, the device side 100 may send the current time request to the server side 200, so as to establish a network connection between the device side 100 and the server side 200 according to the network connection method of the present disclosure.

For the device side 100 including the real-time clock, in case of low battery or failure of the real-time clock, the system time provided by the real-time clock will not be accurate any more. If the certificate sent by the server 200 is received at this time, the current system time of the device 100 may not be within the valid time range of the certificate. In this case, the device side 100 may also send the current time request to the server side 200, so as to establish a network connection between the device side 100 and the server side 200 according to the network connection method of the present disclosure.

Some information may be attached to the current time request for the server 200 to generate a signature, and the device 100 may verify the signature based on the information.

Here, the information carried by the current time request may include, for example, a random number and/or a MAC address of the device side.

Further, in step S230, the server 200 receives the current time request transmitted by the device 100, for example, through the fourth receiving device 230.

In step S240, the service end 200, for example, through the signing device 240, generates a signature based on the information carried in the current time request, for example, the random number and/or the MAC address of the device end.

Next, in step S250, the server 200 transmits the server current system time Tn and the signature generated in step S240 to the device 100, for example, through the fourth transmitting device 250.

Accordingly, in step S160, the device 100 receives, for example, through the second receiving device 140, the server current system time Tn and the signature returned by the server.

Subsequently, in step S170, the device 100, for example, through the verification apparatus 150, verifies the received signature based on the information carried in the current time request.

If the signature verification fails, the process proceeds to step S190, and the device 100 disconnects the server, for example, through the connection control device 160.

If the signature verification is successful, step S175 is executed to determine whether the current system time Tn of the server 200 is within the valid time range of the certificate, for example, whether Tb < Tn < Te is true.

If the current system time Tn of the server 200 is within the certificate validity time range, for example, Tb < Tn < Te is true, the HTTPS connection may be maintained in step S180, and normal communication may be performed.

In other words, in the case that the signature verification is successful and the server current system time Tn is within the certificate validity time range, the device side 100 determines that the server side 200 is normal and legitimate, and the device side 100 maintains the HTTPS connection with the server side 200.

If the current system time Tn of the server 200 is not within the valid time range of the certificate, the server 200 may be hijacked maliciously. In this way, when Tn is within the certificate validity time range, for example, when Tb < Tn < Te is not satisfied, the process proceeds to step S190, and the device 100 disconnects the connection with the service 200, for example, via the connection control device 160.

Thus, in the present disclosure, the device side 100 receives the certificate returned by the server side 200, and it is assumed that the start time of the certificate is Tb, the end time is Te, and the system current time of the device side 100 is Ts. If no network time pairing is successful, Ts is likely to be smaller than Tb, namely, not within the valid time range of the certificate. In the prior art, HTTPS communication would fail at this step. In the present disclosure, the validity of the certificate time is temporarily ignored, and the HTTPS connection is continued.

After ignoring the time of the server certificate, the device 100 will actively request the current time of the system after establishing the HTTPS connection successfully, and simultaneously carry information such as the random number and the MAC address. Accordingly, the server 200 can reply to the current time Tn of the server system and provide a signature according to information such as the random number and/or the MAC address.

After receiving the time Tn and the signature, the device 100 verifies the signature, and verifies whether the certificate time Tb and Te before the current time Tn is valid and whether the server is valid. If Tb < Tn < Te, the service end is normal and legal, and can continue to connect and carry out normal communication. Otherwise, the server may be hijacked maliciously, and the device may actively disconnect.

In the technical scheme of the disclosure, the validity of the certificate time is ignored in the HTTPS connection stage, so as to reduce NTP dependence. After the connection is successful, the server 200 checks the certificate time after the time synchronization is successful, so that the problem of HTTPS hijacking is avoided.

Fig. 3 shows a schematic flow chart of a method for establishing a network connection between a device side and a server side according to an embodiment of the present disclosure.

The method shown in fig. 3 may be further performed on the basis of the description above with reference to fig. 2. For the sake of brevity and clarity, not all of the steps in FIG. 2 are depicted here.

In addition to the above description, in one embodiment, as shown in fig. 3, the device side 100 may also perform NTP time synchronization in step S310. For example, the current system time of the device end 100 and the network time/actual current time may be time-synchronized through NTP. Step S310 may be performed before step S110, or may be performed after step S120.

If the certificate is verified by the system current time Tn of the service terminal 200 in the case that the system current time Ts of the device terminal 100 is not within the certificate validity time range by the method shown in fig. 2, the device terminal 100 itself already has the accurate system current time Ts after the NTP time synchronization is successful. Then, the process may proceed to step S330, and determine again whether the current system time of the device 100 is within the valid time range of the certificate, for example, determine whether Tb < Ts < Te holds.

