MQTT IoT Suite Product Introduction
Profile Architecture Advantages Definitions
QuickStart
Account and Login
Products and Devices
Create Product Create Device
Device Connection
User Guide
Data Stream and Data Point Protocol Adaptation Service
Service Introduction Operation Process Development Guide Examples
Device Image
Service Introduction Console Usage
Rule Engine
Service Introduction Rule Configuration Basic Data Format SQL Built-in Function
Security Authentication
Overview Token Algorithm Token Generator Algorithm Examples
java python
Application Management
Service Introduction Controls Introduction Operating Instructions
Device Development Guide
Protocol Specifications Development Guide Development Examples Topic Cluster
Overview Data Point Topic Cluster Device Command Topic Cluster Device Image Topic Cluster
Application Development Guide
Use of API Error Code API
Query Device Register Device Remove Device Update Device Key Device Command Query Device Image Update Device Image Query Device Data Points
Best Practices
Device Connection Upload Data Points Device Synchronization Command Device Image
Change Log

Safe authorization

MQTT IoT Suite uses a security authentication policy for access authentication, that is, access authentication is based on tokens computed by core secret keys.

Security Authentication Policy

The security authentication policy mainly ensures access security in the following ways:

  • Avoiding direct network transmission of core secret keys to protect core secret keys over the network.

  • Performing identity authentication using a token signed with irreversible algorithms, so even if this token is stolen, the attacker cannot obtain core secret keys through token reversal.

  • Authentication parameter token characterized by user-defined expiration time, which can mitigate the risk of attack/counterfeit from the viewpoint of time dimension.

Common Security Solutions

Solution 1

Visitor (application or device) solidifies an access key into software. When a service access is needed, the key is used to calculate temporary token, and then this temporary token is used to authenticate the service access.

Solution 2

First of all, visitor has to get a temporary access token from the Access Administrator which can customize the validity period

(i.e. expiration time) of the token as needed, before accessing the OneNET platform.

Solution 3

The Access Administrator directly authorizes key to visitors (for example, directly burns key into the device), and then the visitor generates an access token using the key.

More help

个搜索结果,搜索内容 “

    0 个搜索结果,搜索内容 “