Data processing device and method for establishing rights to manage a data processing device
By receiving, encrypting, and signing data through a data processing device, and using certificates to verify the source, the problem of secure interaction and access management of the data processing device in the Internet environment is solved, and secure activation and configuration are achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- WAGO VERW GMBH
- Filing Date
- 2025-12-08
- Publication Date
- 2026-07-14
Smart Images

Figure CN122394825A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to a data processing apparatus and a method for establishing permissions to manage the data processing apparatus. In particular, this invention relates to a method for establishing permissions to manage the data processing apparatus by means of encryption, certificates, and / or signatures. Background Technology
[0002] To facilitate user (end customer) activation of the data processing device, the device can be pre-configured at the factory to log in upon startup with a unique identifier on a portal (operated by the end customer, manufacturer, or third-party vendor). This portal provides the data processing device with the latest firmware and / or allows for user-customized configuration. Depending on the application scenario, this portal can be provided on the user's publicly inaccessible intranet or on the publicly accessible internet (by the manufacturer or third-party vendor). In particular, when the portal is provided on the internet, ensuring secure interaction between the data processing device and the portal to prevent unauthorized intrusion is advantageous. Summary of the Invention
[0003] A method according to the invention includes: receiving first data via a data processing device; determining, via the data processing device, the source of the first data based on encryption of at least a portion of the first data, a certificate provided with the first data, and / or a signature of the first data; and establishing, via the data processing device, the source as authorized to manage the data processing device in the future. The method may further include processing the first data via the data processing device. For example, the first data may contain information on the activation and / or configuration of the data processing device and / or software to be executed by the data processing device and / or software updates to be executed by the data processing device.
[0004] Hereinafter, the term "data processing apparatus" as used in the specification and claims is particularly understood as an apparatus having a processor and a non-volatile memory, wherein machine-readable instructions are stored in the memory, and execution of these instructions by the processor causes data to be read and processed. The data being read may, for example, be status data describing the state of a device controlled by the data processing apparatus or a system including the data processing apparatus, and the data processing apparatus may be configured to derive control data for controlling the device from the status data and / or forward the status data to a higher-level control device that determines control data for controlling the device based on the status data. Regarding the deriving and / or forwarding of status data, the data processing apparatus may be configured when enabled.
[0005] Furthermore, the term "data network" as used in the specification and claims is particularly understood to refer to a decentralized network comprising multiple nodes and data lines connecting the nodes, such as the Internet or a (non-public) intranet. Additionally, the term "server" as used in the specification and claims is particularly understood to refer to a node in a data network that provides one or more services to (authorized) nodes in the data network. These services can be invoked by (authorized) nodes in the data network by the (authorized) node sending a corresponding request to the server, and the server determining that the node is authorized to request the service. For example, a service could be the server providing specific data to the (requesting) node.
[0006] Furthermore, the term "encryption" as used in the specification and claims is particularly understood to mean the conversion of plaintext data into encrypted data constituting a document or part of a document using a secret key ("private key"). Subsequently, a reverse conversion using a public key is performed to determine the source of the first data. In this context, the term "source" as used in the specification and claims is particularly understood to mean an individual or entity that lawfully possesses the secret signing key and has encrypted at least a portion of the first data, or has encrypted at least a portion of the first data at its instruction.
[0007] Furthermore, the term "certificate" as used in the specification and claims is specifically understood as a data structure containing a public key and identity information of an individual, entity, or domain name assigned a public key by a "Certification Authority" (CA). The certificate can be signed using the CA's secret key, thereby guaranteeing the authenticity of the certificate. In this context, the term "source" as used in the specification and claims is specifically understood as the individual, entity, or domain name stored in the certificate. For example, a certificate may have a field named "Generic Name" (CN) and store a domain name belonging to a specific individual or entity.
[0008] Furthermore, the term "signature" as used in the specification and claims is specifically understood to mean a value calculated by means of a secret signature key using a hash value (derived from at least a portion of the first data), the use of which is verified by applying a public verification key. In this context, the term "source" as used in the specification and claims is specifically understood to mean the individual or entity that lawfully possesses the secret signature key.
