M2M (Machine-to-Machine Communications, Machine-to-Machine Communications) is a networking application and service which takes machinery intelligent interaction as the core. FIG. 1 is a typical M2M system architecture, in which various M2M terminals are connected to an M2M service platform directly or through an M2M gateway, while various M2M applications (such as, electric meter reading, intelligent transportation, etc.), obtain, through an M2M service platform, data collected by an M2M terminal, or obtain, through which an M2M service platform controls a M2M terminal, data collected.
Since the data interacted between a M2M application and a M2M terminal always has high commercial value or sensibility, the M2M system needs to have an ability of supporting the encrypted data transmission to avoid the useful data information being leaked to any malicious third party. Also, in order to meet the supervisory requirement of the state security Authority and the relevant Regulation Institutions, the M2M service platform is required to be capable of knowing the corresponding communication encryption key, and decrypting and acquiring, under the authorization of the relevant Regulation Institutions, the data content transmitted between a M2M terminal and a M2M application. Therefore, the M2M service platform can be used as KDC (Key Distribution Center, Key Distribution Center) to distribute a communication encryption key to a M2M terminal and to a M2M application respectively, and to store the encryption key for lawful interception.
The inventor has found at least the following problems in the prior art during the implementation of the disclosed embodiments: In practical deployment, if the same communication encryption key is simply distributed to all M2M applications and M2M terminals, because it can not be assured that different M2M applications are isolated form each other, the communication encryption key may be obtained easily, and the security of communication data can not be guaranteed.
However, if the M2M service platform distributes different communication encryption keys to all M2M applications and M2M terminals respectively and takes charge of decryption and re-encryption processing during the process of data content forwarding, the processing load of the M2M service platform is higher when the volume of the M2M terminals and the M2M applications is larger, which requires the M2M service platform to have higher processing performance.
In addition, if the M2M service platform distributes the same communication encryption key to the M2M terminal and the M2M application which effect service communication with each other and forwards the data content through transparent transmission, the M2M terminal needs to effect encryption-transmission and reception-decryption one by one with different communication encryption key when one M2M terminal effect service communications with a plurality of M2M applications. However, the M2M terminals are usually some sensors or microcontrollers which have lower processing capability and limited power supply, thereby they can not support the encryption processing logic of large volume operations and complicated message transceiving mechanism.