Patent Application
20170063824
This application is based on and claims priority to Chinese Patent Application Serial No. CN201510542826.5, filed with the State Intellectual Property Office of P. R. China on Aug. 28, 2015, the entire content of which is incorporated herein by reference.
The present disclosure relates to network technology field, and more particularly to a method and a device for determining a control authority on a user device, and as terminal device.
A camera and an infrared monitoring device are user devices closely associated with user privacy and property safety, therefore the safety of the user devices in the course of using is very important for a user. In the related art, when the user needs to control a user device via a terminal device, the terminal device needs to send a control instruction to a server; after user identity passes authentication in the server, the server sends the control instruction to the user device. If the terminal device and the user device are within a same local area network, the control instruction is still forwarded to the user device through the server, which increases a time cost in transmitting the control instruction.
In order to solve problems in the related art, the present disclosure provides a method and a device for determining a control authority on a user device as well as a terminal device, which reduces the time cost in transmitting the control instruction.
Aspects of the disclosure provide a method for controlling an electronic device. The method includes sending, by a terminal device having a user account, a request message carrying identity information of the user account to a server to request a token from the server in order to control the electronic device, receiving the token returned by the server in response to the request message after the identity information is authenticated by the server, and determining a control authority of the user account on the electronic device according to the token.
In an example, the method further includes scanning to detect electronic devices that are within a control area, and sending a control instruction for controlling the electronic device to the server when a device identifier of the electronic device is not detected within the control area of the terminal device. The control instruction carries the identity information of the user account, and the server is configured to authenticate the identity information of the user account and cause the electronic device to be controlled according to the control instruction when the identity information is authenticated.
According to an aspect of the disclosure, the method includes determining whether the token is cached in the terminal device before sending the request message and determining the control authority of the user account on the electronic device according to the token when the token is cached in the terminal device. In addition, the method includes sending the request message to the server to request the token to control the electronic device when the token is not cached in the terminal device.
According to an aspect of the disclosure, the token is generated by the electronic device according to a bash algorithm based on an initial token of the electronic device assigned by a factory of the electronic device, a string and a Media Access Control address of the electronic device. In an example, the string is generated by the electronic device according to as time to generate the token and has a predetermined length.
Aspects of the disclosure provide a terminal device that includes a processor and a memory, configured to store instructions executable by the processor. The processor is configured to send a request message carrying identity information of a user account on the terminal device to a server to request a token from the server in order to control an electronic device, receive the token returned by the server in response to the request message after the identity information is authenticated by the server, and determine to control authority of the user account on the electronic device according to the token.
According to an aspect of the disclosure, the processor is configured to detect electronic devices that are within a control area of the terminal device, and send a control instruction for controlling the electronic device to the server when a device identifier of the electronic device is not detected within the control area of the terminal device. The control instruction carries the identity information of the user account, and the server is configured to authenticate the identity information of the user account and cause the electronic device to be controlled according to the control instruction when the identity information is authenticated.
In an example, the processor is configured to determine whether the token is cached in the terminal device before sending the request message and determine the control authority of the user account on the electronic device according to the token when the token is cached in the terminal device. In addition, the processor is configured to send the request message to the server to request the token to control the electronic device when the token is not cached in the terminal device.
Aspects of the disclosure provide a non-transitory computer-readable storage medium having stored therein instructions that, when executed by a processor in a device, causes the device to perform operations for controlling an electronic device. The operations include sending a request message carrying identity information of a user account on the device to a server to request a token from the server in order to control the electronic device, receiving the token returned by the server in response to the request message after the identity information is authenticated by the server, and determining a control authority of the user account on the electronic device according to the token.
It should be understood that, the above general description and following detail description are exemplary and explanatory, and shall not be construed to limit the present disclosure.
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and, together with the description, serve to explain the principles of the invention.
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. The following description refers to the accompanying drawings in which the same numbers in different drawings represent the same or similar elements unless otherwise represented. The implementations set forth in the following description of exemplary embodiments do not represent all implementations consistent with the invention. Instead, they are merely examples of apparatuses and methods consistent with aspects related to the invention as recited in the appended claims.