[0009] Furthermore, the phrase “source of authorized future management of data processing apparatus” used in the specification and claims is particularly understood to mean that the data processing apparatus uses the data only when the data comes from the source and discards the data when the data does not come from the source, and the data contains information on the activation and / or configuration of the data processing apparatus, and / or software to be executed by the data processing apparatus, and / or updates to the software to be executed by the data processing apparatus.
[0010] For example, before receiving the first data, a data field in the data processing device for storing authorized sources can be empty or preset to a default value, thus preparing the data processing device to accept data from any source for managing the data processing device. After receiving the first data, when the data field is assigned a value accordingly, the data processing device will only accept data from that source for managing the data processing device. The data processing device may also have manually operable elements that result in the deletion (or restoration of default values) of entries in the data field. This establishes a new association between the data processing device and the authorized source.
[0011] The origin of the first data can be determined based on a certificate or a signature. For example, the first data may contain a certificate and may be signed using a secret signing key associated with that certificate. In particular, the origin of the first data can be determined based on the name in the certificate. For example, the origin of the first data can be determined based on the CN in the certificate.
[0012] The method may further include: receiving second data via a data processing device; determining the source of the second data via the data processing device based on encryption of at least a portion of the second data, a certificate provided with the second data, and / or a signature of the second data; and processing the second data via the data processing device when the first data and the second data come from the same source.
[0013] The second data may include information on the activation and / or configuration of the data processing device and / or software to be executed by the data processing device and / or software updates to be executed by the data processing device.
[0014] The data processing apparatus according to the invention includes a processor and a non-volatile memory, wherein machine-readable instructions are stored in the memory, and the processor executes these instructions to cause a data processing unit to contact a server via a data network and receive first data when the data processing apparatus is enabled, determine the source of the first data based on encryption of at least a portion of the first data, a certificate provided with the first data, and / or a signature of the first data, and establish the source as authorized to manage the data processing apparatus in the future.
[0015] The origin of the first data can be determined based on a certificate or signature. For example, the first data may contain a certificate, and the first data may be signed using a secret signing key associated with that certificate. In particular, the origin of the first data can be determined based on the name in the certificate. For example, the origin of the first data can be determined based on the CN in the certificate.
[0016] The processor can also execute machine-readable instructions stored in memory, enabling the data processing device to contact a server via a data network and receive second data, determine the source of the second data based on encryption of at least a portion of the second data, a certificate provided with the second data, and / or a signature of the second data, and process the second data when the second data comes from the same source as the first data.
[0017] The first data and / or the second data may contain information about the configuration of the data processing device and / or software to be executed by the data processing device and / or software updates to be executed by the data processing device.
[0018] Furthermore, it goes without saying that all the characteristics of the descriptions associated with the method can also be characteristics of the data processing device, and vice versa. Attached Figure Description
[0019] The invention is described below in detail with reference to embodiments, wherein reference is made to the accompanying drawings, in which:
[0020] Figure 1 A server and a data processing device are shown, the data processing device receiving first data from the server;
[0021] Figure 2 A flowchart illustrating the steps for identifying and establishing the source of an authorized future data processing device;
[0022] Figure 3 The server, data processing apparatus, and first data are shown according to the first embodiment;
[0023] Figure 4 The server, data processing device, and first data are shown according to the second embodiment;
[0024] Figure 5 The server, data processing device, and first data are shown according to the third embodiment;
[0025] Figure 6 The generation of a certificate according to one implementation method is shown; and
[0026] Figure 7 A flowchart illustrating a method for establishing permissions for managing data processing devices.