If the current system time Ts of the device side is within the valid time range of the certificate, the HTTPS connection may be maintained for normal communication in step S340.

If the current system time Ts of the device 100 is not within the valid time range of the certificate, the process may proceed to step S350, and the device 100 disconnects from the server 200.

In this way, the security of the network connection can be further improved.

In one embodiment, the method for establishing a network connection between the device side and the server side further includes after step S310, that is, after NTP time synchronization is successful, entering step S320, and recording the current time Tt.

In this way, the recorded time Tt may be used as the system start time T0 when the device side 100 is restarted.

After each time NTP time synchronization is successful, a system file may be updated and written to the current time Tt. Accordingly, if the subsequent device 100 is powered off and restarted, Tt may be used as the system start time T0 by default. In this way, updating T0 using the current time Tt after the last NTP time synchronization instead of using the compilation time as T0 can reduce the time difference between the device side 100 and the server side 200, thereby reducing the scenario where the HTTPS certificate time verification fails in step S130.

Furthermore, the whole scheme can be implemented by the device side 100 basically. In this scheme, the server 200 only adds the functions of issuing the current time Tn of the system and signing the time, so that the implementation is simple, and the dependence on NTP can be effectively reduced.

Therefore, the method for establishing the network connection between the equipment side and the server side can reduce the dependence on the NTP and carry out quick connection with higher safety performance.

Fig. 6 is a schematic structural diagram of a computing device that can be used to implement the method for establishing a network connection between the device side and the server side according to an embodiment of the present invention.

Referring to fig. 6, computing device 600 includes memory 610 and processor 620.

The processor 620 may be a multi-core processor or may include a plurality of processors. In some embodiments, processor 620 may include a general-purpose host processor and one or more special coprocessors such as a Graphics Processor (GPU), a Digital Signal Processor (DSP), or the like. In some embodiments, processor 620 may be implemented using custom circuits, such as an Application Specific Integrated Circuit (ASIC) or a Field Programmable Gate Array (FPGA).

The memory 610 may include various types of storage units, such as system memory, Read Only Memory (ROM), and permanent storage. Wherein the ROM may store static data or instructions that are required by the processor 620 or other modules of the computer. The persistent storage device may be a read-write storage device. The persistent storage may be a non-volatile storage device that does not lose stored instructions and data even after the computer is powered off. In some embodiments, the persistent storage device employs a mass storage device (e.g., magnetic or optical disk, flash memory) as the persistent storage device. In other embodiments, the permanent storage may be a removable storage device (e.g., floppy disk, optical drive). The system memory may be a read-write memory device or a volatile read-write memory device, such as a dynamic random access memory. The system memory may store instructions and data that some or all of the processors require at runtime. In addition, the memory 610 may include any combination of computer-readable storage media, including various types of semiconductor memory chips (DRAM, SRAM, SDRAM, flash memory, programmable read-only memory), magnetic and/or optical disks, may also be employed. In some embodiments, memory 610 may include a removable storage device that is readable and/or writable, such as a Compact Disc (CD), a digital versatile disc read only (e.g., DVD-ROM, dual layer DVD-ROM), a Blu-ray disc read only, an ultra-dense disc, a flash memory card (e.g., SD card, min SD card, Micro-SD card, etc.), a magnetic floppy disk, or the like. Computer-readable storage media do not contain carrier waves or transitory electronic signals transmitted by wireless or wired means.

The memory 610 stores executable code, which when processed by the processor 620, causes the processor 620 to perform the above-mentioned method for establishing a network connection between the device side and the service side.

The device side, the server side, the network system and the method for establishing the network connection between the device side and the server side according to the present invention have been described in detail above with reference to the accompanying drawings.

Furthermore, the method according to the invention may also be implemented as a computer program or computer program product comprising computer program code instructions for carrying out the above-mentioned steps defined in the above-mentioned method of the invention.

Alternatively, the invention may also be embodied as a non-transitory machine-readable storage medium (or computer-readable storage medium, or machine-readable storage medium) having stored thereon executable code (or a computer program, or computer instruction code) which, when executed by a processor of an electronic device (or computing device, server, etc.), causes the processor to perform the steps of the above-described method according to the invention.

Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both.

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems and methods according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

Having described embodiments of the present invention, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or improvements made to the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.

16页详细技术资料下载

Equipment end, server end, network system and network connection method

相关技术

网友询问留言