In step S101, if a device identifier of a user device is found in a process of scanning for local devices, a request message for requesting a first token of the user device is sent to a server, in which the request message carries identity authentication information of a user.
In an embodiment, a multicast Domain Name System (mDNS) may be used to determine whether there is a user device within a local area network. In an embodiment, the user device may be a smart air conditioner, a smart air purifier, a smart water purifier, a smart TV box and other smart home devices, and the terminal device may control the user device via the local area network or an internet. In an embodiment, different from the device identifier of the user device, the first token is a private identifier of the user device, and the first token can only be obtained by the terminal device having the control authority. In an embodiment, the first token may be a random string assigned when the user device leaves a factory and indicating an unique number of the user device; in another embodiment, the first token may be generated by a hash algorithm according to an initial token of the user device, a random string and a Media Access Control (MAC) address of the user device, the hash algorithm may be MD5 etc., and shall not be construed to limit the present disclosure.
In step S102, after the identity authentication information passes authentication in the server, the first token returned by the server according to the request message is received.
In an embodiment, the identity authentication information may include a user account name and an account password, and the server may determine whether there is a need to return the first token to the terminal device according to the authority of the user account name recorded on the server.
In step S103, a local control authority of the user on the user device is determined according to the first token.
In an embodiment, the local control authority may be determined according to a type of the user device, for example, if the user device is the smart air purifier, a specific control authority may be controlling a switch of the smart air purifier, and regulating a working mode (e.g. an automatic mode, a sleep mode, and a high-speed mode) of the smart air purifier; for another example, if the user device is the smart TV box, a specific control authority may be controlling a switch of the smart TV box, and regulating a channel and a volume of the smart TV box.
As shown in
As shown in
In the present embodiment, if the device identifier of the user device is found in the process of scanning for the local devices, the terminal device determines the local control authority of the user on the user device according to the first token returned by the server after the terminal sends the request message for requesting the first token to the server and the identity authentication information carried in the request message passes authentication in the server, such that from then on, the terminal device does not need to send the control instruction to the server for forwarding the control instruction to user device when the terminal device needs to perform the instruction control on the user device, thus reducing the time cost in transmitting the control instruction. In addition, since the first token is sent to the terminal device by the server after the identity authentication information passes authentication in the server, it ensures that the terminal device has a legal control authority on the user device, thus ensuring the safety of the user device in the process of controlling.
In an embodiment, the method may further include:
In an embodiment, the method may further include:
In an embodiment, if the first token is a token reset by the user device, the first token is generated by a hash algorithm according to an initial token of the user device, a random string and a MAC address of the user device, in which the initial token is randomly assigned when the user device leaves a factory.
In an embodiment, the random string may be generated by the user device when resetting a token and may have a predetermined length.
Referring to embodiments as follows, a process of determining the control authority on the user device is provided.
In conclusion, with the method provided in the present disclosure, when the terminal device needs to perform the instruction control on the user device afterwards, the terminal device does not need to send the control instruction to the server for forwarding the control instruction to the user device, thus reducing the time cost in transmitting the control instruction; in addition, it ensures that the terminal device has a legal control authority on the user device, and the safety of the user device in the process of controlling is ensured.
The technique solution provided by embodiments of the present disclosure is described in detail with specific embodiments as follows.
In step S201, it is determined whether a device identifier of a user device is found in a process of scanning for local devices, if yes, a local control authority on the user device is determined according to above described embodiment, and if no, step S202 is executed.
In step S202, it is determined whether a user needs to remotely control the user device, if yes, step S203 is executed, and if no, the process ends.
In step S203, a control instruction for controlling the user device is sent to the server, in which the control instruction carries identity authentication information of the user.
In an embodiment, the identity authentication information of the user may be bound to respective user devices.
In step S204, after the identity authentication information passes authentication in the server, the user device is controlled according to the control instruction.
As shown in
As shown in
Based on the beneficial effects of the technical solutions in the above described embodiment, the present embodiment may have following beneficial effects. When there is a need to remotely control the user device, the identity authentication information is carried in the control instruction for controlling the user device, and the terminal device has the control authority to access and control the user device after the identity authentication information passes authentication in the server, such that a safety in the process that the terminal device remotely controls the user device is ensured.