[0027] In the accompanying drawings, identical or similar elements are identified by the same reference numerals. Detailed Implementation
[0028] Figure 1 A data processing device 10 is shown, having a processor 12 and a memory 14. The data processing device 10 may, for example, have a microcontroller and may be configured as an input / output module of a fieldbus coupler or a modular fieldbus node. When the data processing device 10 is enabled, it sends a message 60 via a data network 20 to a server 100 hosting a corresponding portal. This message 60 identifies the data processing device 10 and is understood by the server 100 as a request to transmit data 30 stored on the server 100 (or another server) regarding the authority to manage the data processing device 10. This data is used by the data processing device 10 to determine who is authorized to manage the data processing device 10 in the future. Therefore, it can be checked whether subsequently received data 50 originates from a source authorized to manage the data processing device 10.
[0029] like Figure 2 As shown, upon receiving data 30, data processing device 10 can check whether a source authorized to manage data processing device 10 in the future has been established. If not, data processing device 10 can determine the source of data 30 based on encryption of at least a portion of data 30, a certificate provided with data 30, and / or a signature of data 30, and establish that source as authorized to manage data processing device 10 in the future. Furthermore, data processing device 10 can process data 30. If data 30 contains configuration information for data processing device 10, the configuration can be applied. If data 30 contains software to be executed by data processing device 10 (e.g., firmware and / or one or more custom applications), the software can be stored and executed in memory 14. If data 30 includes an update to the software executed by data processing device 10, the software can be updated.
[0030] If data 50 is subsequently received again for the management data processing device 10, such as data containing configuration information of the data processing device 10 and / or software to be executed by the data processing device 10 and / or updates to the software to be executed by the data processing device 10, the data processing device 10 determines the origin of the data 50 based on encryption of at least a portion of the data 50, a certificate provided with the data 50, and / or a signature of the data 50, and checks whether the origin of the data 50 is authorized to the management data processing device 10. If the origin of the data 50 is authorized to the management data processing device 10, the data 50 is processed. If the data 50 contains configuration information of the data processing device 10, the configuration can be applied. If the data 50 contains software to be executed by the data processing device 10, the software can be stored in the memory 14 and executed. If the data 50 contains updates to the software to be executed by the data processing device 10, the software can be updated.
[0031] If the source of data 50 is not authorized to manage the data processing device 10, the data processing device 10 may display an error to the server 100 via a message and discard the data 50. The server may then, for example, inspect the data 50 and correct it if necessary. When data 50 is not provided through the server 100 (or other servers) but originates from a source not authorized to manage the data processing device 10, further measures may be taken as necessary to increase the difficulty of future attempts to unauthorizedly manage the data processing device 10.
[0032] Figure 3 Data 30 according to a first embodiment is shown. In this embodiment, data 30 includes information 32 on the activation and / or configuration of the data processing device 10, software and / or software updates 34, and source information 36. The source information can be encrypted with a secret key assigned to the source, so that the authenticity of the information can be checked by the data processing device 10 with a (public) verification key associated with the source.
[0033] Figure 4 Data 30 according to the second embodiment is shown. In this embodiment, data 30 includes information 32 on the activation and / or configuration of the data processing device 10, software and / or software updates 34, source information 36, and a signature 40. Subsequently, the authenticity of the information can be verified by the data processing device 10 using a (public) verification key associated with the signature.
[0034] Figure 5Data 30 according to a third embodiment is shown. In this embodiment, data 30 includes information 32 on the activation and / or configuration of the data processing device 10, software and / or software updates 34, a certificate 38, and a signature 40. The authenticity of the certificate 38 can be checked by the data processing device 10 using a (public) verification key associated with the signature 40, and the data processing device 10 can extract source information from the certificate 38.
[0035] Figure 6 The process of creating certificate 38 according to one implementation is illustrated. In this process, source 200 (e.g., an end customer or a third-party vendor commissioned by the end customer) creates a "Certificate Signing Request" (CSR) and sends it to manufacturer 300 (or a third-party vendor commissioned by manufacturer 300), which generates the certificate and transmits it to the source. Here, since the secret key of source 200 is retained at the source, the information encrypted with the secret key is strong evidence that the information comes from source 200.
[0036] Figure 7 A flowchart illustrating a method for establishing authority over a data processing device 10 is shown. The method begins in step 400 with receiving data 30 via the data processing device 10. In response to the receipt of data 30, in step 410, the data processing device 10 determines the source 200 of data 30 based on encryption of at least a portion of data 30, a certificate 38 provided with data 30, and / or a signature 40 of data 30. If no source has yet been established as authorized to manage the data processing device 10 in the future, the data processing device 10 establishes source 200 as authorized to manage the data processing device 10 in step 420.
[0037] List of reference numerals
[0038] 10 Data Processing Devices
[0039] 12 processors
[0040] 14 memory
[0041] 20 Data Network
[0042] 30 data
[0043] 32. Enable and / or configure information
[0044] 34 Software / Software Updates
[0045] Information from 36 sources
[0046] 38 Certificates
[0047] 40 signatures
[0048] 50 data
[0049] 60 News
[0050] 100 servers
[0051] 200 sources
[0052] 300 manufacturers
[0053] 400 steps
[0054] 410 steps
[0055] 420 steps
Claims
1. A method for establishing permissions for managing a data processing device (10), comprising: The first data (30) is received by the data processing device (10); The source (200) of the first data (30) is determined by the data processing device (10) based on the encryption of at least a portion of the first data (30), the certificate (38) provided with the first data (30) and / or the signature (40) of the first data (30); as well as The source (200) is designated as authorized to manage the data processing device (10) in the future by the data processing device (10).
2. The method for establishing permissions for the management data processing device (10) according to claim 1, wherein, The source (200) of the first data (30) is determined based on the certificate (38) or the signature (40).
3. The method for establishing permissions for the management data processing device (10) according to claim 2, wherein, The source (200) of the first data (30) is determined based on the name in the certificate (38).
4. The method for establishing permissions for the management data processing device (10) according to any one of claims 1 to 3, further comprising: The second data (50) is received by the data processing device (10); The source (200) of the second data (50) is determined by the data processing device (10) based on the encryption of at least a portion of the second data (50), the certificate (38) provided with the second data (50) and / or the signature (40) of the second data (50); as well as When the first data (30) and the second data (50) come from the same source (200), the second data (50) is processed by the data processing device (10).
5. The method for establishing permissions for a data processing device (10) according to any one of claims 1 to 4, wherein, The first data (30) and / or the second data (50) contain information on the activation and / or configuration of the data processing device (10) and / or software to be executed by the data processing device (10) and / or software updates to be executed by the data processing device (10).
6. A data processing device (10), comprising: Processor (12); as well as Non-volatile memory (14); The memory (14) stores machine-readable instructions, which are executed by the processor (12) to enable the data processing unit (10) to: When the data processing device (10) is activated, it contacts the server via the data network (20) and receives the first data (30); The source (200) of the first data (30) is determined based on the encryption of at least a portion of the first data (30), the certificate (38) provided with the first data (30), and / or the signature (40) of the first data (30); and The source (200) is designated as authorized to manage the data processing device (10) in the future.
7. The data processing apparatus (10) according to claim 6, wherein, The source (200) of the first data (30) is determined based on the certificate (38) or the signature (40).
8. The data processing apparatus (10) according to claim 7, wherein, The source (200) of the first data (30) is determined based on the name contained in the certificate (38).
9. The data processing apparatus (10) according to any one of claims 6 to 8, wherein, The data processing device (10) is also enabled by the processor (12) to execute machine-readable instructions stored in the memory (14): The server (100) is contacted through the data network (20) and the second data (50) is received. The source (200) of the second data (50) is determined based on the encryption of at least a portion of the second data (50), the certificate (38) provided with the second data (50), and / or the signature (40) of the second data (50); and When the second data (50) and the first data (30) come from the same source (200), the second data (50) is processed.
10. The data processing apparatus (10) according to claim 9, wherein, The first data (30) and / or the second data (50) contain information about the configuration of the data processing device (10) and / or software to be executed by the data processing device (10) and / or software updates to be executed by the data processing device (10).