In step S301, if a device identifier of a user device is found in a process of scanning for local devices, it is determined whether a first token is cached, if yes, step S302 is executed, and if no, step S303 is executed.
In an embodiment, if a terminal device has already obtained a local control authority on the user device, the terminal device has already performed a local control on the user device according to the first token, and in this case, the terminal device may perform the local control on the user device directly. In another embodiment, if the terminal device has not performed a local control on the user device, the terminal device does not have the local control authority, and in this case, the terminal device needs to request the first token of the user device from the server, and determines the local control authority on the user device according to the first token.
In step S302, if the first token is cached, the local control authority on the user device is obtained according to the first token cached.
In step S303, if the first token is not cached, the request message for requesting the first token of the user device is sent to the server.
In step S304, the first token returned by the server according to the request message is received, after the identity authentication information passes authentication in the server.
In step S305, the local control authority on the user device is determined according to the first token.
Detailed description of step S303 to step S305 may refer to relative description of the embodiment shown in
Based on the beneficial effects of the above described embodiment, the present embodiment may have following beneficial effects. When the user wants to perform the local control on the user device, the local control authority on the user device may be obtained directly according to the first token if the first token is cached, such that as response speed of the user device may be increased; if the first token is not cached, the request message for requesting the first token of the user device is sent to the server, and the terminal device may have the authority to access and control the user device after the identity authentication information passes authentication in the server, such that a safety of the user device in the process of remote control is ensured.
In an embodiment, if the first token is reset by the user device, the first token is generated by a hash algorithm according to an initial token of the user device, a random string and a MAC address of the user device, in which the initial token is randomly assigned when the user device leaves a factory.
In an embodiment, the random string is generated by the user device when resetting token and has a predetermined length.
For example, the first token is a token reset by the user device, and illustration is made by taking the MD5 hash algorithm as an example:
With the first token generated according to the above process, the random string is generated randomly by the user device when resetting the token, such at the random string is ensured to be associated with the current time, thus ensuring the uniqueness of the first token. The first token is generated by a hash algorithm according to the initial token of the user device, the random string and the MAC address of the user device, which ensures the first token to be unique, such that the first token is distinguished from tokens of other user devices, and a control error may be avoided by preventing the terminal device from controlling different user devices using a same token, thus enabling the terminal device to perform a more targeted control on the user device.
The first sending module 41 is configured to send a request message for requesting a first token of the user device to a server if a device identifier of the user device is found in a process of scanning for local devices, in which the request message carries identity authentication information of a user.
The receiving module 42 is configured to receive the first token returned by the server according to the request message, alter the identity authentication information sent by the first sending module 41 passes authentication in the server.
The first determining module 43 is configured to determine a local control authority of the user on the user device according to the first token received by the receiving module 42.
The second sending module 44 is configured to send a control instruction for controlling the user device to the server, if the device identifier of the user device is not found in the process of scanning for local devices and the user needs to remotely control the user device, in which the control instruction carries identity authentication information of the user.
The control module 45 is configured to control the user device according to the control instruction after the identity authentication information sent by the second sending module 44 passes authentication in the server.
In an embodiment, the device may further include a second determining module 46.
If the second determining module 46 is configured to determine whether the first token is cached.
If the second determining module 46 determines that the first token is cached, the first determining module 43 obtains the local control authority of the user on user device according to the first token cached.
If the second determining module 46 determines that the first token is not cached, the first sending module 41 sends the request message for requesting the first token of the user device to the server.
In an embodiment, if the first token is token reset by the use device, the first token is generated by a hash algorithm according to an initial token of the user device, a random string and a Media Access Control address of the user device, in which the initial token is randomly assigned when the user device leaves a factory.
In an embodiment, the random string is randomly generated by the user device when resetting a token and has a predetermined length.
With respect to the devices in the above embodiments, the specific operation modes of individual modules therein have been described detail in the embodiments regarding the methods, which will not be elaborated herein.
Referring to
The processing component 602 typically controls overall operations of the device 600, such operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing component 602 may include one more processors 620 to execute instructions to perform all or part of the steps in the above described methods. Moreover, the processing component 602 may include one or more modules which facilitate the interaction between the processing component 602 and other components. For instance, the processing component 602 may include a multimedia module to facilitate the interaction between the multimedia component 608 and the processing component 602.
The memory 604 is configured to store various types of data to support the operation of the device 600. Examples of such data include instructions for any applications or methods operated on the device 600, contact data, phonebook data, messages, pictures, video, etc. The memory 604 may be implemented using any type of volatile or non-volatile memory devices, or a combination thereof, such as a static random access memory (SRAM), an electrically erasable programmable read-only memory (EEPROM), an erasable programmable read-only memory (EPROM), a programmable read-only memory (PROM), a read-only memory (ROM), a magnetic memory, a flash memory, a magnetic or optical disk.
The power component 606 provides power to various components of the device 600. The power component 606 may include a power management system, one or more power sources, and any other components associated with the generation, management, and distribution of power in the device 600.
The multimedia component 608 includes a screen providing an output interface between the device 600 and the user. In some embodiments, the screen may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes the touch panel, the screen may be implemented as a touch screen to receive input signals from the user. The touch panel includes one or more touch sensors to sense touches, swipes, and other gestures on the touch panel. The touch sensors may not only sense a boundary of a touch or swipe action, but also sense a duration time and a pressure associated with the touch or swipe action. In some embodiments, the multimedia component 608 includes a front camera and/or a rear camera. The front camera and the rear camera may receive external multimedia data while the device 600 is in an operation mode, such as a photographing mode or a video mode. Each of the front camera and the rear camera may be a fixed optical lens system or have focus and optical zoom capability.
The audio component 610 is configured to output and/or input audio signals. For example, the audio component 610 includes a microphone (MIC) configured to receive an external audio signal when the intelligent device 600 is in an operation mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signal may be further stored in the memory 604 or transmitted via the communication component 616. In some embodiments, the audio component 610 further includes a speaker to output audio signals.
The I/O interface 612 provides an interface for the processing component 602 and peripheral interface modules, such as a keyboard, a click wheel, buttons, and the like. The buttons may include, but are not limited to, a home button, a volume button, a starting button, and a locking button.
The sensor component 614 includes one or more sensors to provide status assessments of various aspects of the device 600. For instance, the sensor component 614 may detect an open/closed status of the device 600 and relative positioning of components (e.g. the display and the keypad of the device 600). The sensor component 614 may also detect a change in position of the device 600 or of a component in the device 600, a presence or absence of user contact with the device 600, an orientation or an acceleration/deceleration of the device 600, and a change in temperature of the device 600. The sensor component 614 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact. The sensor component 614 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor component 614 may also include an accelerometer sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 616 is configured to facilitate wired or wireless communication between the device 600 and other devices. The device 600 can access a wireless network based on a communication standard, such as WIFI, 2G, or 3G, or a combination thereof. In one exemplary embodiment, the communication component 616 receives a broadcast signal or broadcast associated information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component 616 further includes a near field communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on a radio frequency identification (RFID) technology, an infrared data association (IrDA) technology, an ultra-wideband (UWB) technology, a Bluetooth (BT) technology, and other technologies.
In exemplary embodiments, the device 600 may be implemented with one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), controllers, micro-controllers, microprocessors, or other electronic components, for performing the above described methods.
In exemplary embodiments, there is also provided a non-transitory computer readable storage medium including instructions, such as the memory 604 including instructions. The above instructions are executable by the processor 620 in the device 600, for performing the above-described methods. For example, the non-transitory computer-readable storage medium may be a ROM, a RAM, a CD-ROM, a magnetic tape, a floppy disc, an optical data storage device, and the like.
It is noted that the various modules, sub-modules, units and components in the present disclosure can be implemented using any suitable technology. In an example, a module can be implemented using circuitry, such as integrated circuit (IC). In another example, a module can be implemented as a processing circuit executing software instructions.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed here. This application is intended to cover any variations, uses, or adaptations of the invention following the general principles thereof and including such departures from the present disclosure as come within known or customary practice in the art. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
It will be appreciated that the present invention is not limited to the exact construction that has been described above and illustrated in the accompanying drawings, and that various modifications and changes can be made without departing form the scope thereof. It is intended that the scope of the invention only be limited by the appended claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| 201510542826.5 | Aug 2015 | CN | national |
